Connect with us

Vaccine-related phishing emails and domains are popping up, while criminals are selling phony vaccines via the Dark Web, says Check Point.

Image: Pinyo

Cybercriminals have been busy this year capitalizing on every facet of the coronavirus pandemic. And now that vaccines for the virus are on the horizon, bad actors have yet another area to exploit. A report released Friday by cyber threat intelligence provider Check Point examines how the desire for the vaccine is fueling a new round of malicious campaigns and sales.

Phishing campaigns

Previously, phishing attacks had been using vaccine developments as bait to trick people. Now, they’re using news about the upcoming vaccines as an even more enticing hook.

In one campaign, the emails contain executable files with the name “Download Covid 19 New approved vaccines.23.07.2020.exe.” Clicking on the attached file installs an InfoStealer malware capable of gathering usernames, passwords, and other account details.

In another campaign, the email touts the subject line of “pfizer’s Covid vaccine: 11 things you need to know” (in English and Spanish) and includes an executable file named “Covid-19 vaccine brief summary.” Clicking on this file triggers the nasty malware called Agent Tesla, a Remote Access Trojan that acts as a keylogger and infostealer. Once employed, Agent Tesla can monitor and steal input from the keyboard and clipboard, take screenshots, and capture credentials from such programs as Google Chrome, Firefox, and Microsoft Outlook.

SEE: Identity theft protection policy (TechRepublic Premium)

These attacks have been attributed to state-backed hackers as well as criminal groups. Hackers backed by Russia and North Korea have been trying to steal data from pharmaceutical companies and vaccine researchers, Microsoft said recently. China-backed attackers have also been targeting vaccine makers, with two such individuals charged by the U.S. government in July.

Targeting both individuals and organizations, these vaccine-related campaigns will likely ramp up as the approval and distribution plans for different vaccines reach their final stages, according to Check Point.

Vaccine-related domains

News about the vaccine trials and upcoming availability prompted a jump in new domains related to COVID-19 and vaccines. Since the start of November, 1,062 new domains containing the word “vaccine” were registered, with 400 also containing the word “covid” or “corona.” Of these, six were found to be suspicious.

Vaccines from the Dark Web

As people anxiously await for the new vaccines to become available, cybercriminals are taking advantage of the intense interest and expectations. Some people may be so eager to get the vaccine that they aren’t willing to wait for official channels, which means they could be susceptible to fake promises and phony sales.


Ads from the Dark Web about COVID-19 “remedies” and vaccines.

Image: Check Point

Check Point discovered an array of posts on Dark Web forums from people claiming to have “Coronavirus vaccines” and “Coronavirus remedies” for sale. The advertisements range from “available corona virus vaccine $250” to “Say bye bye to COVID19=CHLOROQUINE PHOSPHATE” to “Buy fast.CORONA-VIRUS VACCINE IS OUT NOW.”

The vendors all insist on being paid in bitcoin (which minimizes their chances of being traced). In one post, the seller was offering an unspecified COVID-19 vaccine for 0.01 BTC (around $300) and claimed that 14 doses were required. This contradicts official information stating that some COVID vaccines require two shots given three weeks apart.

In another post, the seller claims to have supply of a newly approved vaccine from a leading vaccine maker for sale and delivery from the UK, US, and Spain.

In yet another advertisement, the vendor is promoting Chloroquine as a regular coronavirus “treatment,” for only $10 with the line: “Hydroxychloroquine, a medicine for malaria that has been touted as a treatment for coronavirus.” This preys on gullible people who believed outgoing president Donald Trump when he pushed hydroxychloroquine as a COVID-19 cure, contradicting his own public health officials.


To help protect your organization against phishing attacks and other malicious activities, Check Point offers the following tips:

  • Check the full email address on any message you receive and be alert to hyperlinks that may contain misspellings of the actual domain name.
  • Verify that you’re using a URL from an authentic website. Don’t click on links in emails. Instead click on the link from the Google results page after searching for it.
  • Beware of lookalike domains, spelling errors in emails or websites, and unfamiliar email senders.
  • Protect mobile and endpoint browsing with advanced cybersecurity solutions that prevent browsing to malicious phishing web sites, whether known or unknown.
  • Use two-factor authentication to verify any changes to account information or wire instructions.
  • Never supply login credentials or personal information in response to a text or email.
  • Regularly monitor financial accounts.
  • Keep all software and apps up to date.
  • Always note the language in an email. Social engineering techniques are designed to take advantage of human nature. Criminals know that people are more likely to make mistakes when they’re in a hurry and are inclined to follow the orders of those in positions of authority. Phishing attacks commonly use these techniques to convince their targets to ignore their potential suspicions about an email and click on a link or open an attachment.

Also see

Source link

Continue Reading


Linux 101: How to copy files and directories from the command line

linuxhero2 1

Jack Wallen continues his Linux 101 series, with an introduction on how to copy files and directories from the command line.

Are you new to Linux? If so, you’ve probably found the command line can be a bit intimidating. Don’t worry–it is for everyone at the beginning. That’s why I’m here to guide you through the process, and today I’m going to show you how to copy files and folders from the command line. 

Why would you need to copy files and folders this way? You might find yourself on a GUI-less Linux server and need to make a backup of a configuration file or copy a data directory. 

Trust me, at some point you’re going to need to be able to do this. Let’s find out how. 

SEE: Linux: The 7 best distributions for new users (free PDF) (TechRepublic)

First we’ll copy a file. Let’s say you’re about to make changes to the Samba configuration file, smb.conf and you want a backup copy just in case something goes wrong. To copy that file, use the cp command to copy the source to the destination like so:

 cp /etc/samba/smb.conf /etc/samba/smb.conf.bak

You’ve probably already encountered your first problem. Because the smb.conf file is in /etc/, you’ll need to use sudo privileges to make the copy. So the correct command is: 

sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.bak 

In this example, smb.conf is our source and smb.conf.bak is our destination. You might want to preserve the file attributes (such as directory and file mode, ownership, and timestamps) during the copy. For that we use the -a option as in: 

sudo cp -a /etc/samba/smb.conf /etc/samba/smb.conf.bak

Copying a directory is done in the same way, only you use the -R option, for recursive. Let’s say you want to make a backup of the entire /etc/samba directory and you want to copy it to your home directory. That command would be: 

sudo cp -R /etc/samba ~/samba.bak

To preserve the attributes, while copying the directory, the command would be:

sudo cp -aR /etc/samba ~/samba.bak

And that’s all there is to it. You’ve just copied your first files and directories from the Linux command line. Now, go out and celebrate this victory, you’ve earned it.

Subscribe to TechRepublic’s How To Make Tech Work on YouTube for all the latest tech advice for business pros from Jack Wallen.

Also see


Image: Pixabay

Source link

Continue Reading


‘Junk DNA’ plays a key role in regulating circadian clocks

Drosophila circadian rhythm

If you’ve ever had a bad case of jet lag, you know how a disruption to your body’s circadian rhythm makes it difficult to function. Molecular circadian “clocks” exist in cells throughout the body, governing more than just sleep and wake cycles — they are crucial to many aspects of human health. For more than a decade, researchers have been trying to figure out what makes them tick, in search of new insights into diseases like Alzheimer’s, cancer and diabetes.

Until now, that research has focused on what is known as clock genes, which encode proteins that drive oscillating cycles of gene expression affecting physiology and behavior. But research just published in the Proceedings of the National Academy of Sciences reveals the discovery of a new cog in the circadian clock — a genome-wide regulatory layer made up of small chains of non-coding nucleotides known as micro RNAS (miRNAs).

Junk DNA plays a key role in regulating circadian clocks

Drosophila ciacadian rhythm. Credit: Chhandama via Wikimedia Commons, CC-BY-SA-4.0

“We’ve seen how the function of these clock genes are really important in many different diseases,” said Steve Kay, PhD, Provost Professor of neurology, biomedical engineering and quantitative computational biology at the Keck School of Medicine of USC. “But what we were blind to was a whole different funky kind of genes network that also is important for circadian regulation and this is the whole crazy world of what we call non-coding microRNA.”

‘Junk DNA’ proves to be a valuable tool in circadian rhythms

Formerly thought to be “junk DNA,” miRNAs are now known to affect gene expression by preventing messenger RNA from making proteins. Past research has indicated miRNAs may have a role in the function of circadian clocks but determining which of the hundreds of miRNAs in the genome might be involved remained a problem.

Kay and his team, led by Lili Zhou, a research associate in the Keck School’s Department of Neurology, turned to the Genomics Institute of the Novartis Research Foundation (GNF) in San Diego, which has created robots capable of high throughput experiments. Working with scientists at the institute, Zhou developed a high throughput screen for a robot to test the close to 1000 miRNAs by individually transferring them into cells the team had engineered to glow on and off, based on the cell’s 24-hour circadian clock cycle.

“The collaboration with GNF made it possible for us to conduct the first cell-based, genome-wide screening approach to systematically identify which of the hundreds of miRNAs might be the ones modulating circadian rhythms,” said Zhou.

“Much to our surprise,” said Kay, “we discovered about 110 to 120 miRNAs that do this.”

With the help of Caitlyn Miller, a biochemistry undergraduate from USC Dornsife, researchers then verified the impact on circadian rhythms by inactivating certain miRNAs identified by the screen in their line of glowing cells. Knocking out the miRNAs had the opposite effect on the cells’ circadian rhythm as adding them to the cells.

Physiologic and behavioral impacts  of miRNAs

Researchers also focused on the physiologic and behavioral impacts of miRNAs. They analyzed the behavior of mice with a particular cluster of miRNAs inactivated – miR 183/96/182 – and saw that inactivating the cluster interfered with their wheel-running behavior in the dark compared with control mice. They then examined the impact of the miRNA cluster on brain, retina and lung tissue, and found that inactivating the cluster affected circadian rhythms in a different way in each tissue type – suggesting that the way the miRNAs regulate the circadian clock is tissue specific.

Understanding the impact of miRNAs on the circadian clock in individual tissue could reveal new ways of treating or preventing specific diseases.

“In the brain we’re interested in connecting the clock to diseases like Alzheimer’s, in the lung we’re interested in connecting the clock to diseases like asthma,” said Kay. “The next step I think for us to model disease states in animals and in cells and look at how these microRNAs are functioning in those disease states.”

Source: USC

Source link

Continue Reading


Samsung Galaxy F62, Samsung Galaxy M02 Spotted on India Support Page; Hints at Imminent Launch

samsung reuters 1585645176745

Samsung Galaxy F62 and Samsung Galaxy M02 have leaked in the past on several occasions, and now the model numbers associated with these phones have been spotted on Samsung’s official support page in India as well. This indicates that both the phones’ launches could be inching closer and Samsung is gearing up to introduce them in the Indian market. Samsung Galaxy F62 is also reported to be called the Samsung Galaxy E62. In some markets, this phone may likely be also called the Samsung Galaxy M62.

MySmartPrice spotted two model numbers – SM-E625F/DS and SM-M022G/DS – on the Samsung India support page. The support page doesn’t offer any details about the phone, and it doesn’t even reveal the commercial name of the phone, but the SM-E625F/DS model number is largely associated with Samsung Galaxy F62, or Samsung Galaxy E62, in the past. Likewise, the SM-M022G/DS is associated with the anticipated Samsung Galaxy M02 handset.

Samsung introduced the Galaxy M02s in the Indian market earlier this month, but the Galaxy M02 still remains in the rumour mill. As per a Geekbench listing, Samsung Galaxy M02 may run on Android 10 and come with 3GB of RAM. The smartphone could also come with the Qualcomm Snapdragon SoC that is clocked at 1.8GHz.

The rumoured Samsung Galaxy F62 has also leaked in images, hinting at a square shaped module on the back. The phone has also been spotted on BIS website and an earlier report also claims that the production of the rumoured Samsung Galaxy F62 has begun at the company’s Greater Noida facility in the Delhi-NCR region. The Galaxy F62 could be one of the slimmest phones from Samsung and it is expected to launch in the first quarter of 2021. Specifications leaked in the past include Exynos 9825 SoC, have 6GB of RAM and Android 11.

Is this the end of the Samsung Galaxy Note series as we know it? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.

Affiliate links may be automatically generated – see our ethics statement for details.

Source link

Continue Reading