Cyware Weekly Threat Intelligence, April 13 - 17, 2020

Weekly Threat Briefing • April 17, 2020
Weekly Threat Briefing • April 17, 2020
The Good
The COVID-19 outbreak has spelled doom across the world, forcing several organizations to adopt teleworking. Medical staff and physicians are no exception. Therefore, in order to promote good cybersecurity hygiene, the American Medical Association (AMA) and the American Hospital Association (AHA) have jointly released guidelines for the remote work environment to better defend against threats that could disrupt patient care. Also, given the critical nature of the current pandemic, the Office for Civil Rights (OCR) has lifted HIPAA penalties for community-based testing sites to ease the operations of healthcare providers.
The Bad
The week saw millions of personal details and login credentials of customers being sold on underground forums. The data belonged to people associated with Zoom, Quidd, and Wappalyzer. While user data stolen from Quidd was sold for free, the user details stolen from other affected companies were tagged at an alluring price.
New threats
Talking about threats, security researchers unearthed three new malware capable of performing a variety of malicious activities. The three newly discovered malware were Mozi botnet, PoetRAT, and Speculoos backdoor. On the other hand, academics demonstrated a new attack technique called AiR-ViBeR, that could be used to pilfer data from air-gapped systems.