Login

Register

Login

Register

Blue-checked fraud. Lazarus Group’s Operation Dream Job. Alexa vulnerabilities. CISA warns of COVID-19 scam. Avaddon RaaS note. | #coronavirus | #scams | #covid19


A verified but fake Twitter account that had operated in the falsely appropriated name of Dr. Jaouad Mahjour, assistant director-general of the World Health Organization (WHO) has been traced to an Iranian threat actor. The account had followed an Iranian government line of disinformation, tweeting that the US Government (specifically the Trump Administration) had been pushing WHO to test vaccines on prisoners, immigrants, and Black Americans. The Daily Beast claims the operation looks like the work of Endless Mayfly, a Tehran-aligned actor known for impersonation operations.

The Jerusalem Post reports that the Israeli Defence Ministry says it detected and stopped a campaign by North Korea’s Lazarus Group to gain access to Israeli defense companies. The Lazarus Group used a now-familiar tactic: phishing in LinkedIn with bogus job offers to targeted employees. Researchers at ClearSky (which calls the campaign “Operation Dream Job”) have details.

Check Point this morning published research indicating flaws in Amazon’s Alexa that could have enabled attackers to access personal information when users interacted with Alexa skills. Users’ information at risk included “voice history, home address and control of their Amazon account.” Amazon has fixed the vulnerabilities to cross-origin resource sharing misconfigurations and cross-site scripting. (In a relevant but unrelated discussion, NIST outlines security considerations for smart home devices.)

The US Cybersecurity and Infrastructure Security Agency (CISA) warned that an “unknown malicious cyber actor” is spoofing a US Small Business Administration COVID-19 loan relief site in phishing emails.

DomainTools has published an update on the Avaddon ransomware-as-a-service operation.



Source link

Click here to go to the original Source of this story.

______________________________________________________________________________________________

Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW