COVID-19 Crisis: How to Manage VPNs

Suparna Goswami • March 30, 2020

Security practitioners around the world are struggling to cope with the challenges posed by remote workers heavily relying on virtual private networks during the Covid-19 pandemic. Here's a look at steps to take to help enhance security.

Business Continuity Management / Disaster Recovery

California Modifies Consumer Privacy Regulations - Again

Latest

Cybercrime

FBI: Cybercrime Gang Mailing 'BadUSB' Devices to Targets

Mathew J. Schwartz • March 30, 2020

The FBI warns that the notorious FIN7 cybercrime gang has a new trick up its sleeve: Mailing victims a $50 gift card portrayed as good for redeeming items listed on an accompanying USB storage device, which in reality downloads Griffon backdoor software to give attackers remote access.

Business Continuity Management / Disaster Recovery

COVID-19 and the Human Side of Cybersecurity Leadership

Tom Field • March 30, 2020

When securing the remote workforce, it's important to be mindful of the human challenges - educating children, caring for elders and dealing with the barrage of COVID-19 news, says Microsoft's Diana Kelley, who shares insights on balancing cybersecurity and compassion.

Audit

Zoom Stops Transferring Data by Default to Facebook

Jeremy Kirk • March 30, 2020

Zoom has apologized for sharing large sets of user data by default with Facebook, blaming the social network's software development kit, which it has removed from its iOS app. With COVID-19 driving unprecedented levels of remote working, video conferencing software is under the privacy and security microscope.

Endpoint Security

Will 5G Networks Inherit Vulnerabilities in 4G Networks?

Akshaya Asokan • March 30, 2020

If vulnerabilities in 4G cellular networks that can expose them to denial-of-service and other attacks are not addressed, emerging 5G networks could inherit these same issues, the security firm Positive Technologies reports.

Electronic Healthcare Records

Coalition Formed to Address COVID-19 Crisis

Marianne Kolbasuk McGee • March 27, 2020

More than two dozen healthcare organizations and technology firms have formed a coalition to help address the COVID-19 crisis by using secure information sharing and data analysis. But observers warn the group must devote enough attention to privacy and security issues.

Business Continuity Management / Disaster Recovery

Analysis: Russia's COVID-19 Disinformation Campaign

Nick Holland • March 27, 2020

The latest edition of the ISMG Security Report analyzes how and why Russia is spreading disinformation about the COVID-19 pandemic. Plus: the latest CCPA regulation updates; a CISO's tips on securely managing a remote workforce.

Cybercrime

Chinese Cyber Espionage Continues Despite COVID-19

Akshaya Asokan • March 26, 2020

Despite the global COVID-19 pandemic, which started in China, Chinese cyber espionage campaigns are continuing, with a new campaign from one APT group targeting at least 75 enterprises in 20 countries, according to the security firm FireEye.

Governance & Risk Management

Microsoft to Pause Non-Essential Software Updates

Mathew J. Schwartz • March 26, 2020

Microsoft has announced that it will pause all non-essential updates for Windows, while both Google and Microsoft have said their Chrome and Edge browsers will, for now, receive only stability and security updates. The moves come as IT teams are continuing to respond to the ongoing fallout of the COVID-19 pandemic.

Active Defense & Deception

Reduce Dwell Time of Advanced Threats With Deception

Varun Haran • March 26, 2020

Using deception technologies can impose a cost on cybercriminals and help reduce dwell times and increase visibility, says Acalvio CEO Ram Varadarajan.

Endpoint Security

The Best of RSA Conference 2020

Information Security Media Group • March 25, 2020

At RSA Conference 2020 in San Francisco, Information Security Media Group's editorial team conducted more than 130 video interviews with industry thought leaders. Here are the highlights.

3rd Party Risk Management

COVID-19 and the CISO: Jim Routh on Leadership

Tom Field • March 25, 2020

At its core, cybersecurity is about applying scarce resources to the highest risk. And nothing quite puts that tenet to the test like the COVID-19 pandemic. Jim Routh, CISO of MassMutual, discusses the challenges of managing a remote workforce and third-party relationships during this crisis.

Cybercrime

FBI Shutters Alleged Russian Cybercriminal Forum

Scott Ferguson • March 25, 2020

The FBI this week seized the domain of Deer.io, which federal authorities describe as a clearinghouse for stolen data and cybercriminal services operating from Russia. The alleged administrator of the now-shuttered site has been arrested and charged.