Security News > 2020 > March

A half-decade ago, with much fanfare, cyber ranges were touted as a revolutionary pivot for cybersecurity professionals' training. Are all obvious advantages to building and running cyber ranges within the public cloud.

Earlier this month, articles on Mashable, EFF, Forbes, and Consumer Reports, among others, heavily criticized Zoom for not ensuring that users' privacy is well protected, which encouraged web veteran Doc Searls to have a look into the matter as well. EFF too pointed out that Zoom hosts could monitor attendees' activity while screen-sharing, could see whether a participant has the Zoom window in focus or not, and that administrators can view "How, when, and where users are using Zoom," and can access the contents of recorded calls, including "Video, audio, transcript, and chat files."

Researchers say yes: Good data can beat bad data in the race to spread. In a paper published on Friday, researchers from North Carolina State University and the Army Research Office have demonstrated a new model of how competing pieces of information spread in online social networks and the Internet of Things. Ultimately, our work can be used to determine the best places to inject new data into a network so that the old data can be eliminated faster.

The Kwampirs attack group continues to target global healthcare entities in this time of crisis, the FBI has warned. "The FBI assesses Kwampirs actors gained access to a large number of global hospitals through vendor software supply chain and hardware products. Infected software supply chain vendors included products used to manage industrial control system assets in hospitals."

One in four respondents to a Threatpost reader poll said they were okay with sacrificing a portion of their personal privacy in exchange for some form of cellphone tracking that could - in theory - reduce coronavirus infection rates and save lives. When asked, "For coronavirus tracking, do you think public-health benefits outweigh privacy risks?" approximately 27 percent voted "Yes - Privacy and data-protection laws should not get in the way of saving lives." Sixty-nine percent said, "No - A pandemic doesn't give authorities the right to strip citizens of their privacy rights."

International hotel chain Marriott today disclosed a data breach impacting nearly 5.2 million hotel guests, making it the second security incident to hit the company in recent years. The hospitality giant said an investigation into the breach was ongoing, but said there was no evidence that Marriott Bonvoy account passwords or PINs, payment card information, passport information, national IDs, or driver's license numbers were compromised.

Last week we wrote about a WhatsApp hoax that was spreading widely, warning people to look out for a cybersecurity catastrophe that simply wasn't going to happen. The City of London Police in turn link you to UK National Fraud and Cyber Crime Reporting Centre's ActionFraud website, where you will see that the "City of London Police hasn't issued any alerts about fake messages from Danske Bank.".

Transport Layer Security is a common cybersecurity protocol that is frequently seen in email, web browsers, messaging, and other communication methods that take place over networks. TLS is relied upon to ensure secrecy using different techniques like encryption, hash functions, and digital signatures.

A few days earlier, the U.S. Department of Health and Human Services suffered a DDoS attack, assumed to have been launched by a hostile foreign actor, aimed at slowing down the agency's services amid the government's rollout of a response to coronavirus. During an unprecedented time of peak traffic, the risk of a DDoS attack is growing exponentially.

"Data protection can come into play in a wide array of important ways - including data security and encryption, data recovery, email protection and data archiving. It also provides the ability to recover quickly from a disaster, protection from and mitigation of ransomware, and physical device protection. Plus, it can prevent user error," said Reeder. Top executives in education see data backup and data recovery as the most important aspects of data protection.