Cyware Weekly Threat Intelligence - March 16–20

Weekly Threat Briefing • March 20, 2020
Weekly Threat Briefing • March 20, 2020
The Good
Hope you all had a healthy and safe week. Here is a dose of good things that happened this week in cybersecurity. The UK’s National Cyber Security Center (NCSC) has started hunting down phishing websites that are linked to COVID-19 scams. The initiative has been taken to protect people across Europe from losing money and sensitive data to scams. Meanwhile, the creators of some prominent ransomware have taken the decision of not targeting health organizations amid this Coronavirus pandemic.
The Bad
Meanwhile, several organizations inadvertently exposed millions of records in different data leak incidents reported this week. Misconfigured S3 buckets became a major reason for data leaks at MCA Wizard and Doxzoo. Also, a UK-based research firm had come under the scanner for exposing 5 billion records on different security incidents due to an unguarded Elasticsearch database.
New threats
The week also saw various malware attack campaigns leveraging the pandemic COVID-19 crisis. The malware used in these campaigns were BlackWater backdoor, Trickbot trojan, Crimson RAT and SpyMax. Apart from this, researchers also came across two new malware - dubbed CrazyCoin virus and Nefilim ransomware - that are active in the wild.