Latest

Cybercrime

SMS Phishing Campaign Used to Spread Emotet: Report

Ishita Chigilli Palli  •  February 21, 2020

Mobile banking customers are being targeted by yet another SMS phishing campaign, according to new research from IBM X-Force. This time, however, in addition to trying to steal usernames and credentials, the attackers are also attempting to install Emotet malware.

Business Continuity Management / Disaster Recovery

What to Look for at RSA 2020 Conference

Nick Holland  •  February 21, 2020

This special edition of the ISMG Security Report offers a preview of top keynote presentations at the RSA 2020 conference, plus a look at important themes and health tips for attendees.

Breach Notification

Canadian Government Breaches Exposed Citizens' Data: Report

Akshaya Asokan  •  February 19, 2020

Data breaches at Canadian government agencies exposed the personal information of approximately 144,000 citizens over a two-year period, according to a news report.

3rd Party Risk Management

Health Data Breach Tally Update: 2020 Trends

Marianne Kolbasuk McGee  •  February 19, 2020

Hacking incidents involving email appear to be the most common type of major health data breach being reported to federal regulators so far in 2020. But the largest breach added to the tally involved a type of incident rarely seen in recent years: the theft of an unencrypted laptop.

Governance

Coronavirus Update: Tips for Travel

Tom Field  •  February 19, 2020

Globally, the coronavirus has infected more than 75,000 people and led to over 2,000 deaths. But business travelers should avoid panic, says pandemic expert Regina Phelps, who offers preventive health tips for those headed to international events, such as the RSA 2020 conference.

Endpoint Security

Preview: 12 Top Keynote Sessions at RSA Conference 2020

Mathew J. Schwartz  •  February 19, 2020

Are you attending the RSA 2020 conference? To help navigate the show, here's a preview of 12 top keynote sessions featuring some of the biggest names in cybersecurity tackling critical subjects, including cryptography, critical infrastructure security, bug bounties and supply chain risks.

Governance

Dell to Sell RSA to Private Equity Firm for $2 Billion

Scott Ferguson  •  February 18, 2020

Dell Technologies has agreed to sell its RSA security division to private equity firm Symphony Technology Group in an all cash deal worth more than $2 billion, the companies announced Tuesday. The news comes on the eve of the annual RSA Conference in San Francisco, which starts Monday.

Cybercrime

Unpatched VPN Servers Hit by Apparent Iranian APT Groups

Scott Ferguson  •  February 18, 2020

Unpatched Fortinet, Palo Alto and Pulse Secure VPN servers, as well as Citrix gateways, continue to be targeted by hackers, who are exploiting critical flaws to install backdoors inside corporate networks. Security firm ClearSky warns that apparent Iranian APT attackers are the latest to join the fray.

Events

RSA Conference 2020 Preview

Tom Field  •  February 18, 2020

"The Human Element" is the theme of the RSA Conference 2020, but there are plenty of technology-rich topics in store for attendees, including session tracks that focus on election security, open source tools, product security and anti-fraud. Britta Glade, a conference director, previews the event.

Cybercrime

Google Removes 500 Chrome Extensions Tied to Malvertising

Apurva Venkat  •  February 17, 2020

Google has removed 500 Chrome extensions from its online store after researchers found that attackers were using them to steal browser data, according to a new report from security firm Duo Security. The thefts were part of a malvertising campaign that had been active for at least a year, the researchers say.

Business Continuity Management / Disaster Recovery

IBM Exits RSA Conference 2020 Over Coronavirus Worries

Mathew J. Schwartz  •  February 17, 2020

With IBM and seven other sponsors withdrawing from next week's RSA Conference 2020 - as worries over the China-centered outbreak of the coronavirus continue - will others follow suit?

General Data Protection Regulation (GDPR)

Facebook Delays EU Dating Service Rollout After 'Dawn Raid'

Mathew J. Schwartz  •  February 14, 2020

Any lonely hearts in Europe hoping to meet the person of their dreams via Facebook's dating service on Valentine's Day this year will have to wait a little longer. The social network has delayed the EU rollout of its dating service, following a Monday "dawn raid" by Irish privacy investigators.