Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Coronavirus-themed attacks March 29 – April 04, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 29 to April 04, 2020. Threat actors exploit the interest in the COVID19 outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. March 30, 2020 – […]

Oxford University Lab

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 29 to April 04, 2020.

Threat actors exploit the interest in the COVID19 outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases.

Below a list of attacks detected this week.

March 30, 2020 – Your colleague was infected with COVID19, this is the latest phishing lure

Security experts uncovered a new COVID19-themed phishing campaign, the messages inform recipients that they have been exposed to the virus.

March 30 – Zeus Sphinx spam campaign attempt to exploit Covid19 outbreak

The Zeus Sphinx malware is back, operators are now spreading it exploiting the interest in the COVID19 outbreak.

March 30 – Crooks leverage Zoom’s popularity in Coronavirus outbreak to serve malware

Online communication platforms such as Zoom are essential instruments at the time of COVID19 outbreak, and crooks are attempting to exploit their popularity.

April 2 – Crooks use tainted Zoom apps to target users at home due to Coronavirus outbreak

Crooks target Android users working from home due to the COVID19 outbreak with a Trojanized version of the popular video messaging app Zoom.

April 4 – New Coronavirus-themed campaign spread Lokibot worldwide

Researchers spotted a new COVID19-themed attack, the messages pretend to be sent from the World Health Organization to deliver Lokibot infostealer.

The number of attacks continues to increase on a daily base, both cybercrime organizations and nation-state actors are using COVID19 as a lure for their campaign.

If you are interested in COVID19-themed attacks from February 1 give a look at the following posts:

https://securityaffairs.co/wordpress/99682/cyber-warfare-2/coronavirus-themed-attacks.html
https://securityaffairs.co/wordpress/100187/cyber-crime/coronavirus-themed-attacks-2.html
https://securityaffairs.co/wordpress/100698/hacking/coronavirus-themed-attacks-march-22-march-28-2020.html
[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – malware, COVID19)

[adrotate banner=”5″]

[adrotate banner=”13″]