U.S. officials say Iran is running a campaign involving fake emails and videos (pictured) designed to cast doubt on the integrity of U.S. elections. (Image: Proofpoint)

US Alleges Iran Sent Threatening Emails to Democrats

Jeremy Kirk • October 22, 2020

U.S. officials have blamed Iran for sending a barrage of fake emails and videos to American voters with a Democratic Party affiliation as part of a campaign to push misinformation and sow confusion in the days before the presidential election.

Cyberwarfare / Nation-State Attacks

FCC Wants More Information on Threat Posed by China Unicom

Latest

Fraud Management & Cybercrime

White House Denies Trump's Twitter Account Was Hacked

Doug Olenick • October 22, 2020

The White House are Twitter are both debunking claims by a Dutch ethical hacker that he accessed President Donald Trump's Twitter account earlier this month by guessing the password, enabling him to obtain full privileges and capture screenshots.

Breach Notification

Indian Pharmaceutical Company Investigates Security Incident

Prajeet Nair • October 22, 2020

Dr. Reddy's Laboratories, a multinational pharmaceutical company based in India that's testing a COVID-19 vaccine, says it isolated its data center services Thursday following what it calls a "detected cyberattack."

Cyberwarfare / Nation-State Attacks

US Agencies Seize More Iranian-Linked Domains

Chinmay Rautmare • October 22, 2020

As part of an ongoing effort to crack down on Iranian terrorist groups' internet activities, the U.S. government this week seized two domains associated with a group that was involved in a disinformation campaign.

Anti-Money Laundering (AML)

The IRS Takes on Cryptocurrency-Funded Terrorists

Nick Holland • October 22, 2020

The IRS Criminal Investigation Cyber Crimes Unit is waging a battle against the use of cryptocurrency for financing terrorists and other money-laundering activities. Agents Chris Janczewski and Jon Gebhart describe recent cryptocurrency-related takedowns.

Governance & Risk Management

Sensitive Voicemail Transcripts Exposed

Marianne Kolbasuk McGee • October 19, 2020

A security researcher recently discovered an unsecure Elasticsearch database cluster exposed on the internet that contained transcripts of sensitive voicemail messages, including some for medical clinics and financial service companies.

Fraud Management & Cybercrime

Instagram Investigated for Exposure of Minors' Details

Jeremy Kirk • October 19, 2020

Ireland's Data Protection Commissioner has launched an investigation into whether Facebook's Instagram service improperly displayed the email addresses and phone numbers of minors on its platform. Facebook, Instagram's owner, could face a GDPR fine if it's found to have violated privacy requirements.

Application Security

Behavioral Biometrics: The Next Generation

Tom Field • October 19, 2020

Behavioral biometrics have evolved, and Michael Yeardley of LexisNexis Risk Solutions says the new generation of controls can not only identify the bad guy - but also "the really clever bad guy." He explains how.

Critical Infrastructure Security

Google Offers Fresh Details on China-Linked Hacking Group

Akshaya Asokan • October 17, 2020

A report from Google's Threat Analysis Group offers fresh details about the hacking group that targeted Democratic presidential candidate Joe Biden's campaign with phishing emails earlier this year. The phishing effort was linked to a little-known hacking group called APT31, which has connections to China.

Anti-Money Laundering (AML)

20 Arrested in Money-Laundering Crackdown

Prajeet Nair • October 16, 2020

A international law enforcement operation involving 16 countries has resulted in the arrest of 20 individuals suspected of belonging to the QQAAZZ criminal network, which helped launder cash and cryptocurrency for other cybercriminals.

General Data Protection Regulation (GDPR)

British Airways' GDPR Fine Dramatically Reduced

Doug Olenick • October 16, 2020

Britain's Information Commissioner's Office announced this week a dramatic reduction in its fine against British Airways for violating the EU's General Data Protection Regulation. The company will pay a $26 million fine instead of $238 million in a case tied to a 2018 breach.

Business Continuity Management / Disaster Recovery

Iranian Hacking Group Suspected of Deploying Ransomware

Akshaya Asokan • October 16, 2020

A hacking group with links to Iran's government is suspected of using ransomware in attempts to damage the systems of organizations in Israel and other countries, the security firm ClearSky reports.

Endpoint Security

Singapore Launches IoT Cybersecurity Labelling

Jeremy Kirk • October 16, 2020

Singapore has launched an IoT cybersecurity labelling program intended to improve the baseline security of internet-connected consumer products. The program is voluntary, but Singapore eventually intends to make it mandatory.