Security News > 2020 > October

The U.S. Department of Defense's Cyber National Mission Force and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency last week published a malware analysis report for what they described as a new malware variant named SLOTHFULMEDIA. SLOTHFULMEDIA is described as a dropper that deploys two files when executed, including a RAT designed to allow hackers to control compromised devices, and a component that removes the dropper once the RAT achieves persistence on the targeted computer. The U.S. government's malware analysis report includes technical details about how the malware works, indicators of compromise and recommendations for securing systems against such threats.

"If you connect it, protect it" is a short and simple slogan that we've taken straight from this year's Cybersecurity Awareness Month. We wrote about CSAM last week, on the first of the month, to explain why we think CSAM is still worth supporting, for two main reasons.

Welcome back to Who, Me? Today's story comes from a reader Regomised as "Alan" and concerns the time he was instrumental in the accidental near-shutdown of an entire department of Her Majesty's Government. Alan had been able to get at the verboten commands via the medium of a common-or-garden batch file combined with the trusting nature of the OS of the time.

European Cybersecurity Month is a timely reminder that we must not become complacent and must redouble our efforts to stay safe online and bolster the cybersecurity skills base in society. Developing cybersecurity education at all levels, encouraging more of our students to embrace STEM subjects at an early age, educating consumers and the elderly on how to spot and avoid scams are critical to managing the challenge we face.

The report features responses from 1,639 businesses globally, exploring how they are using IoT and how IoT is helping them be ready for the future. As a result, 84% of adopters now view the integration of IoT devices with workers as a higher priority and 73% of businesses considering IoT agree the pandemic will accelerate their adoption plans.

While passwords may not be a cutting-edge security innovation, that's not to suggest that CIOs don't need to modernize their approach to password management. Employees' poor password management practices are well-documented, with Google finding that 65% of people use the same password for multiple, if not all, online accounts.

Forter released its Fraud Attack Index, delivering in-depth insight into the impact of COVID-19 on online buyer behavior and ecommerce fraud trends. Omnichannel fraud is growing: Buy Online, Pick-up In Store fraud rose 55% as new customer service options are subjected to significant fraud.

Vendor revenue from sales of IT infrastructure products for cloud environments, including public and private cloud, increased 34.4% year over year in the second quarter of 2020, according to IDC. Investments in traditional, non-cloud, IT infrastructure declined 8.7% year over year in 2Q20. These growth rates show the market response to major adjustments in business, educational, and societal activities caused by the COVID-19 pandemic and the role IT infrastructure plays in these adjustments. Spending on public cloud IT infrastructure increased 47.8% year over year in 2Q20, reaching $14.1 billion and exceeding the level of spend on non-cloud IT infrastructure for the first time.

NIST has launched a crowdsourcing challenge to spur new methods to ensure that important public safety data sets can be de-identified to protect individual privacy. The Differential Privacy Temporal Map Challenge includes a series of contests that will award a total of up to $276,000 for differential privacy solutions for complex data sets that include information on both time and location.

Go for CISSP certification now to achieve more in 2021 as a globally recognized cybersecurity leader. Whether you're motivated by career advancement, higher pay or inspiring a safe and secure cyber world, the CISSP is a clear professional game-changer.