The U.S. Health and Human Services Department experienced a cyberattack on its IT infrastructure on Sunday, which officials believe was an attempt to hinder the department’s response to the COVID-19 pandemic. Though the attack did not cause significant damage or data breaches, it is suspected that foreign actors may be spreading misinformation about the outbreak. The incident highlights HHS’s past issues with cybersecurity preparedness and its recommendations for private-sector healthcare organizations.

New KoiLoader Abuses Powershell Scripts to Deliver Malicious Payload
Researchers have uncovered a new strain of the advanced KoiLoader malware, believed to be distributed through phishing emails posing as bank statements. The malware employs