Tuesday, March 31, 2020
SC Magazine

Privacy in critical care after telehealth demands jump

As coughs and body aches drive anxious Americans to telemed services in record numbers, relieving the burden on medical facilities stressed to breaking with COVID-19 cases, the subsequent relaxation of privacy requirements puts them at risk of PHI compromises,...
SC Magazine

New Marriott data breach impacts 5.2 million guests

Previously burned by a hack of its Starwood reservations system, Marriott International on Tuesday disclosed another major data breach, this one affecting 5.2 million of its guests. According to the Bethesda, Md.-based hospitality giant, the source of the breach was an...
SC Magazine

Coalition of nonprofits push to secure remote workforce

While work from home (WFH) ostensibly protects workers safe from COVID-19, it has exposed them and their companies to a bevy of cybersecurity risks – now a coalition of 13 nonprofit organizations are offering if not a cure, then...
SC Magazine

2020 Vision: Cybersecurity through a business lens

Over the coming years organizations will experience growing disruption as threats from the digital world have an impact on the physical. Invasive technologies will be adopted across both industry and consumer markets, creating an increasingly turbulent and unpredictable security environment. The requirement for...
SC Magazine

GOP canvassing app credentials exposed in code repository

Access credentials for Campaign Sidekick app, used by Republican campaigns for voter contacts, surveys and canvassing, were exposed in a code repository within a publicly accessible .git directory, a version control system that records code base changes during software development so that developers...
SC Magazine

Sale of Dharma ransomware source code draws hackers’ scrutiny, but the price is right

An unidentified party has reportedly placed the source code for Dharma ransomware up for sale on at least two Russian hacker forums, adding a formidable new competitor to an already crowded underground market. And while cybercriminals have met the offer...
SC Magazine

Zero-day vulnerabilities used against DrayTek routers and switches

Two zero-day vulnerabilities were being used by two different groups to infiltrate DrayTek Vigor enterprise routers and switch devices, enabling the attackers to access traffic and install backdoors. The invasive action was noticed first on Dec. 4, 2019 by NetLab...
SC Magazine

Adobe patches critical flaw in Creative Cloud

Adobe issued a security advisory and patch for Creative Cloud Desktop Application version 5.0 and earlier for Windows. The advisory was issued late last week and centers on a single critical vulnerability, CVE-2020-3808, which is a time-of-check to time-of-use race condition that...
SC Magazine

Working From Home in the Age of COVID-19

All of us have seen or issued guidance that looks something like this: “We are committed to doing our part to stem the spread of the COVID-19 virus. Consistent with guidance from the World Health Organization, the U.S. Centers for Disease Control...
SC Magazine

Cybersecurity super group swoops in to fight COVID-19 related hacks

You don’t tug on Superman’s cape, you don’t spit into the wind, you don’t pull the mask off the old Lone Ranger and, with apologies to Jim Croce, you don’t mess around with medical and healthcare organizations battling the coronavirus pandemic, or...
SC Magazine

Best Buy gift cards, USB drive used to spread infostealer

Everyone wants to receive a free $50 Best Buy gift card and USB drive in the mail, but as the saying goes, nothing is ever truly free. A cybercriminal gang has put together a unique attack profile based on this...
SC Magazine

Ransomware attacks vs Kimchuk, Visser reveal supply chain threat to DOD

The operators behind DoppelPaymer ransomware reportedly attacked electronics manufacturer Kimchuk earlier this month, disrupting the company’s operations and stealing sensitive data that they have been publishing online as part of an extortion plot. Meanwhile, the cybercriminal outfit has continued to...
SC Magazine

SC Media’s complete coverage: Threat and Preparation

The novel coronavirus is challenging organizations on all fronts. Leaders must contend not only with cyberattackers leveraging COVID-19, but also employee, customer and partner concerns, and business continuity and risk management planning. Visit this page for ongoing updates to coverage...
SC Magazine

Maze ransomware group claims Chubb as victim

In the middle of a pandemic, insurance companies are likely targets for cyberattackers so it’s not surprising that Chubb this week reportedly found itself a victim of the Maze ransomware’s operators, who encrypted the company’s files. The group put a notice on its...
SC Magazine

Default exploited by ‘Zoom bombers’ could by used by cybercrooks

The same default setting that allows attackers to “Zoom bomb” schoolchildren or remote workers meeting online with racist and pornographic content could be used to by cybercriminals to unleash their malicious bag of tricks during the COVID-19 pandemic. “An attacker...

Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy

About 10 compromised websites employ a multi-stage, targeted effort to fingerprint and compromise victims.

OpenWRT is vulnerable to attacks that execute malicious code

Enlarge (credit: OpenWRT) For almost three years, OpenWRT—the open source operating system that powers home routers and other types of embedded systems—has been vulnerable to remote code-execution attacks because updates were delivered over an unencrypted channel and digital...
SC Magazine

Privacy in critical care after telehealth demands jump

As coughs and body aches drive anxious Americans to telemed services in record numbers, relieving the burden on medical facilities stressed to breaking with COVID-19 cases, the subsequent relaxation of privacy requirements puts them at risk of PHI compromises,...

Zoom’s privacy problems are growing as platform explodes in popularity

Enlarge / Zoom's San Jose, Calif., headquarters looks like a lovely place to be socially distanced from. (credit: Smith Collection | Gado | Getty Images) We have several more weeks, if not several more months, to go in...
TechRepublic

FBI warns about Zoom bombing as hijackers take over school and business video conferences

Teleconferences are being disrupted by internet trolls shouting profanity and racist remarks and posting pornographic and hate images.