Update COVID-19 Cybercrime

COVID-19 Update 4/6/2020

During the COVID-19 crisis, our analysts are tracking open-source information sources to keep our followers up to date with COVID-19 Cybercrime. Today’s report:

  • A fraudulent third-party store is offering a version of Zoom that is bundled with malicious software. To avoid this scam, be sure to only download software form the official company download site. Read more in this SC magazine report.
  • Concerns over privacy prompted New York City to ban the use of Zoom by city schools and move instead to approved platforms such as Google Meet or Microsoft Teams “as soon as possible,” according to a SC Magazine report.
  • The Department of Health and Human Services (HHS) will ease the sanctioning of penalties in relation to specific data privacy breaches during the COVID19 pandemic. This will be in place for breaches related to the HIPAA privacy rule against healthcare providers or their business associates for good-faith disclosures of protected health information for public health purposes during the current health crisis Compliance Junction reports.
  • Threat actors are sending out a phishing email with the World Health Organization logo that unleashes the LokiBot trojan if downloaded and executed. The email pretends to be a WHO announcement attempting to clear up misinformation related to COVID-19, according to a Threat Post report.

 

We Can Secure Your Remote Infrastructure

IT managers must prioritize cybersecurity as they transition employees to work remotely. This massive shift in operations to a less secure home environment poses significant risks that must be managed.

ERMProtect's Weekly Newsletter

Get a curated briefing of the week's biggest cyber news every Friday.

Intelligence and Insights

GLBA Risk Assessments

GLBA Risk Assessments: A Key 1st Step in GLBA Compliance

The GLBA risk assessment is an organization’s starting point for GLBA compliance. We break it all down in this GLBA risk assessment overview …
Web Application Penetration Testing Services

Common Issues in Web Application Penetration Testing Services

Web applications are now ripe targets for hackers. Here we take a look at a few hacker attacks on web applications & how penetration testing services are critical …
Implementing NIST Risk Assessments

Implementing NIST Risk Assessments: A Step-by-Step Approach

This step-by-step guide will help organizations navigate the NIST risk assessment process effectively, leveraging the expertise of risk assessment companies and cybersecurity consulting services …