2020 has been quite the year. Amidst a global pandemic, this has been a year of adapting, both in our everyday lives as individuals and as security practitioners thrown into a new remote-first environment. As we look back on our top trending topics from this year, the most read cybersecurity blogs reflect a year dominated by the COVID-19 pandemic, including blogs on COVID-related scams, rapid digital transformation and a few opportunistic hackers.
Without further ado, here’s our top 5 cybersecurity blogs from a year unlike any other:
January feels like a lifetime ago, doesn’t it? Starting this list out was a piece by ZeroFox’s threat research team on the prolific phishing kit distribution network known as “16Shop.” ZeroFox’s research into the group began in 2019, but their phishing kit activity became more notable in the early weeks of 2020 when ZeroFox obtained a phishing kit from 16Shop targeting PayPal. This blog provides an in-depth look at the kit and 16Shop’s methods of creation and distribution of phishing kits.
Phishing kits regardless of creator grew dramatically in use this year. Designed as an all-in-one phishing solution, these kits allow even the least sophisticated of hackers to quickly stand up a fully operating phishing kit. With this in mind, ZeroFox predicts the use of phishing kits will continue to increase in 2021.
As the coronavirus pandemic made its way to the United States and began to spread rapidly in March of 2020, hackers found opportunity. In the first of our blogs on COVID-19 scams, one of our top cybersecurity blogs focused on the early tactics hackers were using to capitalize on the fear and uncertainty created by the pandemic.
ZeroFox observed a flurry of new websites registered, with names containing keywords related to healthcare or coronavirus specifically. Many of these sites use sensationalist language to drive traffic rather than to deliver information that is accurate. Cybercriminals found ways to stand up fake domains and leverage social media platform functionality to scam and defraud users.
Two coronavirus-related cybersecurity blogs made it into our top 5 this year, and for good reason: as the pandemic surged, so too did the cyber threats surrounding the pandemic. One such threat surrounded mobile apps. Smartphones are a key technology to stay connected with loved ones and to gain access to up to date news. As COVID-19 spread, to meet this demand for information, governments worldwide have taken advantage of technology firms and partners to create COVID-19 mobile apps to provide direct access to government resources.
ZeroFox identified an imposter COVID-19 mobile app for Iranian citizens among others. COVID-19 mobile apps highlight the importance of supply-chain security. If a threat actor gains the ability to write arbitrary code to a third party library, they could effectively infect millions of citizens who have apps installed that use these libraries.
In May of 2020, ZeroFox identified a dark web breach broker selling three large, high-profile breaches. The dealer, who goes by the alias Shinyhunters, was offering these breach dumps for sale on a dark web forum, for prices between $1500 and $2500 USD. The ShinyHunters group breached numerous organizations, including Tokopedia, a major Indonesia e-commerce company, and Unacademy, an Indian online learning platform. This blog post outlines the group’s methodology and insight into the targets of the breach.
Our final piece in our top 5 cybersecurity blogs from 2020 surrounded account hijacking. With high-profile account takeover attacks in 2020, account hacking was a highly read and discussed topic. Several notable celebrities found their social media accounts hacked this year and brands continue to be top targets for takeovers as well. In this blog, we outline how account takeovers can happen and what the potential damages are should an account hack occur.
Thanks for Reading This Year!
As we round out another year of the ZeroFox’s top cybersecurity blogs, we appreciate all of our readers that have engaged with topics ranging from COVID-19 to data breaches, to phishiing attacks and account takeovers. Want to read more? Check out our Resources Center for our latest white papers, research reports and more for in-depth reading beyond the blog.