Security News
Israel is using emergency surveillance powers to track people who may have COVID-19, joining China and Iran in using mass surveillance in this way. Today, we must ensure that any automated data systems used to contain COVID-19 do not erroneously identify members of specific demographic groups as particularly susceptible to infection.
Amid numerous malicious attacks leveraging the current COVID-19 coronavirus crisis, security researchers have discovered an Android surveillance campaign targeting users in Libya. One of the COVID-19-themed attacks appears to be part of a larger mobile surveillance campaign operating out of Libya and targeting Libyan individuals, Lookout reveals.
Ransomware operators of DoppelPaymer and Maze malware stated that they will not target medical organisations during the current pandemic. Laurence Abrams, who runs the security news site Bleeping Computer, reports that he made contact with "The operators of the Maze, DoppelPaymer, Ryuk, Sodinokibi/REvil, PwndLocker, and Ako Ransomware infections to ask if they would continue targeting health and medical organizations during the outbreak."
Ransomware operators of DoppelPaymer and Maze malware stated that they will not target medical organisations during the current pandemic. Laurence Abrams, who runs the security news site Bleeping Computer, reports that he made contact with "The operators of the Maze, DoppelPaymer, Ryuk, Sodinokibi/REvil, PwndLocker, and Ako Ransomware infections to ask if they would continue targeting health and medical organizations during the outbreak."
Microsoft has released an out-of-band emergency patch for a wormable remote-code execution hole in SMBv3, the Windows network file system protocol. The SMB bug fix was a late addition to Microsoft's March edition of Patch Tuesday - after the security hole was accidentally disclosed by the Cisco Talos research team in a blog post recapping this month's updates: Cisco thought Microsoft had fixed the bug this week as part of March's Patch Tuesday, and alerted the world to the bug's presence to get people to install their updates.
To that end, CISA has worked with the National Security Council, various federal agencies, industry stakeholders and organizations like the ICS Village to develop a set of core initiatives for 2020. Four, CISA will have a focus on developing detection and incident-response training blueprints.
Every machine needs a unique identity in order to authenticate itself and communicate securely with other machines. Secure, reliable authentication is essential to protect machine-to-machine communication, yet protecting every machine identity across an enterprise can be a challenge.
Lots of PHI, low security, and multiple entry points make hospitals the perfect target for hackers and ransomware attacks are up 45% in Q3.
850,000 domains worldwide now have DMARC records, a 5x increase since 2016, according to Valimail. However, less than 17% of global DMARC records are at enforcement — meaning fake emails that...
State Attorneys General Want Changes in Regulation to Ease Sharing of DataThe National Association of Attorneys General is urging Congress to drop the "cumbersome, out-of-date privacy rules"...