Virginia becomes the first state in the U.S. to permanently enact COVID-19 workplace safety and health standards. In addition to requiring all public-facing employees to wear masks, the standards ensure ready access to hand sanitizer and the regular cleaning of common work spaces. Employers must train employees on COVID-19 safety and to develop infectious disease and preparedness response plans. The new permanent regulations include guidelines for returning to work and communicating about employees who test positive and potential exposures.
The Sophos Rapid Response team published findings from its investigations into recent ransomware attacks that reveal a failure to keep close tabs on “ghost” account credentials of recently deceased employees can give cybercriminals a discreet foothold to launch an attack.
Pro-Vigil published a research report indicating that a significant number of companies have updated their security strategies in the wake of the COVID-19 pandemic. These updates coincide with 20% of survey respondents reporting an increase in physical security incidents since the start of the pandemic, and the perception among one-third of respondents that 2021 will bring an increase in these types of incidents.
As businesses continue to reopen and plan for the future, a new study conducted by Purdue University finds that an elevator ride, with the proper precautions, is safer than outdoor dining.
Google has announced that a North Korean government hacking group has targeted members of the cybersecurity community engaging in vulnerability research. The attacks have been spotted by the Google Threat Analysis Group (TAG), a Google security team specialized in hunting advanced persistent threat (APT) groups.
The 16th edition of the World Economic Forum’s Global Risks Report analyses the risks from societal fractures—manifested through persistent and emerging risks to human health, rising unemployment, widening digital divides, youth disillusionment, and geopolitical fragmentation. Among the highest impact risks of the next decade, infectious diseases are in the top spot, followed by climate action failure and other environmental risks; as well as weapons of mass destruction, livelihood crises, debt crises and IT infrastructure breakdown, the World Economic Forum says.
The report also ranked cybersecurity failure as a critical threat to the world.
A Natural Disaster Grant program from SourceAmerica will enable financial assistance stemming from natural disasters for nonprofit agencies within its network.
Due to its popularity as an embedded protocol operating in devices across the industrial control systems (ICS) domain, the Claroty Research Team decided to analyze the Open Platform Communications (OPC) for security vulnerabilities and implementation issues. In a blog, they shared some details about a number of vulnerabilities that emerged from their intensive investigation of the protocol.
NCC Group and Fox-IT have been tracking a threat group - Chimera - with a wide set of interests, from intellectual property (IP) from victims in the semiconductors industry through to passenger data from the airline industry.
U.S. cybersecurity company Malwarebytes is the latest victim in a string of attacks targeting top security firms. In a statement from the company, the hackers breached the internal systems by way of a dormant email protection product within their Office 365 tenant that allowed access to a limited subset of internal company emails.