It's not so much that the threats have changed amidst the COVID-19 pandemic. It's that the attack surface has broadened, and it's more challenging for defenders to coordinate intelligence, tooling and processes, says Jimmy Astle of VMware Carbon Black.
As the COVID-19 pandemic continues, Britain's privacy watchdog has signaled that although privacy rights and transparency - as enshrined under GDPR - remain paramount, it will take a more "flexible" regulatory approach. But this is no data breach "get out of jail" card, legal experts warn.
The notorious carder marketplace Joker's Stash is advertising a fresh batch of 400,00 stolen payment cards issued by both South Korea and U.S. banks, warns Group-IB. It says that on average, stolen APAC payment card data sells for five times more than stolen U.S. payment card data.
The U.S. National Security Agency and the Australian Signals Directorate offer guidance on how to mitigate the growing threat posed by attackers using web shells to create backdoors.
Australia's pandemic contact-tracing app may be released by the end of the month. The app will collect names and phone numbers, enabling health authorities to contact those who've been exposed to people who have been infected with COVID-19.
VictoryGate, a recently discovered botnet that infected about 35,000 devices with malware, has been disabled by researchers from security firm ESET. The botnet's main purpose was mining monero cryptocurrency.
Debdulal Roy, executive director at Bangladesh Bank describes its efforts to collaborate with others to help protect the banking industry from further attacks.
The latest edition of the ISMG Security Report analyzes the privacy issues raised by COVID-19 contact-tracing apps. Also featured: An update on efforts to fight fraud tied to economic stimulus payments; John Kindervag on the origins of "zero trust."
The former vice president of finance at a Georgia-based medical supplies company has been charged with hacking into the firm's computers and "sabotaging" shipment of personal protective equipment in the midst of the COVID-19 crisis.
U.S. and U.K. law enforcement officials have shut down hundreds of suspicious domains with COVID-19 names and themes that have been used to support criminal efforts to steal credentials, spread malware and spoof government sites and programs.
To deal with the problem of "shadow IT" during the COVID-19 pandemic, organizations should put in place redefined compliance and governance policies, take a multilayered security approach and adopt a security framework to prioritize risks, a panel of three experts advises.
Apple is now preparing final patches for two zero-day vulnerabilities that a security firm says have been exploited by certain attackers to seize control of iPhone and iPad email apps, giving them access to users' messages.
The global pandemic has revealed a lot about the extended remote workforce and its haves and have-nots, says Mike Kiser of SailPoint Technologies. In a preview of an upcoming virtual roundtable, he describes the cybersecurity forces shaping the new post-crisis workforce.
Two recently uncovered spear-phishing campaigns targeted oil and gas firms in the U.S., Asia and South Africa with AgentTesla, a notorious information stealer, according to Bitdefender. These campaigns appear tied to the global oil crisis.
Many governments are pursuing contact-tracing apps to combat COVID-19, but such projects risk subjecting populations to invasive, long-term surveillance - as well as insufficient adoption - unless they take an open, transparent and as decentralized approach, says cybersecurity expert Alan Woodward.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.