Abuse.ch cybersecurity experts: Corporate web proxy operators shoud block outgoing network traffic towards api.telegram .org. The malware until now exploited FTP or SMTP.
NASA is worried about the increase of cyber attacks against its personnel. From phishing to malware. The SOC issued a memo to warn all the employees
NASA is worried about the increase of cyber attacks against its personnel, required to telework from home, during the coronavirus (COVID-19) outbreak. The SOC (Security Operations Center) explained that during the past few weeks, the mitigation tools have prevented success of these attempts. Furthermore, the cyber security defenders observed doubling of email phishing attempts, exponential increase in malware attacks on NASA systems, and double the number of mitigation-blocking of NASA systems trying to access malicious sites (often unknowingly), due to users accessing the Internet. Experts believe these malicious cyber-attacks will continue and likely increase during the pandemic. The SOC continues to monitor and protect the Agency, while asks employed to continue the vigilance, as they use NASA systems, and extend this to their home-computer usage as well.
The cyber security experts: Nation-states and cyber criminals are actively using the COVID-19 pandemic to exploit and target the Agency electronic devices, networks, and personal devices
In the advice background section, the cyber security experts illustrate that NASA employees and contractors should be aware that nation-states and cyber criminals are actively using the COVID-19 pandemic to exploit and target the Agency electronic devices, networks, and personal devices. Some of their goals include accessing sensitive information, user names and passwords, conducting denial of service attacks, spreading disinformation, and carrying out scams. Cybercrime have increased sending emails with malicious attachments and links to fraudulent websites, attempting to trick victims into revealing sensitive information and gain access to NASA systems, networks, and data. Lures include requests for donations, updates on virus transmissions, safety measures, tax refunds, fake vaccines, and disinformation campaigns.
Malware are delivered not only to computers, but also on mobile devices
According to the NASA’s SOC, when someone clicks on these links, the unsuspecting user has malware delivered to their system, capable of data exfiltration. This is not specific to computers, there are also phishing attacks occurring against mobile devices with similar lures, such as text messages or advertisements within applications, designed to entice victims to click on links designed to secretly have their sensitive information and account credentials harvested.