Cybersecurity - Articles - Page 506

The state of the cybercriminal marketplace landscape following the Empire Market exit scam

September 18, 2020

Digital Shadows has analyzed the cybercriminal marketplace landscape following the Empire Market exit scam. The company’s research has identified a number of currently available dark web marketplaces popular within the cybercriminal community. Noting the impact of the closure of Empire Market, some marketplaces, such as Icarus Market, have seen a major spike in listings, from 25,000 to 35,000 in the last month.

Google bans stalkerware apps from the play store

September 18, 2020

Google has updated its Play Store rules to impose a "formal" ban on stalkerware apps.

Understanding the Distinct and Dependent Roles of Data, Privacy and Cybersecurity Professionals

CISOs struggling to prepare for upcoming security compliance audits

Survey finds CISOs highly interested in automation to address major concerns about doing more with less, preparing for audits remotely and speeding evidence collection

September 18, 2020

Shujinko announced the results of a survey of North American CISOs documenting the challenges facing security and compliance professionals preparing for a wave of upcoming audits. The survey, a joint effort between Shujinko and Pulse, found that calendars for security and compliance audits are largely unchanged despite COVID-19, yet the pandemic is straining teams as they work remotely.

Dunkin' Donuts settles data breach lawsuit

September 18, 2020

New York Attorney General Letitia James announced a settlement with Dunkin’ Brands, Inc. (Dunkin’) — franchisor of Dunkin’ Donuts — resolving a lawsuit over the company’s failure to respond to successful cyberattacks that compromised tens of thousands of customers’ online accounts.

Switzerland’s DPA concludes that Swiss-US Privacy Shield does not provide adequate level of protection

David M. Stauss

September 18, 2020

The fallout from the Schrems II judgment continued with an announcement from Switzerland’s Federal Data Protection and Information Commissioner (FDPIC) that the Swiss-US Privacy Shield regime “does not provide an adequate level of protection for data transfer from Switzerland to the US pursuant to [Switzerland’s] Federal Act on Data Protection (FADP).”

Compliance regulators don’t stop working when companies go remote

Jeff Sizemore

September 18, 2020

Compliance regulators don’t take days off – not even in a pandemic. Faced with steep penalties for non-compliance and potential reputational damage, organizations are being forced to rethink their compliance strategies to account for new and emerging risks. For digital businesses today, the best place to start is by assessing how systems should be good enough, understand how data integrity is currently being managed, identifying any compliance hazards or gaps, and considering how automation can help address them.

Can the voting process be hacked?

Carnell Council CISSP

September 17, 2020

The term "Kill Chain Methodology" or "Cyber Kill Chain" has been widely used in the world of cybersecurity to interpret the different stages involved in a cyberattack. In a nutshell, from a hacker's perspective, a kill chain is a way to illegally gain access to a network or network device via a series of progressive steps. Consequently, from a defender's perspective, every stage of this process presents an opportunity to prevent intrusions. So, what kind of systems, networks or devices can hackers exploit by employing this methodology? Let's talk about the election.

What the Zerologon vulnerability means for the state of enterprise security

September 17, 2020

On August’s Patch Tuesday, Microsoft closed several vulnerabilities, among them CVE-2020-1472, known as Zerologon. Secura's security expert Tom Tervoort discovered the vulnerabilty and recently explained in a blog why the vulnerability is so dangerous.

Siemens USA launches cybersecurity analytics lab to help protect operational technology

September 17, 2020

Siemens USA announced the launch of its technologically advanced cyber test range housed at its U.S. R&D headquarters in Princeton, New Jersey. The COVID-19 pandemic and the related increase in cyberattacks has highlighted the need for facilities such as this to focus on prevention, detection, and response solutions.

US charges 5 Chinese “Apt41” actors for hacking into more than 100 companies

September 17, 2020

U.S. federal agencies revealed criminal charges against five computer hackers, all of whom were residents and nationals of the People’s Republic of China (PRC). All were charged of computer intrusions affecting over 100 victim companies in the United States and abroad, including software development companies, computer hardware manufacturers, telecommunications providers, social media companies, video game companies, non-profit organizations, universities, think tanks, and foreign governments, as well as pro-democracy politicians and activists in Hong Kong.