Security News

In closed forums on the dark web, criminals are trading vast databases of consumer information gathered via data breaches and phishing attacks, but also through readily-available government databases. Already a marketplace for drugs, weapons, stolen bank details and leaked website databases, the dark web has now become a thriving underground community where individuals discuss and trade techniques for capitalizing on COVID-19.

If you think cybercriminals and hackers are without a shred of empathy or human understanding, you'd be wrong. How can you turn the tables? Step one is to start thinking the way they do, and that's what we'll be showing you how to do in our webcast How I'd Attack You, on November 18 at 0900 PT. Our ever sympatico broadcast supremo Tim Phillips will be joined by Darktrace's Dan Fein and Mariana Pereira to discuss how they'd put together an attack in 2020, and how working through that same thought process can bolster your own defenses.

How is retail security going to face different challenges this year, with how applications are being used and being vulnerable and things like that? But before we discuss that, do you want to talk a little bit about the state of software security report and some of the big takeaways and trends that you saw there? So we said, well, what what other factors are there? And so that's, that's something that when we looked at it, we thought about certain things that you just inherit, right? There's certain things that you don't really control, you don't control the size of your organization, the size of your application, the amount of security debt that you inherit, that's kind of like your nature, right? But then there are things that you do control, you control, how frequently you scan, what types of scanning that you use, different technologies, how regular your scan cadence is.

Dr. Reddy's, the contractor for Russia's "Sputinik V" COVID-19 vaccine and a major generics producer, has had to close plants and isolate its data centers. COVID-19 vaccine manufacturer Dr. Reddy's Laboratories has shut down its plants in Brazil, India, Russia, the U.K. and the U.S. following a cyberattack, according to reports.

Attacks growing increasingly sophisticated and destructive. As eCrime groups grow more powerful, these attacks have grown increasingly sophisticated and destructive - respondents reported that 82 percent of attacks now involve instances of counter incident response, and 55 percent involve island hopping, where an attacker infiltrates an organization's network to launch attacks on others within the supply chain.

Rapper Fontrell Antonio Baines, who goes by the stage name "Nuke Bizzle," made his first appearance in U.S. District Court in downtown Los Angeles on Friday after being charged with fraudulently applying for more than $1.2 million in jobless benefits under the Coronavirus Aid, Relief and Economic Security Act, according to a statement from the U.S. Attorney's Office in the Central District of California. Authorities were tipped off to the scheme after Baines posted a music video on YouTube and Instagram titled "EDD," an apparent reference to the state unemployment agency.

Protiviti has launched a new privacy offering in response to the evolving privacy landscape, which has been exacerbated by the Covid-19 pandemic. Privacy as a Service, is a managed service privacy offering helping companies assess their privacy needs, implement effective compliance measures and respond to new and changing regulations.

Cybercriminals cashed in on the surge of COVID-19 earlier this year, with email lures purporting to be from healthcare professionals offering more information about the pandemic. As the year moves forward, bad actors are continuing to swap up their attacks with savvy lures that match top-of-mind current events, said Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs.

Or so says Secureworks, which throughout 2020 has, perhaps counterintuitively, insisted there has been minimal uptick in cyber activity from malicious people, stating in its research The Effect of COVID-19 on Incident Response that "Data on confirmed security incidents and genuine threats to customers showed the threat level largely unchanged from before the pandemic." Rather, reckons the company, the near-overnight shift to remote working triggered by the pandemic has created a whole set of poorly understood IT infrastructures lashed together in a hurry and therefore containing large numbers of hidden vulnerabilities - vulns that infosec bods ought to be hunting down, in Secureworks' view.

Since well before the pandemic, software developers have leveraged open source code as a means to speed development cycles. Applications today are usually designed using hundreds of unique open source components, which then reside in their software and workspaces for years.