<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

Is Zoom Actually Secure?

 

Ever since the beginning of the Coronavirus outbreak, Zoom has become the most well-known and widely used video conferencing platform. Used by corporations, universities and schools, families and more, millions of people around the world have found themselves desperately in need of a platform to hold meetings, see loved ones and cope with social distancing. The video conferencing app, that previously boasted 10 million users during busy hours, quickly shot up to 300 million during peak daytime hours. But as Zoom’s popularity rapidly rose, so did concerns about the platform’s security.

Read More

Share this:

10 Work From Home Security Tips During Quarantine

 

In recent months, the global COVID-19 epidemic has forced millions of employees to work from home. While some have experience working remotely in the past, for most working from home for months on end has been a first-time experience. Cyber attackers are at large exploiting this time of chaos and panic to deploy a variety of attacks, and with millions working from home, a plethora of additional vulnerabilities and attack options arise. In this article, we will recommend 10 tips for secure remote work from your home during COVID-19.

Read More

Share this:

Are Cyber Attackers Hacking Your Webcam?

 

What Is Camfecting?

Camfecting is the act of accessing a victim’s webcam and operating it without permission. This is usually done by infecting the camera owner’s device with malware, which then gains access to the webcam and controls it via remote access.

The thought that a stranger may be peeping at us while we are near our computers is unsettling at the least. Now, with much of the employed workforce working from home due to the global Covid-19 epidemic, we can only imagine the breach of privacy that may happen as the result of a hacked webcam. In addition to the potential loss of privacy, attackers could record victims and use the footage for blackmail or to collect ransom. Webcam hackers can also use the camera to monitor the victim’s home to learn when it is vacant.

Read More

Share this:

These Are the 3 Malware Families to Look Out for in 2020

2019 was a rough year in the cyber security realm. Attack vectors continued to broaden and develop, while attacks became more complex. Last year also saw some shifts in attack focus and targeting, such as a noted rise in ransomware attacks against enterprises and governments, while consumer targeting with ransomware decreased.

Since its beginning, 2020 has demanded the world to cope with a dramatic, hard-to-predict global pandemic. The cyber realm has been affected accordingly, with many threat actors determined to exploit the current situation, and security providers and alliances working hard to combat this exploitation. COVID-19 campaigns create new infection opportunities in addition to common ones, and it is important to keep a close watch on the development of prevalent malware families that are continuing to infect victims in a variety of different campaign types.

According to Webroot’s third annual Nastiest Malware list, these are the worst variants in each threat category.

Read More

Share this:

ThreatSTOP Launches COVID-19 Malicious Domains Target

 

Since the beginning of the Coronavirus epidemic, threat actors have been exploiting the panic around the deadly virus to deploy cyber attacks. Every day, more and more Coronavirus-related campaigns are spotted, and we are seeing a surge in the number of suspicious domains registered in relation to the virus every day.

To combat these prevalent attacks, our Security Research Team has curated a blocklist including thousands of malicious Covid19-related domains, integrated from our threat intelligence sources and supplemented with additional IOCs found by our team through manual analysis.

We highly recommend adding the Covid-19 domain target to your policy in order to protect yourself from these threats. You can do so by enabling the COVID19 Fake Domains – Domains target, or by enabling our Phishing bundle.

Read More

Share this:

An Infographic Timeline of Coronavirus-Themed Cyber Attacks

This is an opportunistic time for cyber attackers. While people are in a frenzy to buy food and masks, to figure out how they are going to work from home or how to cope with the loss of their job, cyber attackers show no mercy in taking advantage of the situation to deploy a grandiose variety of Coronavirus-themed attacks.

Read More

Share this:

Watch Out for THIS Malicious Gift Card

 

When people imagine threat actors tricking victims into installing malware, the first thing that comes to mind is probably email phishing or typosquatted domains. These days, digital attack vectors are so easy to deploy that physical vectors may even get a chance to fly under the radar.

In a recent campaign uncovered by Trustwave, the criminal threat group FIN7 mailed USB drives serving an unknown malware strain disguised as a free Best Buy gift card offering. The letter mailed with the USB drive states that the retail giant is sending out gift cards to its loyal customers, and the gifted credit can be used to buy products from a specific list that is found on the enclosed USB stick.

Read More

Share this:

A Special Message to CrowdStrike MyDNS Users

In the coming days, CrowdStrike will formally end-of-life their DNS service that many customers are using. This service takes Crowdstrike intelligence and puts it into a CrowdStrike-managed DNS resolver to protect against advanced threats that they are tracking. When this service is retired, you will no longer have protection at that layer. As an important note, there are many classes of devices that endpoint protection do not work on (medical devices, IoT, etc) but by using DNS, you can still provide a strong layer of protection.

Read More

Share this:

5 Ways Attackers Can Hack Your Email Account

 

When security personnel think of email attacks, usually the first word that comes to mind is “phishing." While phishing is a very common (and sadly, very successful) attack vector, many threat actors take a different approach to gaining access to victims’ accounts. Breaching an email mailbox is a critical first step, creating a doorway to endless exploitation possibilities.

In this blog post, we will outline five different ways that cyber attackers can breach your email account and steal personal information.

Read More

Share this:

ThreatSTOP Securing the New Work from Home Workforce For Free

Photo Cred: Forbes

Many companies have gone completely remote, and had to do it quickly in light of current events, but that doesn’t mean the need to secure company data has diminished. As more workers are accessing secure files and applications from home, there is an increased need for organizations to be thinking about how to secure those devices that are accessing that information. We have already seen evidence that criminals are trying to take advantage of this situation to launch attacks against companies, and employees working from home without the security protections of the company network are targets for opportunistic attacks.

Read More

Share this:

Home Page

ARCHIVES

see all

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter