Latest

►

Endpoint Security

Patient Access to Health Data: Balancing Security and Usability

Marianne Kolbasuk McGee  •  August 7, 2020

As developers design applications to provide patients with access to their digital health records via smartphones - as called for under the 21st Century Cures Act - special attention needs to be paid to balancing security with usability, says Chad Wilson, CISO of Stanford Children's Health.

Endpoint Security

Trump Signs Executive Orders Banning TikTok, WeChat

Prajeet Nair  •  August 7, 2020

President Donald Trump, citing national security concerns, has signed two executive orders that will ban the Chinese-owned social media platforms TikTok and WeChat from the U.S. within 45 days. The orders appear designed to accelerate the sale of the two platforms to American firms.

Endpoint Security

Researchers: IoT Botnets Could Influence Energy Prices

Akshaya Asokan  •  August 7, 2020

High-wattage IoT devices and appliances, such as connected refrigerators, air conditioners and heaters, could be turned into massive botnets by malicious actors and used to influence energy prices, according to an academic study released at Black Hat 2020.

Endpoint Security

Analysis: Hijacking of Twitter Hacker's Virtual Hearing

Anna Delaney  •  August 7, 2020

The latest edition of the ISMG Security Report analyzes the hijacking of a virtual court hearing in the Twitter hacking case. Also featured: Why network segmentation is more important than ever; update on Windows print spooler vulnerability.

Fraud Management & Cybercrime

Global Cybercrime Surging During Pandemic

Marianne Kolbasuk McGee  •  August 6, 2020

Cybercriminals have shifted their focus from individuals and smaller businesses to target governments, critical health infrastructure and major corporations to maximize their profits and disruption during the COVID-19 pandemic, a new Interpol report warns.

3rd Party Risk Management

Election Security: A Harsh Assessment

Akshaya Asokan  •  August 6, 2020

A security researcher says voting equipment in the U.S. is still riddled with security flaws that opportunistic foreign adversaries could use to pose a threat to the November election. Meanwhile, the director of CISA calls Russian ransomware attacks one of the biggest threats to the election.

Endpoint Security

How WastedLocker Evades Anti-Ransomware Tools

Prajeet Nair  •  August 5, 2020

WastedLocker, a ransomware strain that reportedly shut down Garmin's operations for several days in July, is designed to avoid security tools within infected devices, according to a technical analysis from Sophos.

Endpoint Security

FBI Warns of Serious Risks Posed by Using Windows 7

Akshaya Asokan  •  August 5, 2020

The FBI is warning organizations that are still using Microsoft Windows 7 they are in danger of attackers exploiting vulnerabilities in the unsupported operating system to gain network access. The agency points to an uptick in such attack attempts.

Governance & Risk Management

Why Flash Player Removal Should Be a Priority

Doug Olenick  •  August 4, 2020

Adobe Flash Player, which has been patched hundreds of times during its lifetime to address vulnerabilities, will no longer be supported after Dec. 31, leaving an attack vector that can be exploited by malicious actors unless it's removed. That's why eliminating all instances of Flash Player is so urgent.

Fraud Management & Cybercrime

Twitter Hack: Suspects Left Easy Trail for Investigators

Doug Olenick  •  August 3, 2020

Suspects in the epic attack against Twitter were uncovered, in part, by the use of their real photo identification for cryptocurrency accounts they used to broker the sale of stolen usernames. The mistakes proved crucial to their identification, according to court documents.

Endpoint Security

Microsoft May Be TikTok's Privacy and Security Lifeline

Jeremy Kirk  •  August 3, 2020

Is Microsoft coming to TikTok's rescue? It appears that's a very strong possibility following President Donald Trump's threat Friday to ban the app in the U.S. Microsoft hasn't committed to buying part of TikTok, but says if it did, it would bring the popular app world-class security and privacy protections.

Fraud Management & Cybercrime

Secret Service Agent Offers Cybercrime-Fighting Insights

Anna Delaney  •  August 3, 2020

Christopher Leone, assistant special agent in charge, United States Secret Service, offers advice to organizations on forging relationships with law enforcement as part of their cybersecurity incident preparedness plans.