Businesses can see "productivity scores" for users of Microsoft 365 and Office 365 products (Source: Microsoft)

Productivity Tools May Be Monitoring Workers' Productivity

Mathew J. Schwartz • November 27, 2020

Warning to workers: Your productivity tools may also be tracking your workplace productivity, and your bosses may not even know it. But as more workplace surveillance capabilities appear, legal experts warn that organizations must ensure their tools do not violate employees' privacy rights.

Anti-Phishing, DMARC

Global Financial Industry Facing Fresh Round of Cyberthreats

Latest

Cybercrime

EU Law Enforcement Prevents $47.5 Million in Payment Fraud

Akshaya Asokan • November 27, 2020

Europol, along with the other law enforcement agencies in Europe, prevented payment fraud losses of $47.5 million by targeting fraudsters that were selling stolen card data on darknet websites known as card shops.

Cybercrime

Rise of the Bots: Criminal Attacks Grow More Automated

Mathew J. Schwartz • November 27, 2020

Criminals continue to rely on automated bots for phishing attacks, web scraping, credential stuffing and more. But while gangs previously needed to amass large, powerful botnets to be effective, now they need relatively few devices, says Group-IB CTO Dmitry Volkov.

Business Continuity Management / Disaster Recovery

COVID-19 Latest: 'We Are Really Struggling'

Tom Field • November 27, 2020

It took 100 days for the world to record its first 1 million COVID-19 infections. A week ago, 1 million cases were added in just over one day. In advance of the Thanksgiving break, pandemic expert Regina Phelps shares insights on the virus, testing and how soon we might see vaccines.

3rd Party Risk Management

Government Watchdog Calls for 5G Cybersecurity Standards

Prajeet Nair • November 27, 2020

The U.S. Government Accountability Office is urging policymakers to adopt coordinated cybersecurity monitoring of 5G networks, to ensure a safe rollout of the new technology.

Business Continuity Management / Disaster Recovery

Hot Cybercrime Trend: Enterprise-Scale Ransomware Hits

Anna Delaney • November 27, 2020

The latest edition of the ISMG Security Report features an analysis of how cybercriminals are ditching banking Trojans in favour of ransomware attacks. Also featured: Defending against deepfakes; supporting a dispersed workforce.

Device Identification

Gone in 120 Seconds: Flaws Enable Theft of Tesla Model X

Jeremy Kirk • November 26, 2020

Two vulnerabilities in Tesla's keyless entry system allowed researchers to clone a key fob and drive away with a Model X. The electric vehicle manufacturer is issuing over-the-air updates to fix the flaws, which allegedly center on a failure to validate firmware updates and a faulty Bluetooth pairing protocol.

Business Continuity Management / Disaster Recovery

FBI Warns of Uptick in Ragnar Locker Ransomware Activity

Prajeet Nair • November 25, 2020

The FBI has sent out a private industry alert warning about an increase in attacks using Ragnar Locker ransomware. The operators behind this crypto-locking malware have recently targeted companies that include EDP, Campari and Capcom, researchers note.

Governance & Risk Management

Linux Botnet Disguises Itself as Apache Server

Prajeet Nair • November 25, 2020

The latest Linux version of the Stantinko botnet is designed to disguise the malware as an Apache server to help better avoid security tools and remain hidden, according to Intezer Labs.

Endpoint Security

UK Telecommunications Security Bill Would Ban Huawei

Mathew J. Schwartz • November 24, 2020

The Telecommunications Security Bill introduced by the British government aims to set enforceable, minimum security standards for the nation's telecommunications providers, backed by penalties, including for any company that opted to use equipment from high-risk providers such as China's Huawei.

Cyberwarfare / Nation-State Attacks

Biden Reveals Picks to Head DHS, Intelligence

Scott Ferguson , Doug Olenick • November 23, 2020

President-elect Joe Biden on Monday announced that two former Obama-era officials are his nominees to head the U.S. Department of Homeland Security and the Office of Director of National Intelligence.

Fraud Management & Cybercrime

Bill Looks to Close Federal Cybersecurity Loopholes

Doug Olenick • November 23, 2020

Sen. Ron Wyden, D-Ore., and Rep. Lauren Underwood, D-Ill., have introduced a bill designed to patch loopholes in the Federal Cybersecurity Enhancement Act of 2015 that they say allow federal agencies to easily avoid implementing required cybersecurity procedures.

Business Continuity Management / Disaster Recovery

From St. Louis to France, Ransomware Victim List Expands

Mathew J. Schwartz • November 23, 2020

Ransomware continues to pummel many types of organizations, recently including South Korea's E-Land retail group, French newspaper Paris-Normandie and a Georgia county school system. A ransomware hit against hosting giant Managed.com has resulted in ongoing site outages for numerous others.