2020 has been a crazy year for everyone – including higher education institutions. While the world scrambled to keep health care systems afloat AND hold on to flailing economies over the summer, universities and colleges dealt with a different challenge – taking an extremely social experience, the education system, and putting it online. There’s no doubt that online learning saves facility expenses and time, but it has made Higher Ed institutions – and their students and staff – much more vulnerable to cyber attacks. University systems and networks need to be accessible to students from home, and in a time when online study life and online personal life merge, students may very well be putting the institution’s systems at risk as well.

Less than three weeks have passed since we released our ransomware-themed newsletter to our subscribers, and we’ve already come across endless new headlines about big-name ransomware attacks. And we all know - when the attacks are big, the ransom prices are high!

A new android malware strain was uncovered in May, boasting the ability to steal data from 337 applications, including passwords and credit card information. Among these apps are some of the most highly-used applications on any android phone, such as Netflix, Gmail, Amazon, Uber, and more.

So much about good, basic Security comes down to proper access control. Information security, physical security, personal security, (probably even financial security?) – all security, it seems, works better when there’s proper control over who has access to what and when.

ThreatSTOP’s platform has historically allowed two levels of user access: Admin and Reporter. In this simple scheme, Admins could access everything, like creating a custom DNS Firewall policy, or whitelisting an IP across all their firewalls, while lowly Reporters got read-only access to look at reports. Two extremes of access control for what was a simpler time.

In the years since, things have really evolved in Security. It's gotten scarier outside – there are more threats, nastier ones, more sophisticated attackers, and shrewder methods. DDoS for hire, and turn-key ransomware. The myth of companies “too big to take down” or “too small to be targeted” got busted. It has gotten crazy out there.

In recent months, the global COVID-19 epidemic has forced millions of employees to work from home. While some have experience working remotely in the past, for most working from home for months on end has been a first-time experience. Cyber attackers are at large exploiting this time of chaos and panic to deploy a variety of attacks, and with millions working from home, a plethora of additional vulnerabilities and attack options arise. In this article, we will recommend 10 tips for secure remote work from your home during COVID-19.

Since the beginning of the Coronavirus epidemic, threat actors have been exploiting the panic around the deadly virus to deploy cyber attacks. Every day, more and more Coronavirus-related campaigns are spotted, and we are seeing a surge in the number of suspicious domains registered in relation to the virus every day.

To combat these prevalent attacks, our Security Research Team has curated a blocklist including thousands of malicious Covid19-related domains, integrated from our threat intelligence sources and supplemented with additional IOCs found by our team through manual analysis.

We highly recommend adding the Covid-19 domain target to your policy in order to protect yourself from these threats. You can do so by enabling the COVID19 Fake Domains – Domains target, or by enabling our Phishing bundle.

This is an opportunistic time for cyber attackers. While people are in a frenzy to buy food and masks, to figure out how they are going to work from home or how to cope with the loss of their job, cyber attackers show no mercy in taking advantage of the situation to deploy a grandiose variety of Coronavirus-themed attacks.

When people imagine threat actors tricking victims into installing malware, the first thing that comes to mind is probably email phishing or typosquatted domains. These days, digital attack vectors are so easy to deploy that physical vectors may even get a chance to fly under the radar.

In a recent campaign uncovered by Trustwave, the criminal threat group FIN7 mailed USB drives serving an unknown malware strain disguised as a free Best Buy gift card offering. The letter mailed with the USB drive states that the retail giant is sending out gift cards to its loyal customers, and the gifted credit can be used to buy products from a specific list that is found on the enclosed USB stick.

When security personnel think of email attacks, usually the first word that comes to mind is “phishing." While phishing is a very common (and sadly, very successful) attack vector, many threat actors take a different approach to gaining access to victims’ accounts. Breaching an email mailbox is a critical first step, creating a doorway to endless exploitation possibilities.

In this blog post, we will outline five different ways that cyber attackers can breach your email account and steal personal information.

Photo Cred: Forbes

Many companies have gone completely remote, and had to do it quickly in light of current events, but that doesn’t mean the need to secure company data has diminished. As more workers are accessing secure files and applications from home, there is an increased need for organizations to be thinking about how to secure those devices that are accessing that information. We have already seen evidence that criminals are trying to take advantage of this situation to launch attacks against companies, and employees working from home without the security protections of the company network are targets for opportunistic attacks.