Security News
Security threats in the second quarter of 2020 continue to target remote workers, but attackers aren't relying on COVID-19-themed phishing: They're going straight for vulnerable home networks where workers are conducting business. Managed security provider Nuspire's report on security threats in Q2 2020 said that phishing attempts have ditched the coronavirus in favor of exploiting the upcoming election and Black Lives Matter movement, but that there's been a 12% decline in malware attacks during Q2. SEE: Identity theft protection policy.
Thousands of ISO certifications at risk of lapsing due to halted re-certification auditsThousands of valuable ISO management system certifications earned by UK companies may now be at risk because auditors from Certification Bodies may not have been able to attend organizations' premises to conduct essential re-certification audits during the current coronavirus pandemic. Kali Linux 2020.3 released: A new shell and a Bluetooth Arsenal for NetHunterOffensive Security has released Kali Linux 2020.3, the latest iteration of the popular open source penetration testing platform.
The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency on Thursday issued a joint alert to warn about the growing threat from voice phishing or "Vishing" attacks targeting companies. "In mid-July 2020, cybercriminals started a vishing campaign-gaining access to employee tools at multiple companies with indiscriminate targeting - with the end goal of monetizing the access."
According to a recent report by Malwarebytes, mobile banking malware has surged over recent months, focused on stealing personal information and using weakened remote connections and mobile devices in a work-from-home environment to gain access to more valuable corporate networks. Securing mobile is a laborious task that requires mobile app developers to factor in several entities, including device manufacturers, mobile operating system developers, app developers, mobile carriers, and service providers.
CISOs at Stanford University, the University of Chicago Medicine, and The Ohio State University list phishing as the top security threat to students, professors, and researchers. The group also agreed zero trust is the best security approach but a hard sell in an academic setting.
We talked to Professor Frank Wailhelm-Mauch, a theoretical physicist working on quantum computing and head of the quantum solid state research group at Saarland University. The potential of quantum computing can be seen by comparing it to classical computing.
The Trustworthy Accountability Group announced the hiring of Danielle Meah, former Global Head of Threat Intelligence for Citigroup, as TAG's first Director of Threat Intelligence. In her new role, Meah will lead the TAG Threat Exchange and work with the industry to foster an effective threat-sharing culture.
A newly released threat report, tracking the biggest trends in the cybercriminal landscape, shows that attackers have been capitalizing on the global pandemic in various ways - from ransomware to web-based malware. Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, said that the semi-annual FortiGuard Labs Global Threat Landscape Report [PDF] for the first half of 2020, released Wednesday, illustrates an "Unprecedented cyber threat landscape."
Today, a stark disconnect exists between the inadequacy of crisis exercising and the desire to build an effective cyber crisis response function, according to an Osterman Research study. "With three quarters of organizations agreeing that business continuity was at the forefront of their minds, it is time to close the gap between attackers and defenders and shake up the outdated status quo. This requires faster, shorter crisis drills run with the people you will be standing shoulder to shoulder with when the worst happens. Crisis exercises must be made more contemporary."
United States president Donald Trump has issued two executive orders banning Chinese messaging service WeChat and made-in-China-but-only-operating-abroad social network TikTok, and labelling the two a "Threat". Which is five days after the September 15 deadline president Trump has given Microsoft to do a deal to buy some of TikTok.