Latest

►

Anti-Phishing, DMARC

FBI on China, Election Security and Impact of COVID-19

Tom Field  •  August 8, 2020

The day after President Trump issued executive orders to ban Chinese-owned social media apps TikTok and WeChat, Sanjay Virmani of the FBI's San Francisco office shared insight on the Chinese cyber threat, election security and crime trends in the wake of COVID-19.

Cyberwarfare / Nation-State Attacks

The Debate Over Trump 'Ban' of TikTok, WeChat

Doug Olenick  •  August 7, 2020

President Donald Trump's executive order banning the Chinese-owned TikTok and WeChat apps could prove to be unenforceable, some privacy and security specialists say. But some Republican lawmakers hailed the move, citing the national security risks posed by the apps.

►

Anti-Money Laundering (AML)

Using Machine Learning to Fight Money Laundering

Suparna Goswami  •  August 7, 2020

Machine learning can play a significant role in mitigating money laundering risks, says Andy Gandhi, managing director, data risk and compliance at the consultancy Alvarez and Marsal.

Application Security

Analysis: Hijacking of Twitter Hacker's Virtual Hearing

Anna Delaney  •  August 7, 2020

The latest edition of the ISMG Security Report analyzes the hijacking of a virtual court hearing in the Twitter hacking case. Also featured: Why network segmentation is more important than ever; update on Windows print spooler vulnerability.

Cybercrime

Exploring the Forgotten Roots of 'Cyber'

Mathew J. Schwartz  •  August 7, 2020

One day, you may drive your Tesla Cybertruck on Cyber Monday to your cybersecurity job, backed by a cyber insurance policy as you safeguard cyberspace against the threat of cyberwar. Or cyber whatever, since we've obviously entered the era of "maximum cyber." But what does cyber even mean?

3rd Party Risk Management

Election Security: A Harsh Assessment

Akshaya Asokan  •  August 6, 2020

A security researcher says voting equipment in the U.S. is still riddled with security flaws that opportunistic foreign adversaries could use to pose a threat to the November election. Meanwhile, the director of CISA calls Russian ransomware attacks one of the biggest threats to the election.

Fraud Management & Cybercrime

Canon USA Websites Offline Following Cyber Incident

Prajeet Nair  •  August 6, 2020

Several Canon USA corporate websites remained offline Friday after the company reportedly sustained a ransomware attack. Earlier, the imaging company reported user data was missing from a cloud database.

Endpoint Security

Twitter Rushes to Fix Flaw in Android Version

Chinmay Rautmare  •  August 6, 2020

Twitter rushed out a fix for a flaw in the Android version of its social media platform that could have allowed hackers to access user data, including within the direct message feature. The news comes as more details have emerged about a recent Twitter hacking incident.

Endpoint Security

Garmin Reportedly Paid a Ransom

Doug Olenick  •  August 5, 2020

Garmin, a fitness tracker and navigation device firm, apparently paid a ransom to recover from a July 23 security incident that encrypted several of its systems, according to two news reports as well as expert analysis. The company says it's still experiencing 'temporary limitations" on services.

Endpoint Security

How WastedLocker Evades Anti-Ransomware Tools

Prajeet Nair  •  August 5, 2020

WastedLocker, a ransomware strain that reportedly shut down Garmin's operations for several days in July, is designed to avoid security tools within infected devices, according to a technical analysis from Sophos.

Governance & Risk Management

A Flaw Used by Stuxnet Wasn't Fully Fixed

Jeremy Kirk  •  August 5, 2020

Vulnerabilities in the Microsoft Windows print spooler, an aging but important component, will be discussed at the Black Hat security conference on Thursday. The vulnerabilities are rooted in patches that Microsoft created to fix issues exploited by Stuxnet, the malware that hampered Iran's nuclear program.

Endpoint Security

FBI Warns of Serious Risks Posed by Using Windows 7

Akshaya Asokan  •  August 5, 2020

The FBI is warning organizations that are still using Microsoft Windows 7 they are in danger of attackers exploiting vulnerabilities in the unsupported operating system to gain network access. The agency points to an uptick in such attack attempts.