What happened this week? A lot of cybersecurity news! We know it is hard to keep up with the ever-changing news cycle, so we gathered this week’s biggest stories and broke them down into bite-sized reads. Take a read-through of this week’s VIPRE Weekly Roundup!
Meet EventBot, a new Android malware that steals banking passwords and two-factor codes (TechCrunch)
EventBot masquerades as legitimate applications, and is a relatively new piece of Android malware. It is able to intercept two-factor authentication code. It can then steal money from victims. While Google has made improvements to Android Security, it still helps to have dedicated security applications installed to make sure you’re safe.
Cybersecurity: The path that leads from gaming cheats to malware (ZDNet)
Developing game assistance tools and other cheats require a skillset that is adjacent to malware development. It involves hiding software from detection. Cheat developers will even use VirusTotal to verify if their code will be flagged as malware. As competitive eSports become larger, the possibility of performance enhancing cheats become more problematic.
LockBit, the new ransomware for hire: a sad and cautionary tale (Ars Technica)
LockBit is a new strain ransomware, but it has the possibility of gaining notoriety. Most ransomware attacks against corporations use a reconnaissance phase that typically lasts for months, weeks or days. During this phase a human interacts with a tool to scope out a network and where to attack. LockBit automates that process so it can take only a few hours.
Hackers publish ExecuPharm internal data after ransomware attack (TechCrunch)
ExecuPharm was hit by the Clop ransomware. The hackers threatened to sell the data if a ransom wasn’t paid. However, the hackers behind the attack published the stolen data anyway. While some ransomware groups have pledged not to attack medical facilities, others say that pharmaceutical companies benefit too much from the COVID-19 pandemic.
Microsoft releases guidance on blocking ransomware attacks (Bleeping Computer)
Microsoft recommended a number of security measures, but the main one is making sure patches are up to date. Having a product with an auto patch feature would be invaluable in that type of situation. Another security risk they found was when companies make use of older technology with weak passwords.
The post VIPRE Week Roundup: May 1, 2020 appeared first on VIPRE.
