Latest

Endpoint Security

Is COVID-19 Driving a Surge in Unsafe Remote Connectivity?

Mathew J. Schwartz  •  March 31, 2020

As the coronavirus drives a massive upsurge in remote working, a review of remote desktop protocol usage suggests RDP adoption hasn't spiked. But as IT teams rely more heavily on remote access, experts warn that too many RDP systems remain internet-exposed.

Breach Notification

Another Marriott Breach Affects Millions

Scott Ferguson  •  March 31, 2020

Marriott acknowledged Tuesday that a recent data breach exposed the personal records of millions of hotel guests. It's the second major breach reported by the hotel giant in two years.

Cybercrime

FBI Warns of 'Kwampirs' Malware Supply Chain Attacks

Marianne Kolbasuk McGee  •  March 31, 2020

The FBI has issued an alert reminding the healthcare sector and other industries about the ongoing threat of Kwampir remote access Trojan attacks on the supply chain.

►

Business Continuity Management / Disaster Recovery

COVID-19 and the Human Side of Cybersecurity Leadership

Tom Field  •  March 30, 2020

When securing the remote workforce, it's important to be mindful of the human challenges - educating children, caring for elders and dealing with the barrage of COVID-19 news, says Microsoft's Diana Kelley, who shares insights on balancing cybersecurity and compassion.

Application Security

COVID-19 Crisis: How to Manage VPNs

Suparna Goswami  •  March 30, 2020

Security practitioners around the world are struggling to cope with the challenges posed by remote workers heavily relying on virtual private networks during the COVID-19 pandemic. Here's a look at steps to take to help enhance security.

Audit

Zoom Stops Transferring Data by Default to Facebook

Jeremy Kirk  •  March 30, 2020

Zoom has apologized for sharing large sets of user data by default with Facebook, blaming the social network's software development kit, which it has removed from its iOS app. With COVID-19 driving unprecedented levels of remote working, video conferencing software is under the privacy and security microscope.

Breach Notification

Health Data Breach Tally Spikes in Recent Weeks

Marianne Kolbasuk McGee  •  March 30, 2020

The total number of health data breaches - and individuals affected - on the 2020 tally has more than doubled in recent weeks. Here are the details.

Endpoint Security

Will 5G Networks Inherit Vulnerabilities in 4G Networks?

Akshaya Asokan  •  March 30, 2020

If vulnerabilities in 4G cellular networks that can expose them to denial-of-service and other attacks are not addressed, emerging 5G networks could inherit these same issues, the security firm Positive Technologies reports.

Business Continuity Management / Disaster Recovery

Analysis: Russia's COVID-19 Disinformation Campaign

Nick Holland  •  March 27, 2020

The latest edition of the ISMG Security Report analyzes how and why Russia is spreading disinformation about the COVID-19 pandemic. Plus: the latest CCPA regulation updates; a CISO's tips on securely managing a remote workforce.

Governance & Risk Management

Microsoft to Pause Non-Essential Software Updates

Mathew J. Schwartz  •  March 26, 2020

Microsoft has announced that it will pause all non-essential updates for Windows, while both Google and Microsoft have said their Chrome and Edge browsers will, for now, receive only stability and security updates. The moves come as IT teams are continuing to respond to the ongoing fallout of the COVID-19 pandemic.

►

Active Defense & Deception

Reduce Dwell Time of Advanced Threats With Deception

Varun Haran  •  March 26, 2020

Using deception technologies can impose a cost on cybercriminals and help reduce dwell times and increase visibility, says Acalvio CEO Ram Varadarajan.

Cybercrime

The Ecommerce Surge: Guarding Against Fraud

Nick Holland  •  March 26, 2020

As more consumers shift to online shopping during the COVID-19 pandemic, retailers must ramp up their efforts to guard against ecommerce payment fraud, says Toby McFarlane, a cybersecurity expert at CMSPI, a payments consultancy.