Privacy in critical care after telehealth demands jump
As coughs and body aches drive anxious Americans to telemed services in record numbers, relieving the burden on medical facilities stressed to breaking with COVID-19 cases, the subsequent relaxation of privacy requirements puts them at risk of PHI compromises,...
New Marriott data breach impacts 5.2 million guests
Previously burned by a hack of its Starwood reservations system, Marriott International on Tuesday disclosed another major data breach, this one affecting 5.2 million of its guests.
According to the Bethesda, Md.-based hospitality giant, the source of the breach was an...
Coalition of nonprofits push to secure remote workforce
While work from home (WFH) ostensibly protects workers safe from COVID-19, it has exposed them and their companies to a bevy of cybersecurity risks – now a coalition of 13 nonprofit organizations are offering if not a cure, then...
2020 Vision: Cybersecurity through a business lens
Over the
coming years organizations will experience growing disruption as threats from
the digital world have an impact on the physical. Invasive technologies will be
adopted across both industry and consumer markets, creating an increasingly
turbulent and unpredictable security environment. The requirement for...
GOP canvassing app credentials exposed in code repository
Access credentials for Campaign Sidekick app, used by Republican
campaigns for voter contacts, surveys and canvassing, were exposed in a code
repository within a publicly accessible .git directory, a version control
system that records code base changes during software development so that
developers...
Sale of Dharma ransomware source code draws hackers’ scrutiny, but the price is right
An unidentified party has reportedly placed the source code for Dharma ransomware up for sale on at least two Russian hacker forums, adding a formidable new competitor to an already crowded underground market.
And while cybercriminals have met the offer...
Zero-day vulnerabilities used against DrayTek routers and switches
Two zero-day vulnerabilities were being used by two different groups to infiltrate DrayTek Vigor enterprise routers and switch devices, enabling the attackers to access traffic and install backdoors.
The invasive action was noticed first on Dec. 4, 2019 by NetLab...
Adobe patches critical flaw in Creative Cloud
Adobe issued
a security advisory and patch for Creative Cloud Desktop Application version 5.0
and earlier for Windows.
The advisory was issued late last week and centers on a single critical vulnerability, CVE-2020-3808, which is a time-of-check to time-of-use race condition that...
Working From Home in the Age of COVID-19
All of us have seen or issued guidance that looks something
like this: “We are committed to doing our part to stem the spread of the
COVID-19 virus. Consistent with guidance from the World Health Organization,
the U.S. Centers for Disease Control...
Cybersecurity super group swoops in to fight COVID-19 related hacks
You don’t tug on Superman’s cape, you
don’t spit into the wind, you don’t pull the mask off the old Lone Ranger and,
with apologies to Jim Croce, you don’t mess around with medical and healthcare organizations
battling the coronavirus pandemic, or...
Best Buy gift cards, USB drive used to spread infostealer
Everyone wants to receive a free $50 Best Buy gift card and USB drive in the mail, but as the saying goes, nothing is ever truly free.
A cybercriminal gang has put together a unique attack profile based on this...
Ransomware attacks vs Kimchuk, Visser reveal supply chain threat to DOD
The operators behind DoppelPaymer ransomware reportedly attacked electronics manufacturer Kimchuk earlier this month, disrupting the company’s operations and stealing sensitive data that they have been publishing online as part of an extortion plot.
Meanwhile, the cybercriminal outfit has continued to...
SC Media’s complete coverage: Threat and Preparation
The novel coronavirus is challenging organizations on all fronts. Leaders must contend not only with cyberattackers leveraging COVID-19, but also employee, customer and partner concerns, and business continuity and risk management planning. Visit this page for ongoing updates to coverage...
Maze ransomware group claims Chubb as victim
In the middle of a pandemic, insurance
companies are likely targets for cyberattackers so it’s not surprising that
Chubb this week reportedly found itself a victim of the Maze ransomware’s operators,
who encrypted the company’s files.
The group put a notice on its...
Default exploited by ‘Zoom bombers’ could by used by cybercrooks
The same default setting that allows attackers to “Zoom bomb” schoolchildren or remote workers meeting online with racist and pornographic content could be used to by cybercriminals to unleash their malicious bag of tricks during the COVID-19 pandemic.
“An attacker...
Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy
About 10 compromised websites employ a multi-stage, targeted effort to fingerprint and compromise victims.
OpenWRT is vulnerable to attacks that execute malicious code
Enlarge (credit: OpenWRT)
For almost three years, OpenWRT—the open source operating system that powers home routers and other types of embedded systems—has been vulnerable to remote code-execution attacks because updates were delivered over an unencrypted channel and digital...
Privacy in critical care after telehealth demands jump
As coughs and body aches drive anxious Americans to telemed services in record numbers, relieving the burden on medical facilities stressed to breaking with COVID-19 cases, the subsequent relaxation of privacy requirements puts them at risk of PHI compromises,...
Zoom’s privacy problems are growing as platform explodes in popularity
Enlarge / Zoom's San Jose, Calif., headquarters looks like a lovely place to be socially distanced from. (credit: Smith Collection | Gado | Getty Images)
We have several more weeks, if not several more months, to go in...
FBI warns about Zoom bombing as hijackers take over school and business video conferences
Teleconferences are being disrupted by internet trolls shouting profanity and racist remarks and posting pornographic and hate images.
