Security News

Another human-related error - this time a flaw in a health department website in the state of Bengal, India - has exposed the confidential results of COVID-19 tests as well as personally identifying information for an entire geographic region's population. Test results related to more than 8 million people potentially were exposed before the agency fixed the error, according to a security researcher.

In 2020 attackers were observed pivoting their attacks to businesses for which global COVID-19 response efforts heavily relied, such as hospitals, medical and pharmaceutical manufacturers, as well as energy companies powering the COVID-19 supply chain. "In essence, the pandemic reshaped what is considered critical infrastructure today, and attackers took note. Many organizations were pushed to the front lines of response efforts for the first time - whether to support COVID-19 research, uphold vaccine and food supply chains, or produce personal protective equipment," said Nick Rossmann, Global Threat Intelligence Lead, IBM Security X-Force.

Millions of COVID-19 test reports were found to be publicly accessible due to flawed online system implementation. The leak, comprising over 8 million COVID-19 test results, has been attributed to the Health and Welfare Department of West Bengal, India.

Supply chain attacks, ransomware, data extortion and nation-state threats prove to be more prolific than ever, a CrowdStrike report suggests. Among a popular vector for cybercriminals is the supply chain as it allows malicious actors to propagate multiple downstream targets from a single intrusion.

The eBook "5 Security Lessons for Small Security Teams for a Post-COVID19 Era" helps companies prepare for these new work dynamics. The practical insights and provided recommendations make this a very helpful guide for small security teams that feel the brunt of security on a daily basis and now need to add one more item to their security strategy planning and execution.

Set a good example: Establish a security champions program. Champions promote security literacy, quantify risks, and model good practices.

U.S. law enforcement arrested six "Ringleaders" of a Ghana-based cybercriminal enterprise, who had allegedly launched a slew of money-stealing scams dating back to 2013 that included romance scams, business email compromise attacks and fraud. While the six arrested were allegedly involved with the criminal enterprise based in Ghana, they were located across the U.S. and targeted individuals and businesses in the U.S. Scams Relating to Romance, COVID-19 Relief.

A panel of experts considers the best methods for safe domestic and international air travel including proof of testing, vaccination passports, and digital health passes. A recent panel conducted by the security firm Concentric Advisors, "Protocols, Testing, and Proof of Vaccine-What is the future of privacy and travel?" took a deep dive predicting how domestic and international air travel can be safely mandated during the continuing COVID-19 worldwide pandemic.

In Part 1 of this two-part series, we discussed the concept of "Cyber distancing" for employees asked to work from home during the COVID-19 pandemic. While working from home or even while at work for that matter, follow these steps to avoid behaviors that may let the bad guy in.

A research into the impact of COVID-19 on physical security purchasing decisions has revealed a sharp increase in the necessity/urgency for businesses to adopt hosted video surveillance and access control solutions. A survey by Morphean revealed that 76% of senior managers in UK, Germany and Sweden have increased their use of video conferencing; 65% have increased their use of office applications; and 70% of those in the security sector are now strongly inclined towards cloud adoption.