COVID-19 Crisis: How to Manage VPNs

Suparna Goswami • March 30, 2020

Security practitioners around the world are struggling to cope with the challenges posed by remote workers heavily relying on virtual private networks during the Covid-19 pandemic. Here's a look at steps to take to help enhance security.

Audit

Data Governance and Its Many Challenges

Latest

Cybercrime

FBI: Cybercrime Gang Mailing 'BadUSB' Devices to Targets

Mathew J. Schwartz • March 30, 2020

The FBI warns that the notorious FIN7 cybercrime gang has a new trick up its sleeve: Mailing victims a $50 gift card portrayed as good for redeeming items listed on an accompanying USB storage device, which in reality downloads Griffon backdoor software to give attackers remote access.

Business Continuity Management / Disaster Recovery

COVID-19 and the Human Side of Cybersecurity Leadership

Tom Field • March 30, 2020

When securing the remote workforce, it's important to be mindful of the human challenges - educating children, caring for elders and dealing with the barrage of COVID-19 news, says Microsoft's Diana Kelley, who shares insights on balancing cybersecurity and compassion.

Endpoint Security

Will 5G Networks Inherit Vulnerabilities in 4G Networks?

Akshaya Asokan • March 30, 2020

If vulnerabilities in 4G cellular networks that can expose them to denial-of-service and other attacks are not addressed, emerging 5G networks could inherit these same issues, the security firm Positive Technologies reports.

Business Continuity Management / Disaster Recovery

COVID-19: Remote Workforce Security Strategies

Suparna Goswami • March 27, 2020

In an in-depth interview, two cybersecurity experts at Akamai Technologies India discuss ensuring security for at-home workers during the COVID-19 crisis and offer business continuity insights.

Electronic Healthcare Records

Coalition Formed to Address COVID-19 Crisis

Marianne Kolbasuk McGee • March 27, 2020

More than two dozen healthcare organizations and technology firms have formed a coalition to help address the COVID-19 crisis by using secure information sharing and data analysis. But observers warn the group must devote enough attention to privacy and security issues.

Business Continuity Management / Disaster Recovery

Insurer Chubb Investigating 'Security Incident'

Ishita Chigilli Palli • March 27, 2020

Switzerland-based global insurance firm Chubb acknowledges that it's investigating a "security incident." Meanwhile, the Maze ransomware gang is claiming Chubb is its latest victim, according to researchers at the security firm Emsisoft.

Business Continuity Management / Disaster Recovery

Analysis: Russia's COVID-19 Disinformation Campaign

Nick Holland • March 27, 2020

The latest edition of the ISMG Security Report analyzes how and why Russia is spreading disinformation about the COVID-19 pandemic. Plus: the latest CCPA regulation updates; a CISO's tips on securely managing a remote workforce.

Cybercrime

Tupperware Website Hit by Card Skimmer

Ishita Chigilli Palli • March 26, 2020

Tupperware, known for its colorful array of food storage containers, is the latest company to have its website hit with a card skimmer that siphons off payment card details at checkout, according to the security firm Malwarebytes. Malicious JavaScript hid in the online checkout payment form.

Governance & Risk Management

Microsoft to Pause Non-Essential Software Updates

Mathew J. Schwartz • March 26, 2020

Microsoft has announced that it will pause all non-essential updates for Windows, while both Google and Microsoft have said their Chrome and Edge browsers will, for now, receive only stability and security updates. The moves come as IT teams are continuing to respond to the ongoing fallout of the COVID-19 pandemic.

Cybercrime

Newly Discovered APT Group Targets Middle East Firms: Report

Apurva Venkat • March 26, 2020

A newly discovered advanced persistent threat group is targeting industrial firms in the Middle East with a new type of backdoor Trojan, according to the security firm Kaspersky.

Cloud Security

Establishing 'Zero Trust' Security in the Cloud

Varun Haran • March 26, 2020

At a time when individuals are accessing information in the cloud from anywhere, it's important to establish trust with the user, says Brijesh Miglani of Forcepoint.

Governance & Risk Management

Moving From Cyber Secure to Cyber Immune

Varun Haran • March 26, 2020

Although most companies acknowledge the importance of securing their perimeters and endpoints, many are still reactive in their approach to security, says Dipesh Kaura of Kaspersky, who advocates a "security by design" approach.