National CSIRT-CY | National Computer Security Incident Response Team of Cyprus

A new phishing campaign has been spotted that pretends to be from a local hospital telling the recipient that they have been exposed to the Coronavirus and that they need to be tested.

As many around the world struggle to come to terms with the full impact that the Coronavirus will have on each of our families and communities, people are desperate for both information and hope. Threat actors exploit vulnerabilities, and many see the uncertainty of our circumstances as an opportunity. They are capitalizing on the need for news, guidance, supplies, and treatments by targeting businesses and individuals who need this information with a barrage of COVID-19-related attacks and scams.

The Tor Project released Tor Browser 9.0.7 today with a permanent fix for a bug that allowed JavaScript code to run on the Safest security level in some situations while using the previous Tor Browser version.

The TrickBot​​​​​ gang is using a malicious Android application they developed to bypass two-factor authentication (2FA) protection used by various banks after stealing transaction authentication numbers.

Three more ransomware families have created sites that are being used to leak the stolen data of non-paying victims and further illustrates why all ransomware attacks must be considered data breaches.

Hacked corporate sites and news blogs running using the WordPress CMS are being used by attackers to deliver backdoor malware that allows them to drop several second-stage payloads such as keyloggers, info stealers, and Trojans.

1.        Security requirements for remote work

https://www.europol.europa.eu/sites/default/files/documents/safe-at-home_final.pdfhttps://www.europol.europa.eu/sites/default/files/documents/safe-at-home_gr.pdf

In response to the Coronavirus (COVID-19) outbreak, many organizations are asking their employees to work remotely. This, though, brings new challenges to the workplace as users adapt to video meetings, screen sharing, and the use of remote collaboration tools.

Καθώς ο COVID-19 συνεχίζει να εξαπλώνεται παγκοσμίως, ένα πολύ μεγάλο ποσοστό χρηστών γίνονται αποδέκτες ολοένα και περισσότερων ψεύτικων και παραπλανητικών πληροφοριών στο Διαδίκτυο.

Νέα απάτη παρατηρείται τις τελευταίες ώρες με αποδέκτες πελάτες της τράπεζας Κύπρου. Επιτήδειοι καλούν τηλέφωνο σε κυπριακούς αριθμούς απο την εφαρμογή viber και δίνουν οδηγίες στον κάτοχο να τους πει τα στοιχεία της κάρτας τους για να πραγματοποιήσουν δήθεν update.

Cybersecurity researchers today uncovered a new high-severity hardware vulnerability residing in the widely-used Wi-Fi chips manufactured by Broadcom and Cypress—apparently powering over a billion devices, including smartphones, tablets, laptops, routers, and IoT gadgets.

A group of academics from Ruhr University Bochum and New York University Abu Dhabi have uncovered security flaws in 4G LTE and 5G networks that could potentially allow hackers to impersonate users on the network and even sign up for paid subscriptions on their behalf.

Security researchers have discovered a new critical vulnerability in the OpenSMTPD email server. An attacker could exploit it remotely to run shell commands as root on the underlying operating system.

Joker malware that subscribes Android users to premium services without consent is giving Google a hard time as new samples constantly bypass scrutiny and end up in Play Store.

Slickwraps has suffered a data breach after a security researcher was able to access their systems and after receiving no response to emails, publicly disclosed how they gained access to the site and the data that was exposed.

Google removed 500 malicious Chrome extensions from its Web Store after they found to inject malicious ads and siphon off user browsing data to servers under the control of attackers.

A remote access Trojan named Parallax is being widely distributed through malicious spam campaigns that when installed allow attackers to gain full control over an infected system.

Emotet, the notorious trojan behind a number of botnet-driven spam campaigns and ransomware attacks, has found a new attack vector: using already infected devices to identify new victims that are connected to nearby Wi-Fi networks.

Several Cisco-manufactured network equipment have been found vulnerable to five new security vulnerabilities that could allow hackers to take complete control over them, and subsequently, over the enterprise networks they power.