The novel coronavirus has forever changed how and where we work. As many organizations adopt new solutions and collaboration tools (e.g., Microsoft Teams, Slack or Zoom) to accommodate employees and customers during this critical period, such fast-paced digital transformation has also exposed several shortcomings associated with our remote workforce’s home networks and routers.
The Duesseldorf University Clinic in Germany was hit by a ransomware attack last week that forced staffers to direct emergency patients elsewhere. The cyberattack “crippled the entire IT network of the hospital." As a result, a woman seeking emergency treatment for a life-threatening condition died after she had to be taken to another city for treatment, according to several outlets.
Ninety-three percent of IT leaders surveyed said that their organization had suffered data breaches through outbound email in the last 12 months. On average, the Egress 2020 Outbound Email Data Breach Report found, an email data breach happens approximately every 12 working hours.
The time it takes to get engineers onsite (52% in the US and 42% globally), inadequate network monitoring (41% in the US and 36% globally) and a lack of in-house skill (40% in both the US and globally) are among the biggest challenges organizations face in resolving a network outage quickly, according to a recent study commissioned by Opengear, a Digi International company.
Digital Shadows has analyzed the cybercriminal marketplace landscape following the Empire Market exit scam. The company’s research has identified a number of currently available dark web marketplaces popular within the cybercriminal community. Noting the impact of the closure of Empire Market, some marketplaces, such as Icarus Market, have seen a major spike in listings, from 25,000 to 35,000 in the last month.
The Department of Homeland Security has awarded $10 million to 29 select projects to support the development of a nationwide Terrorism and Targeted Violence Prevention (TVTP) Framework. These awards were made through a competitive process under the Fiscal Year 2020 Targeted Violence and Terrorism Prevention Grant Program.
New York Attorney General Letitia James announced a settlement with Dunkin’ Brands, Inc. (Dunkin’) — franchisor of Dunkin’ Donuts — resolving a lawsuit over the company’s failure to respond to successful cyberattacks that compromised tens of thousands of customers’ online accounts.
The fallout from the Schrems II judgment continued with an announcement from Switzerland’s Federal Data Protection and Information Commissioner (FDPIC) that the Swiss-US Privacy Shield regime “does not provide an adequate level of protection for data transfer from Switzerland to the US pursuant to [Switzerland’s] Federal Act on Data Protection (FADP).”
Compliance regulators don’t take days off – not even in a pandemic. Faced with steep penalties for non-compliance and potential reputational damage, organizations are being forced to rethink their compliance strategies to account for new and emerging risks. For digital businesses today, the best place to start is by assessing how systems should be good enough, understand how data integrity is currently being managed, identifying any compliance hazards or gaps, and considering how automation can help address them.
On August’s Patch Tuesday, Microsoft closed several vulnerabilities, among them CVE-2020-1472, known as Zerologon. Secura's security expert Tom Tervoort discovered the vulnerabilty and recently explained in a blog why the vulnerability is so dangerous.
