State-sponsored Hackers taking advantage of COVID-19
As most of us are already aware, malicious actors are making the most of the pandemic through digital scams and phishing.
Google claims it has detected more than 12 state-sponsored hacking groups taking advantage of the coronavirus. One of the state-sponsored campaigns said to be targeting US government employees by baiting them with various coronavirus related updates from fast-food chains, including coupons or free meals offers.
Google’s Threat Analysis Group (TAG) affirmed that Gmail automatically recognised and blocked the majority of the emails, including the malicious links. The full article is available on Wired.
Secure your Nintendo accounts
With the increase in remote working and schools closing there has been an increase in time spent online. We don’t just work from home, we also shop, watch movies and play from home. Changes in habits tend to capture attention from cybercriminals who are attempting to capitalise on the pandemic through various tactics.
Nintendo administrators declared there have been a “notable” number of reports relating to Nintendo accounts being hacked. The hackers compromise passwords and make expensive purchases on accounts that are linked to PayPal.
Users are encouraged to use two-factor authentication (2FA) to make their accounts more secure as well as use passwords managers to allow for longer and more complex passwords. More about on how to protect yourself and your family can be found on the BBC website.
Brute force attacks
A security researcher at Kaspersky, claims that generic brute force attacks have increased dramatically. These attacks make use of automated scripts that try different combinations of passwords and user IDs on accounts in the hope of hitting a gold-mine.
Predominantly a successful attack results in malicious actors having full access to the user’s files and data. The identified attacks have been aimed at users of Microsoft’s proprietary Remote Desktop Protocol (RDP), with numbers raising from 100,000 to nearly a million per day at the beginning of March.
In order to minimise this, Dmitry Galov (security researcher with Kaspersky) advised that IT admins should make RDP available only through a corporate VPN, use Network Level Authentication (NLA) and close port 3389 if RDP if not in use. More on this can be found in the “Millions of Brute-Force Attacks Remote Desktop Accounts” article.