Security News

Seventy percent of major organizations were strategizing to pour more money into cybersecurity efforts as a result of the coronavirus pandemic, according to a report in May. Gartner has predicted that, despite COVID-19, total global spending on cybersecurity will hit $123.8 billion in 2020. A new report-CompTIA's State of Cybersecurity 2020-took the temperature of how the enterprise has responded to security during COVID-19, surveying 425 US businesses.

On Tuesday, Microsoft released its annual Digital Defense Report providing a glimpse of the trends shaping the cybersecurity landscape during the last year. The Digital Defense Report analyzes cybersecurity threats from the second half of 2019 through the first half of 2020.

Today’s networks have more sophisticated automated defenses than ever, yet cybercriminals are taking full advantage of business disruptions and distractions in 2020. Adversaries are exploiting...

As the economic fallout of the COVID-19 crisis continues to unfold, a research from Next Caller, reveals the pervasive impact that COVID-related fraud has had on Americans, as well as emerging trends that threaten the security of contact centers, as we head towards what may be another wave of call activity. Rising reports of fraud activity signal not only that fraudsters are eager to replicate their initial success, but that some of those early schemes may just be getting started.

The COVID-19 pandemic has apparently resulted in industrial systems being increasingly targeted by malicious actors through brute-force attacks on the Remote Desktop Protocol, Kaspersky reported on Thursday. Kaspersky's report on the industrial threat landscape for the first half of 2020 reveals that the number of attacks aimed at RDP on industrial computers increased steadily between February and May. The cybersecurity firm has seen brute-force attacks against RDP passwords on 0.16% of the industrial control systems it protected in February and 0.33% in May. The percentage dropped slightly in June, but still remained at an above average level.

Microsoft has detailed the steps involved in the processing of vulnerability reports, so that reporting researchers know what to expect when submitting information on a bug. The portal, the tech company notes, delivers a secure and guided way for security researchers to share all of the necessary details required to reproduce a reported vulnerability and identify a fix for it.

Chinese hackers have stolen information from Spanish laboratories working on a vaccine for Covid-19, El Pais newspaper reported Friday. Speaking to journalists on Thursday, Esteban who heads the CNI intelligence services, said there had been a "Qualitative and quantitative" increase in attacks during lockdown, with hackers targeting "Sensitive sectors such as healthcare and pharmaceuticals".

Gartner defines "Effective CISOs" as those who scored in the top one-third of the CISO effectiveness measure. "As the push to digital deepens, CISOs are responsible for supporting a rapidly evolving set of information risk decisions, while also facing greater oversight from regulators, executive teams and boards of directors. These challenges are further compounded by the pressure that COVID-19 has put on the information security function to be more agile and flexible."

Cynet's report shares several interesting data points and findings, such as the cyberattack volume change observed in various industry sectors, the increased use of spearphishing as an initial attack vector, and the approaches being used to distribute malware in spearphishing attacks. While many have anecdotally suggested ways in which COVID-19 related cyberattacks would unfold, we have little data supporting the actual impact of COVID-19 on cybersecurity.

Cybersecurity company Cynet has released a report detailing changes in cyberattacks they've observed across North America and Europe since the beginning of the COVID-19 pandemic. The report shares the cyberattack volume change observed across industry sectors, the increased use of spear phishing as an initial attack vector, and the approaches being used to distribute malware in spear phishing attacks.