Security News
Nearly three-quarters of IT professionals haven't increased their company's security posture during the COVID-19 pandemic - while 90 per cent highlighted remote working as a security risk, according to a survey. On the bright side, half of those people reckoned that remote working from home has increased productivity across the board while a further third said it was at about the same level as it was pre-coronavirus.
A new version of the IcedID banking trojan has debuted that notably embraces steganography - the practice of hiding code within images - in order to stealthily infect victims. "Previous versions of IcedID injected into svchost.exe and downloaded encrypted modules and config as.DAT files," according to a Thursday posting.
Security researchers have analyzed contact-tracing mobile apps from around the globe and found that their developers have generally failed to implement suitable security and privacy protections. In an effort to stem the spread of COVID-19, governments are aiming to provide their citizenry with contact-tracing mobile apps.
Analytics firm Gartner has revised its 2020 security spending forecast in light of the COVID-19 pandemic, predicting an increase, but a much smaller one than originally expected. "There are a few factors in favor of some security market segments, such as cloud-based offerings and subscriptions, being propped up by demand or delivery model. Some security spending will not be discretionary and the positive trends cannot be ignored," Pingree said.
As multiple companies inch closer to a potentially life-saving vaccine for the coronavirus, cybercriminals with varying motives have increased attacks. During a webinar with CISO MAG earlier this month, Bryan Ware, assistant director for the US Cybersecurity and Infrastructure Security Agency said the attacks being led by the Chinese government were "Hindering vaccine development in the US," and the government body released its own memo to vaccine researchers urging them to beef up defenses.
Mimecast has been securing remote workers since long before the COVID-19 bio-nasty hit, so Mimecast's Thom Bailey will instruct our Tim Phillips on how to protect oneself in the new normal. How hackers have weaponized the coronavirus pandemic.
Cyber-threats taking advantage of the COVID-19 pandemic are evolving, and Google is seeing an increase in related phishing attempts in countries such as Brazil, India, and the UK. As the coronavirus crisis spreads worldwide, cyber-criminals and state-sponsored actors have adapted their attacks to leverage pandemic-related lures. Google says it has observed an increase in the number of scams targeting Aarogya Setu, an initiative where the government is trying to connect people across India with essential health services.
The COVID-19 pandemic has, in one broad swipe, rewritten the rules regarding our workforce and jobs, with an almost instantaneous transition to remote work for those who were able to. For those companies that went into remote work mode back in March, there was little time to prepare and organizations that did not have remote work plans or policies already in place had to scramble to figure things out.
The social distancing measures brought about by the COVID-19 pandemic will weaken election security in the US, according to a non-profit's security check. "Many government personnel must work and access election infrastructure remotely now; so too must vendor personnel," the Brennan report says.
One of the several multinational corporations enlisted by the German government to help it obtain personal protective equipment for the care of COVID-19 patients has been targeted in an ongoing phishing campaign, IBM reported on Monday. According to IBM, a threat actor has targeted more than 100 high-ranking people within this company, which is part of Germany's Task Force Personal Protective Equipment, whose members leverage their contact networks, particularly in China, to secure PPE. The attackers have targeted executives within the organization, as well as its supply chain partners, and IBM believes the same group likely also targeted other members of the task force.