Latest

Cyberwarfare / Nation-State Attacks

Trump Administration Wants China Telecom's US License Revoked

Apurva Venkat  •  April 10, 2020

The Justice Department and several other federal executive branch agencies are asking the Federal Communications Commission to revoke China Telecom (Americas) Corp.'s license to provide international telecommunications services to and from the U.S., citing national security concerns.

Endpoint Security

Analysis: Remote Workplace Security Challenges

Nick Holland  •  April 10, 2020

The latest edition of the ISMG Security Report discusses the cybersecurity challenges posed by the work-at-home shift. Also featured: Tips from NIST on developing remote worker security policies, plus a discussion of the nascent threat of AI meeting assistants.

►

Endpoint Security

CISO Conversations: 'Moving at the Speed of Medicine'

Tom Field  •  April 9, 2020

Washington state was the initial epicenter of the COVID-19 outbreak in the U.S., and Cris Ewell was at the heart of the crisis as CISO of UW Medicine. He shares his insights and lessons learned from supporting caregivers and a remote workforce during the pandemic.

►

Fraud Management & Cybercrime

Faces of Fraud 2020: COVID-19's Impact

Tom Field  •  April 9, 2020

The cyberthreat and fraud landscape is ever-changing, and attackers are upping the game with more advanced attacks. The COVID-19 pandemic has accelerated socially engineered schemes, such as phishing and virus-related scams. CISO Stephen Fridakis and consultant Rocco Grillo discuss how to ramp up defenses.

Cybercrime

Latest Botnet Offers DDoS Attacks on Demand

Akshaya Asokan  •  April 9, 2020

The operator of a newly discovered botnet dubbed "Dark Nexus" is offering cybercriminals access to an array of capabilities, include the ability to launch DDoS attacks on demand, according researchers at Bitdefender.

Cybercrime

Russia Used Fake US Documents for Disinformation: Report

Apurva Venkat  •  April 9, 2020

A recent disinformation campaign that apparently originated in Russia used forged U.S. diplomatic documents and social media to spread false stories in Eastern Europe and Asia, according to a new research report, which warns that these tactics could be used against the U.S. in the run-up to the fall election.

Governance & Risk Management

Microsoft Exchange: 355,000 Servers Lack Critical Patch

Mathew J. Schwartz  •  April 8, 2020

Patch or perish alert: Less than 20 percent of vulnerable Microsoft Exchange servers have received a fix for a serious flaw that Microsoft first disclosed nearly two months ago, security firm Rapid7 warns. It also found a "concerning number" of Exchange 2007 servers, which Microsoft stopped supporting in 2017.

Cybercrime

Hackers Have Targeted Linux Servers for Years: Report

Ishita Chigilli Palli  •  April 8, 2020

For nearly a decade, five hacking groups with apparent links to the Chinese government have targeted vulnerable Linux servers that make up the backend IT infrastructure of thousands of companies and organizations around the world, according to a research report from BlackBerry.

Governance & Risk Management

Australia Considers How to Approach Pandemic Contacts Tracing

Jeremy Kirk  •  April 8, 2020

Australia is investigating how it can leverage data to slow the spread of COVID-19. This raises myriad privacy and security questions, including whether the public would embrace such a system and how long it should be in place.

Cybercrime

NASA: At-Home Workers Targeted by Hackers

Apurva Venkat  •  April 8, 2020

With the COVID-19 pandemic forcing federal government employees and contractors to work from home, NASA is seeing an increase in hacker attacks targeting its newly mobile workforce, the space agency's CIO reports.

Business Email Compromise (BEC)

FBI: COVID-19-Themed Business Email Compromise Scams Surge

Ishita Chigilli Palli  •  April 7, 2020

Fraudsters are taking advantage of the uncertainty over the global COVID-19 pandemic to ramp-up business email compromise scams designed to steal money, the FBI and security researchers warn.

Application Security

Researchers Propose COVID-19 Tracking App

Ishita Chigilli Palli  •  April 7, 2020

Researchers at Boston University have written a research paper that proposes creating a smartphone app that uses short-range transmission technologies that can inform users if they have been in close proximity to a person infected with COVID-19 - while maintaining privacy.