According to Intertrust's 2020 Security Report on Global mHealth Apps, 71% of healthcare and medical apps have at least one serious vulnerability that could lead to a breach of medical data. The report investigated 100 publicly available global mobile healthcare apps across a range of categories—including telehealth, medical device, health commerce, and COVID-tracking—to uncover the most critical mHealth app threats.
The New York Attorney General’s Office (NYAG) reached a Consent and Stipulation Agreement with Dunkin’ Brands, Inc. (Dunkin), which obligates the company to implement and maintain a comprehensive information security program to protect customers’ private information. The terms of the consent agreement are similar to the terms New York reached with Zoom earlier this year regarding inadequate data security practices, and strongly resemble the reasonable security measures described in the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act).
Specops Software discovered that 41% of employees had not been provided with adequate cybersecurity training while working from home, and they were keen to discover which sectors were experiencing the most threats during this time. They found that 54% of businesses across 11 sectors have seen a rise in cybercrime threats since working from home, with phishing being the most prevalent attack.
October is National Cybersecurity Awareness Month (NCSAM), which is a collaborative effort between the Cybersecurity and Infrastructure Security Agency (CISA) and its public and private partners — including the National Cyber Security Alliance — to ensure every American has the resources they need to stay safe and secure online.
ESET researchers have analyzed a new version of Android spyware used by APT-C-23, a threat group active since at least 2017 that is known for mainly targeting the Middle East. The new spyware, detected by ESET security products as Android/SpyC23.A, builds upon previously reported versions with extended espionage functionality, new stealth features and updated C&C communication.
The Information Security Forum (ISF) has published Becoming a Next Generation CISO, the organizations latest digest which sets out the range of disciplines a next-generation Chief Information Security Officer (CISO) can be expected to master.
The Cybersecurity and Infrastructure Security Agency (CISA) has released the Telework Essentials Toolkit, a comprehensive resource of telework best practices.
Digital Shadows explored four main themes via which threat actors’ personalities or real-life identities are expressed on cybercriminal forums, providing examples they've observed over the years. This first blog looked at gender and nationality, while the second in the series examined morality and forum dynamics.
The 2020 State of Security Operations study from Forrester Consulting finds that enterprise security teams around the world continue to struggle with the growing pace, volume and sophistication of cyberattacks. The commissioned survey of over 300 enterprise security operations professionals reveals that only 46% of enterprises are satisfied with their ability to detect cybersecurity threats.
RSS
