Coronavirus Campaigns Spreading Malware

A new report by IBM X-Force Exchange found that cybercriminals are taking advantage of the coronavirus outbreak, and using it to spread malware.

from Cyber Security News https://ift.tt/2S6xDkP

Russian Hackers Sponsoring Cybercriminal Competitions With High-Stake Prizes

Researchers have uncovered a new cybercriminal trend where Russian hackers are running contests on cybercriminal forums, such as Exploit and XSS, with increasingly high-stakes prizes. 

from Cyber Security News https://ift.tt/2UcJYGT

Legislation Would Create a National STEM Strategy

House Science, Space, and Technology Committee Ranking Member Frank Lucas has introduced comprehensive legislation that creates a long-term strategy for investment in basic research and infrastructure to protect the economic and national security of the United States.

from Cyber Security News https://ift.tt/2S46q29

SEC Publishes Cybersecurity and Resiliency Best Practices

The SEC has published guidance to help firms in the securities market enhance their cybersecurity preparedness and operational resiliency.

from Cyber Security News https://ift.tt/2RLlNhf

House Panel Approves Legislation to Establish Term for CISA Leader

The House Homeland Security Committee advanced the CISA Director Reform Act, which aims to improve operations and efficiency at the Cybersecurity Infrastructure Security Agency (CISA), which is charged with protecting our nation from cyber threats.

from Cyber Security News https://ift.tt/36B1ebi

Leaked Report Shows United Nations Suffered Major Cyberattack and Kept Quiet

Sophisticated hackers infiltrated United Nations networks in Geneva and Vienna last year in an apparent espionage operation that UN top officials did not disclose. 

from Cyber Security News https://ift.tt/36Imr30

93% of Total Mobile Transactions in 2019 Were Fraudalent

A new report has found that 93 percent of total mobile transactions in 20 countries were blocked as fraudulent in 2019.

from Cyber Security News https://ift.tt/2S12X4z

Ex-Twitter CISO, Mike Convertino, Joins Arceo as CSO

Mike Convertino, the former CISO of Twitter, Crowdstrike and F5 Networks as well as CTO of the Security Product Group at F5, has joined Arceo as Chief Security Officer.

from Cyber Security News https://ift.tt/2RZgNV0

97 of 100 World's Largest Airports are Vulnerable to a Cyberattack

New research finds that 97 out of 100 the world's largest airports have security risks related to vulnerable web and mobile applications, misconfigured public cloud, Dark Web exposure or code repositories leaks.

 

from Cyber Security News https://ift.tt/2GK1fPT

Kirk Fjeldheim Named CISO at Syapse

Syapse announced the appointment of Kirk Fjeldheim as Chief Information Security Officer (CISO).

from Cyber Security News https://ift.tt/36vxBbm

NFL Social Media Accounts Hacked by OurMine Crew

Saudi hacker group OurMine has hacked the social media accounts of the NFL and 15 of its teams.

from Cyber Security News https://ift.tt/38MqGfp

Disinformation in 5.4 Billion Fake Accounts: A Lesson for the Private Sector

Where disinformation was once communicated by telegram, the modern version of vast, coordinated campaigns are now disseminated through social media with bots, Twitterbots, and bot farms—at a scale humans could never perform. Now, disinformation campaigns can be lodged by a government to influence stock prices in another country, or by a private company to degrade brand presence and consumer confidence. What’s worse is that bots can facilitate these campaigns en masse.

from Cyber Security News https://ift.tt/36x494U

Data Privacy Day 2020 Encourages Consumers to “Own Their Privacy”

The theme of Data Privacy Day 2020 is “Own Your Privacy.” 

from Cyber Security News https://ift.tt/2t54Uo5

National Security Agency Releases Guide on Mitigating Cloud Vulnerabilities

The National Security Agency (NSA) has released an information sheet with guidance on mitigating cloud vulnerabilities.

from Cyber Security News https://ift.tt/2O6Ihqs

UWF Awarded Grant to Prepare Cybersecurity Professionals

The University of West Florida has been awarded a five-year grant totalling approximately $2.4 million to prepare cybersecurity students for federal, state, local and tribal government organizations.

from Cyber Security News https://ift.tt/36AKrFj

Britt Lindley Named VP, CISO at Trustmark

Trustmark Mutual Holding Company, a national employee benefits provider, has selected Britt Lindley as its new Chief Information Security Officer (CISO).

from Cyber Security News https://ift.tt/2U1bGpZ

New Research Exposes Cybersecurity Risks for E-Scooters and Riders

New research finds e-scooters can be hacked. 

from Cyber Security News https://ift.tt/2RwAzbx

Ohio Hires CISO for Election Security

Ohio Secretary of State Frank LaRose announced Sean M. McAfee as the new CISO for the Ohio Secretary of State's office.

from Cyber Security News https://ift.tt/2O26KNT

Euro Cup and Olympics Ticket Reseller Hit by Malware

Sites belonging to a reseller of tickets for Euro Cup and the Tokyo Summer Olympics, two major sports events happening later this year, have been infected with malware that steals payment card details.

from Cyber Security News https://ift.tt/2ObUudN

Top Four Security Predictions for 2020

What are the top four security predictions enterprise security should be aware of moving into 2020?

from Cyber Security News https://ift.tt/2NRDmJN

Anne Hardy Named CISO at Talend

Talend announced it has named Anne Hardy its chief information security officer (CISO).

from Cyber Security News https://ift.tt/2RGrCv4

Forgot Your Password? Better Not to Have One, says World Economic Forum

A new report by the World Economic Forum finds that freeing ourselves of passwords will actually make us safer and businesses more efficient.

from Cyber Security News https://ift.tt/38w9vi1

FBI Announces New Policy for Notifying State and Local Election Officials of Cyber Intrusions with Elections

The Federal Bureau of Investigation (FBI) announced a new internal policy to clarify and guide the timely federal notification of appropriate state and local officials of cyber intrusions affecting election infrastructure.

from Cyber Security News https://ift.tt/2NSBxwh

Risk of Disruptive or Destructive Attack on the Electric Sector Significantly Increases

A new report highlights hacking activity targeting U.S. electric utilities and oil and gas firms attributed to the threat group Magnallium, widely known as APT33.

from Cyber Security News https://ift.tt/2tzKgwJ

Remote Access Trojan Was a Major Threat in 2019

The rise in popularity of the Remote Access Trojan, or RAT, among financially motivated threat actors tracked by Proofpoint researchers, was a key highlight in 2019.

from Cyber Security News https://ift.tt/3ayAtaF

SMB Budget Constraints and Increase of Cyberattacks in 2020 Among Top Cybersecurity Concerns

What are some current trends and barriers that Channel Partners face when protecting clients against emerging threats?

from Cyber Security News https://ift.tt/2vdq581

Front Rush, Recruiting Software Company, Exposes 700,000 Student Athletes' Files

Front Rush, a technology company providing recruiting software for over 850 US colleges and approximately 9,500 teams, confirmed that they suffered a data breach exposing roughly 700,000 student athletes’ files.

from Cyber Security News https://ift.tt/3aC7wL9

THSuite, POS System in Cannabis Industry, Leaks 85,000 Files

THSuite, a point-of-sale system in the cannabis industry, has exposed 85,000 files of sensitive data from multiple marijuana dispensaries around the U.S.

from Cyber Security News https://ift.tt/3aztZbC

New Research Finds Half of SOCs are Ineffective

New survey data suggests that a new way of looking at SOC management is overdue.

from Cyber Security News https://ift.tt/2Gc8mzY

Proposed Legislation Would Establish Cybersecurity Coordinator in Every State

U.S. Senators John Cornyn (R-TX) and Rob Portman (R-OH) introduced a bipartisan bill to require the Department of Homeland Security to establish a Cybersecurity State Coordinator program.

from Cyber Security News https://ift.tt/2TJMx2J

GDPR Update: More Than 160,000 Data Breach Notifications Reports

Data protection regulators have imposed $126 million (EUR114 million) in fines under the GDPR regime for a wide range of GDPR infringements, not just for data breaches. 

from Cyber Security News https://ift.tt/2RcSvaP

N.Y. Senator Carlucci Introduces Bill That Prohibits Paying Ransom

New York Senator David Carlucci introduced Senate Bill S7289 that would ban the paying of ransom.

from Cyber Security News https://ift.tt/2RBZZmQ

City of New Orleans Will Take Months to Recover From Cyber Attack

The City of New Orleans says the recent cyber attack on its networks will cost more than seven million dollars.

from Cyber Security News https://ift.tt/37jW1WI

Hacker Publishes Telnet Credentials for More Than 515,000 Servers, Routers, IoT Devices

A hacker has published a list of Telnet credentials for more than 515,000 servers, home routers and IoT (Internet of Things) "smart" devices.

from Cyber Security News https://ift.tt/2TC3a0q

Tax Themed Phishing Attack Targeting ADP Users

A tax themed email phishing campaign is targeting ADP users. 

from Cyber Security News https://ift.tt/30D7Apf

Equifax Settles 2017 Data Breach for $1.38 Billion

A class action settlement has been proposed in a case against Equifax Inc., relating to the data breach that Equifax announced in September 2017, which affected approximately 147 million U.S. consumers. 

from Cyber Security News https://ift.tt/3ascwSp

Weak Passwords Caused 30% of Ransomware Infections in 2019

Weak passwords were one of the most common cybersecurity vulnerabilities in 2019, causing 30% of ransomware infections in 2019.

from Cyber Security News https://ift.tt/368k7Sz

NIST Releases Version 1.0 of Privacy Framework

NIST released Version 1.0 of the NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management. 

from Cyber Security News https://ift.tt/2GjNR4N

The Citadel in Charleston Receives $2.8 Million Cybersecurity Grant

The Citadel will harness a new $2.8 million National Science Foundation (NSF) grant to create the state’s first CyberCorps Scholarship for Service (SFS) program.

from Cyber Security News https://ift.tt/2R9Gwe7

Enterprise Cybersecurity: Three Topics to Discuss With Your CISO

It is becoming clear that enterprise security depends not only on implemented solutions, but also on how well-tuned internal processes are in terms of communication between departments, hiring, training of personnel and budgeting.

from Cyber Security News https://ift.tt/378hH88

SANS to Host Cybersecurity Training at San Francisco Event

SANS Institute announced SANS San Francisco Spring 2020, taking place March 16-27 in California.

from Cyber Security News https://ift.tt/363f9GI

Adult Site Leaks 875,000 Extremely Sensitive Records

The vpnMentor cybersecurity research team, led by Noam Rotem and Ran Locar, have uncovered a leaking S3 Bucket with 19.95GB of visible data on a Virginia-based Amazon server, belonging to an adult site. 

from Cyber Security News https://ift.tt/30tRTAB

56.25 Million US Residents Records Exposed on Chinese Server

A database containing the personal details of 56.25 million U.S. residents was exposed online. The database reportedly belongs to the CheckPeople.com website. 

from Cyber Security News https://ift.tt/2FVUzxv

How to Decide on Your Company’s IT Security Budget

How do different companies plan their IT security spending, and what we can learn from these approaches?

from Cyber Security News https://ift.tt/2Nzdt1n

James Sample Named CSO at Xcel Energy

Xcel Energy announced that James W. Sample will join the company as Vice President, Chief Security Officer.

from Cyber Security News https://ift.tt/2spOxSy

NSA Discovered Critical Vulnerability Affecting Windows 10

The National Security Agency (NSA) discovered a critical vulnerability (CVE-2020-0601) affecting Microsoft Windows®1 cryptographic functionality.

from Cyber Security News https://ift.tt/36W56EX

PayPal Confirms Password Vulnerability

A security researcher discovered a high-severity bug affecting PayPal’s most visited pages: the login form.

from Cyber Security News https://ift.tt/2FR2ZGn

Survey Says a Higher Percentage of Companies Have Been Targeted by Nation-State Hackers

A report has found that more than one in four respondents attribute attacks against their organization to cyberwarfare or nation-state activity. In 2018, 19% of organizations believed they were attacked by a nation-state.

from Cyber Security News https://ift.tt/389vj2M

Vertical Maturity and DevOps Culture With BSIMM10

If you’re in business today, no matter what your “core” product or service is, you are almost certainly a software company. It is nearly impossible to run a business without it. That means you should know about the Building Security In Maturity Model—better, and more conveniently, known as the BSIMM.

from Cyber Security News https://ift.tt/3akUFge

Cyber Leads Global Business Risks for First Time: Allianz Risk Barometer 2020

For the first time ever, Cyber incidents ranks as the most important business risk globally in the ninth Allianz Risk Barometer 2020, relegating perennial top peril Business interruption (BI) to second place.

from Cyber Security News https://ift.tt/35TZw4v

How to Decide your Company’s IT Security Budget

Global spending on information security products and services has been on the rise for years. According to Gartner, budgets have grown from $114 billion in 2018 to a forecasted growth of more than $124 billion in 2019.

from Cyber Security News https://ift.tt/2uIsFTc

How Small Businesses Can Improve Cybersecurity Without Breaking the Bank

While organizations of all sizes have benefited from the efficiencies and conveniences of taking their business digital, it’s not without risks. Cybersecurity in today’s hyperconnected world is a necessity for large, medium and small businesses alike. Smaller businesses may be more prone to cyberattacks as they typically have fewer resources dedicated to cybersecurity. 

from Cyber Security News https://ift.tt/2To3f7S

CCPA Update: Analyzing Articles 5 and 6 of the AG’s Proposed Regulations

In a prior article, we analyzed Articles 1 through 4 of the California Attorney General’s proposed California Consumer Privacy Act (“CCPA”) regulations. This article discusses Article 5 (Special Rules Regarding Minors) and Article 6 (Non-Discrimination). The CCPA went into effect on January 1, 2020, which means that businesses should, at a minimum, be updating their online privacy policies and accepting and responding to consumer requests. 

from Cyber Security News https://ift.tt/30iFdN1

Microsoft Stops Supporting Windows 7, Leaving Millions of Users at Risk of Cyberattacks

After 10 years, support for Windows 7 will stop today, January 14, 2020. 

from Cyber Security News https://ift.tt/2FOj4fV

Phishing Scam Cost Manor, Texas ISD $2.3 Million

A school district in Manor, Texas, was caught in a phishing email scam that cost $2.3 million in losses. 

from Cyber Security News https://ift.tt/382fCu9

Vermont Bill Would Ban Cellphone Use for Anyone Under Age 21

Vermont Sen. John Rodgers has introduced legislation to ban the use of cellphones for anyone under the age of 21. 

from Cyber Security News https://ift.tt/37Y9iE4

Legislation Passed to Build National 5G Strategy & Protect US Telecommunications Networks

The U.S. House of Representatives has passed a bipartisan bill that would build a national strategy to protect 5G telecommunications systems in the United States and among U.S. allies.

from Cyber Security News https://ift.tt/2TjO4N4

Stanford Students Win International Cybersecurity Competition

A team of Stanford students took the top prize at a recent international cybersecurity hacking competition.

from Cyber Security News https://ift.tt/2ThmAHN

Four Ways to Achieve a Zero Trust Security Model

Put 2019 in the record books — for cybercrime, that is. 

from Cyber Security News https://ift.tt/384qDLQ

NJ Cybersecurity and Communications Integration Cell Predicts New Cyber Threat Landscape in 2020

As we begin a new year and decade, the cyber threat landscape presents both existing and new threats, trends and techniques.

from Cyber Security News https://ift.tt/2QJ0pZs

Cybercriminals Target Star Wars Fans in Social Engineering Campaign

Cybercriminals targeted Star Wars fans in a recent phishing campaign designed to steal credit card data by enticing fans with an early movie screening. 

from Cyber Security News https://ift.tt/2tQ60DX

SIA Announces Winners of the 2020 SIA RISE Scholarship

The Security Industry Association (SIA) has selected five recipients for the 2020 SIA RISE Scholarship, a program offered through SIA’s RISE community of young security professionals that supports the education and career development goals of young industry talent.

from Cyber Security News https://ift.tt/3088lXh

Cyber Incidents: The Human Factor

Apparently, we are getting in our own way when it comes to advancing cybersecurity. According to a leading 2018 study by the Ponemon Institute LLC (sponsored by IBM), the three primary causes of data breaches were malicious or criminal attack, system glitch and human error. While the study reports that the length of time to identify and contain, and the cost, were lower for data breaches caused by human error as opposed to the other categories, it is an issue that nearly 27 percent of data breaches are caused by human error.

from Cyber Security News https://ift.tt/37PCqNH

The Evolution of Artificial Intelligence as a System

Artificial Intelligence (AI) rests on the verge of transforming both business and society. Financial firm UBS forecasts that next year, the AI market will be worth $12.5 billion due to huge improvements and broader adoption of the technology. And BCG Henderson Institute found that though most leaders have not yet seen significant impact from their AI initiatives, they firmly expect to within the next five years.

from Cyber Security News https://ift.tt/2T8c0CN

Developing Comprehensive Cyberinsurance for Tomorrow’s Cities - Today

Late last year, it was announced that the major aluminum manufacturing firm, Norsk Hydro AS, received a $3.6 million cyberinsurance payout – the first around highly publicized, extensive cyber breach of March 2019. The large ransomware attack struck the company’s U.S. facilities – before spreading throughout the company, resulting in millions of dollars lost – destabilizing Norsk Hydro’s operations until the summer months. The payout covered merely six percent of the multi-million-dollar costs created by the incident and its aftermath. 

from Cyber Security News https://ift.tt/39XBwk3

Google Announce's Project Zero's Full 90-Day Disclosure Policy

Google has announced that its Project Zero disclosure guidelines are changing for 2020. 

from Cyber Security News https://ift.tt/2FzCbuk

Texas Agencies Seeing 10,000 Attempted Cyber Attacks per Minute From Iran

Texas Governor Greg Abbott says that as many as 10,000 attempted attacks per minute from Iran had been detected over the past two days on state agency networks. 

from Cyber Security News https://ift.tt/37NAQfk

Consumers Prefer Biometric Authentication to Passwords

Passwords are a double-edged sword: they are meant to protect information, but they are also frustrating with so many to remember and manage.

from Cyber Security News https://ift.tt/36CQBWk

NIST Releases Second Draft of Recommendations for IoT Device Manufacturers

NIST has released the second public draft of NISTIR 8259, "Recommendations for IoT Device Manufacturers: Foundational Activities and Core Device Cybersecurity Capability Baseline."

from Cyber Security News https://ift.tt/35Eef3g

U.S. Conference of Mayors's Vision for 2020 Focuses on Technology

The U.S. Conference of Mayors has released its Mayors’ Vision for America: A 2020 Call to Action, which revolves around technology to help improve critical infrastructure and protect citizens.

from Cyber Security News https://ift.tt/35BtUjX

London Stock Exchange Denies Cyber Attack Triggered Major Trading Outage

The London Stock Exchange denies that a cyber attack was responsible for a trading outage in August. U.K. security agencies are reportedly investigating the cause of the incident.

from Cyber Security News https://ift.tt/2FuDPgq

CISA Releases Iranian Threat Profile and Activity Report

The Cybersecurity and Infrastructure Security Agency (CISA) has released a threat profile of Iran after recent and increased Iran-U.S. tensions.

from Cyber Security News https://ift.tt/303M7pm

German Bicycle Manufacturer Targeted by Cyberattack

Canyon Bicycles GmbH recently announced that its online business was targeted by a cyberattack. 

from Cyber Security News https://ift.tt/2T0qdl7

Facebook Targets Misinformation, Issues Rules on "Deepfake" Videos

Facebook is strengthening their policy toward misleading manipulated videos that have been identified as "deepfakes."

from Cyber Security News https://ift.tt/2sMENlM

Pulse Secure VPN Servers Targeted by REvil (Sodinokibi) Ransomware

Pulse Secure VPN servers are being targeted by cybercriminals who use the REvil (Sodinokibi) ransomware to extort large organizations.

from Cyber Security News https://ift.tt/2QywHWR

Adaptation Is Key to Determining Network Resilience in Cyberattacks, study finds

A new study shows that traditional markers of a computer network's resilience are not solely effective in determining its ability to accomplish missions.

from Cyber Security News https://ift.tt/2SYd5gA

Xiaomi Mijia Camera Picking Up Strangers' Camera Feeds

A Xiaomi Mijia camera user discovered a security breach after he was able to see still images from other random peoples' homes when trying to stream content from his camera to a Google Nest Hub.

from Cyber Security News https://ift.tt/39CAERM

VISA Alerts to Cyber Attacks on Gas Pump PoS Systems

VISA has issued an alert that the point-of-sale (POS) systems of North American fuel dispenser merchants are under an increased threat of being targeted by cybercrime groups that have ties to top tier cybercrime underground carding shops.

from Cyber Security News https://ift.tt/36uAIBc

US Government Agency Website Breached By 'Iranian' Hackers

A group claiming to be hackers from Iran defaced the website of an U.S. government agency and posted messages vowing revenge for the death of top military commander Qassem Suleimani.

from Cyber Security News https://ift.tt/2tyVYHk

LifeLabs Faces Lawsuits After Data Breach

LifeLabs now faces two class action lawsuits due to a recently identified a cyber-attack that possibly affects 15 million customers. 

from Cyber Security News https://ift.tt/2QlHT9a

Chicago Healthcare Provider Sinai Health System Hit With Data Breach

Sinai Health System, a Chicago-based healthcare provider, has been hit with a data breach.

from Cyber Security News https://ift.tt/2FjHz4k

US Coast Guard Hit With Ryuk Ransomware

Ryuk ransomware has struck a facility belonging to the U.S. Coast Guard (USCG), affecting industrial control systems, security cameras and more, according to the USCG.

from Cyber Security News https://ift.tt/2QKYoKL

Hospitality Company Landry's Inc. Identifies Malware On Payment System

Landry's, Inc., an American, privately owned, multi-brand dining, hospitality, entertainment and gaming corporation, has reported that it identified malware on its payment processing system. 

from Cyber Security News https://ift.tt/2rRWmAm

SAIC to Offer 10 Scholarships to Veterans Pursuing Cybersecurity Careers

Science Applications International Corp. (SAIC) is now accepting applications for its CyberWarrior™ Scholarship. In collaboration with (ISC)2, the Center for Cyber Safety and Education, the scholarship program provides military veterans with career development opportunities to help meet the national need for qualified cybersecurity professionals.

from Cyber Security News https://ift.tt/2Fgw1yZ