Hackers Use COVID-19 Tracking Map to Hide Spyware(March 18, 2020)
Hackers have weaponized a legitimate COVID-19 tracking map to deliver spyware. Known as SpyMax, the malware can exfiltrate logs for texts and phone calls, and allows the attackers to activate microphones and cameras. The malware appears to be being used to spy on people in Libya.
Read more in:
– www.cyberscoop.com: Surveillance campaign against Libyans uses fake Johns Hopkins COVID-19-tracking map
Food Delivery Service in Germany Targeted with DDoS Attack(March 19, 2020)
Hackers have launched a distributed denial-of-service (DDoS) attack against the website of a food delivery service in Germany. The hackers demanded a ransom of 2 bitcoins to stop the attack. Lieferando.de, the German branch of Takeaway.com, is back online; it is not clear if they paid the ransom.
Read more in:
– www.bleepingcomputer.com: Food Delivery Service in Germany Under DDoS Attack
Mandiant Ransomware Research Shows Window of Opportunity For Defenders(March 16 & 18, 2020)
According to researchers from Mandiant, most ransomware does not deploy until at least three days after attackers have gained their initial foothold in a system. In some cases, the dwell time was much longer. Mandiant looked at “dozens of ransomware incident response investigations from 2017 to 2019.” The researchers also found that most ransomware infections occur at night or on weekends. The blog post notes that “there is often a window of time between the first malicious action and ransomware deployment. If network defenders can detect and remediate the initial compromise quickly, it is possible to avoid the significant damage and cost of a ransomware infection.”
Read more in:
– www.fireeye.com: They Come in the Night: Ransomware Deployment Trends
Social Media Turning to AI for Moderators(March 17 & 18, 2020)
Earlier this week, Facebook users began noticing that their COVID-19-related posts were being taken down. They received notifications from Facebook which said the posts violated community standards. Facebook says the issue was due to a bug in its anti-spam filter. Facebook’s content moderators had been sent home; they cannot work from home due to privacy agreements. Twitter and YouTube have also said they are sending home their content monitors. Some researchers are concerned that with content moderators absent, much of the decision-making regarding permissible posts will be left to automated systems.
Read more in:
– www.wired.com: Coronavirus Disrupts Social Media’s First Line of Defense
Cyber Security: Awareness is the key 