According to the Center for Internet Security (CIS), in September 2020, three malware returned to the Top 10: CoinMiner, CryptoWall, and Emotet. The Top 10 Malware variants composed 87% of Total Malware activity in September 2020, up from 78% in August 2020.
Authentic8 released the results of its 2020 Global Financial Crimes Survey, conducted in partnership with the Association of Certified Financial Crime Specialists (ACFCS).
Following a global consultation, the Forum of Incident Response and Security Teams (FIRST) is launching new ethics guidelines for incident response and security teams on Global Ethics Day. ethicsfIRST provides guidance for cybersecurity professionals on how to conduct themselves professionally and ethically during incidents. Inspired by Earth Day, Global Ethics Day provides an opportunity for organizations to explore the meaning of ethics in international affairs.
Faced with this ransomware onslaught, organizations of all kinds need to rethink how they protect themselves. Part of that rethink means merging the need to provide better privacy protection for their employees with the necessity to protect themselves from the consequences of a ransomware attack exposing both customer and employee data. With federal agencies signaling the possibility of fines for complying with ransomware demands and the liability from exposing personally identifiable data likely to rise significantly, not doing so will soon be too costly to consider.
We recently surveyed companies across the U.S. about their current cybersecurity challenges now that many have moved to a predominantly remote workforce. Unfortunately, what we found was that most organizations are only scratching the surface when it comes to identity and access management, as they may only be addressing a fraction of what identity can provide. This is leaving many organizations exposed to data breach and compliance fines.
Remote work has left many organizations lagging in productivity and revenue due to remote access solutions. Nearly one-fifth (19%) of IT leaders surveyed said they often or always experience network performance and latency issues when using legacy remote access solutions, with an additional 43% saying they sometimes do. Those issues have resulted in a loss of productivity for 68% of respondents and a loss of revenue for 43%, according to Perimeter 81's 2020 State of Network Security Report.
Cyber criminals launched an online scam designed to trick U.K.-based retail stores' Marks and Spencer (M&S) customers into handing over confidential data by by impersonating the retailer’s CEO Steve Rowe in fraudulent, impersonated ads on Facebook.
Rapid 7 has disclosed a set of address bar spoofing vulnerabilities that affect a number of mobile browsers, ranging from the more common browsers, like Apple Safari and Opera Touch, to the less common, like Bolt Browser and RITS Browser. The announcement is a coordinated vulnerability disclosure publication with security researcher, Rafay Baloch.
Attacks within digital communications channels (like Slack, TEAMS, Twitter, Facebook, LinkedIn) have grown more targeted, more social engineering-focused, and the payloads have become "softer,” and the risks are not in files and links/IP's alone anymore. Instead, recent attacks are laser-targeted and evade traditional detection by focusing on human connections. To find out more about these “soft attacks,” we talk to Otavio Freire, CTO, President & Co-Founder SafeGuard Cyber.
The National Security Agency (NSA) has released a cybersecurity advisory on Chinese state-sponsored malicious cyber activity. This advisory provides 25 Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks.
RSS
