The latest edition of the ISMG Security Report offers an analysis of the missteps that led to problems with the app used in this week's Democratic presidential caucuses in Iowa. Also featured: growing privacy concerns about facial recognition and business continuity tips for dealing with the coronavirus.
After winning court approval this week, the Federal Trade Commission shuttered over 200 websites that it says fraudulently claimed to offer government services, such as drivers' license renewals or verification of public benefits, for a fee.
A review of the mobile app that malfunctioned during Iowa's critical tally of the Democratic Party's caucus has uncovered a security vulnerability, ProPublica reports. Security firm Veracode says the app insecurely sends data, but it did not provide more details.
In a recently discovered phishing campaign, hackers attempted to steal victims' passwords and credentials by posing as a former Wall Street Journal reporter and sending documents with potential interview questions, according to security firm Certfa.
The coronavirus statistics are dizzying - as of Thursday, there were more than 28,000 infections and about 560 deaths. But the key stat to watch is the mortality rate, currently 2 percent, says pandemic expert Regina Phelps. How that number changes will dictate how business continuity leaders must respond.
Facebook scientists have proposed using "radioactive data" watermarks to identify when online images get used to train neural networks. The proposal appears to be aimed at the rise of big data startups, such as Clearview AI, that are scraping publicly available photographs to create facial recognition tools.
Ekans, a recently discovered ransomware variant that's designed to target industrial control systems, appears to have some of the same characteristics found in Megacortex, malware that struck several high-profile targets in 2019, according to the security firm Dragos.
Ireland's Data Protection Commission is launching an investigation into how Google uses customer data for its location services after the privacy watchdog received numerous complaints from consumer rights organizations across the European Union.
Australian transportation and logistics firm Toll Group has confirmed that it sustained a ransomware attack earlier this month that has forced the company to shut down several of its systems and led to delays in deliveries.
If Iowa's experiment with a new tabulation app during the Democratic caucuses is the warmup for the 2020 presidential election process, then we're in for a bumpy ride. But what happened there isn't a technology problem. It's a human problem rooted in a failure to properly evaluate risk.
British leaders' failure to more quickly choose and pursue a specific path for the nation's 5G rollout meant that ultimately, the decision got made for them, despite many security concerns persisting over the use of Chinese-built telecommunications gear.
More bad news for ransomware victims: Anyone hit with crypto-locking DoppelPaymer malware now faces the prospect of having their personal data dumped on a darknet site unless they pay a ransom. The gang's move follows in the footsteps of Maze, Sodinokibi (aka REvil) and Nemty ransomware operators.
Twitter says it has fixed an API problem that would have allowed someone to match phone numbers en masse to corresponding accounts, which could potentially unmask anonymous users. The flaw could have been found and exploited by state-sponsored actors, the social media firm warns.