Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Coronavirus-themed attacks May 03 – May 09, 2020

This post includes the details of the Coronavirus-themed attacks launched from May 03 to May 09, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERShttps://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform Below […]

Oxford University Lab

This post includes the details of the Coronavirus-themed attacks launched from May 03 to May 09, 2020.

Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases.

Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS
https://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform

Below a list of attacks detected this week.

May 03 – India’s Jio COVID-19 symptom checker exposed test results

A security glitch in the self-test coronavirus symptom checker developed by India’s Jio cell network exposed test results.

May 03 – TrickBot operators exploit Coronavirus as lures

IBM X-Force researchers spotted a new COVID-19-themed campaign spreading the infamous TrickBot trojan through fake messages.

May 04 – Nation-state actors are targeting UK universities to steal info on COVID-19 research

The UK’s National Cyber Security Centre (NCSC) is warning of cyber attacks against UK universities and scientific institutes involved in COVID-19 research. 

May 07 – Snake Ransomware hits Europe’s largest private hospital operator Fresenius during COVID-19 outbreak

Snake Ransomware operators launched a new campaign that has infected numerous companies worldwide including an health care organization.

May 09 – SilverTerrier gang uses COVID-19 lures in BEC attacks against healthcare, government organizations

Nigerian cyber gang SilverTerrier, specialized in BEC attacks, used COVID-19 lures in recent attacks on healthcare and government organizations.

If you are interested in COVID19-themed attacks from February 1 give a look at the following posts:

https://securityaffairs.co/wordpress/102301/cyber-crime/coronavirus-themed-attacks-april-19-april-25-2020.html
https://securityaffairs.co/wordpress/102687/cyber-crime/coronavirus-themed-attacks-april-26-may-02-2020.html

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – COVID-19, hacking)

[adrotate banner=”5″]