COVID-19 Resource Center: Latest News and Insights on the Novel Coronavirus and Cybersecurity Response

The COVID-19 pandemic has changed how we all live and work, creating the largest remote workforce in history. Never have topics such as identity and access management, device security and business resiliency been more critical. Use this COVID-19 Resource Center for the latest updates and opinions on the virus, its influence on the threat landscape and how global organisations can improve response.

SEC Chair Gary Gensler testifying before the Senate Banking Committee on Tuesday (Source: U.S. Senate Banking Committee)

SEC Chair Pushes for Additional Cryptocurrency Regulations

Dan Gunderman • September 14, 2021

U.S. SEC Chair Gary Gensler testified before the Senate on Tuesday and again called for comprehensive cryptocurrency regulations, citing a need to reduce cybersecurity risks, other market risks, and criminal efforts to defraud investors, while simultaneously advancing the space.

Fraud Management & Cybercrime

Phishing Attack Used Spoofed COVID-19 Vaccination Forms

Latest

Endpoint Security

Data Breach Culprits: Phishing and Ransomware Dominate

Mathew J. Schwartz • August 27, 2021

Phishing, ransomware and unauthorized access remain the leading causes of personal data breaches as well as violations of data protection rules, Britain's privacy watchdog reports. The U.K. government has also been caught out by breaches and leaks involving military secrets and CCTV footage from a government building.

Access Management

Misconfigured Microsoft Power Apps Spill Sensitive Data

Jeremy Kirk • August 24, 2021

At least 38 million records have been leaked by hundreds of online portals that were unwittingly misconfigured by organizations using Power Apps, a Microsoft service to quickly spin up web apps. Microsoft has now changed default settings for Power Apps to prevent inadvertent data exposures.

Governance & Risk Management

ISMG Editors’ Panel: Government Cybersecurity Challenges

Anna Delaney • August 6, 2021

In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including improving federal agencies' cybersecurity and businesses recovering from the pandemic's impact.

Fraud Management & Cybercrime

Analysis: Oh, the Lies Ransomware Operators Tell

Anna Delaney • August 6, 2021

The latest edition of the ISMG Security Report features an analysis of how ransomware attackers share about their inclinations, motivations and tactics. Also featured: The rise of integrity attacks; dispelling vaccine myths.

Endpoint Security

IoT Security Dangers Loom as Office Workers Return

Doug Olenick • July 24, 2021

With corporate America beginning to ask employees to come back to their offices in the fall, cybersecurity teams have the huge task of ensuring that the work environment is safe. This is particularly true of IoT devices, as many have been left unprotected for months.

Fraud Management & Cybercrime

Constant Ransomware Business Refinements Boosting Profits

Mathew J. Schwartz • July 14, 2021

Ransomware-wielding criminals continue to find innovative new ways to extort victims, develop technically and sidestep skills shortages by delivering ransomware as a service, said Robert Hannigan, the former head of U.K. intelligence agency GCHQ, in his Infosecurity Europe 2021 virtual keynote speech.

Governance & Risk Management

GAO: HHS Needs to Improve Cybersecurity Info-Sharing Efforts

Marianne Kolbasuk McGee • June 29, 2021

The Department of Health and Human Services needs to improve collaboration among several of its internal entities, as well as with external partners, in order to bolster cybersecurity threat intelligence sharing in the healthcare and public health sector, says a watchdog agency report.

Endpoint Security

The Best of Virtual RSA Conference 2021

Information Security Media Group • June 15, 2021

With the RSA Conference virtual this year, ISMG replaced its two live on-site studios with a suite of home studios and produced a diverse group of interviews on timely topics with thought leaders who will be solving cybersecurity's most urgent problems.

Endpoint Security

White House Tech Meeting: Focus on Critical Infrastructure

Scott Ferguson • August 25, 2021

The Biden administration is hosting a White House meeting Wednesday with technology, banking, insurance and education executives to focus on cybersecurity and national security issues, such as protecting critical infrastructure from attacks and how to hire more security professionals to meet demand.

Exposing Software Supply Chain Risks

Tom Field • August 24, 2021

Tomislav Pericin, Co-founder and Chief Software Architect for ReversingLabs, discusses the evolution of supply chain attack sophistication, and why both software builders and buyers need to change how they defend against attack surface area risks.

Fraud Management & Cybercrime

A Unified Look at FinCrime

Robert Harris • August 24, 2021

Banks are looking to drive synergies between fraud, cyber and compliance functions to tackle FinCrime hurdles.

Fraud Management & Cybercrime

Financial Service versus Fraud – the Battle Continues

Simon Viney • August 24, 2021

Despite these financial headwinds, new ways are emerging for FIs to differentiate on the quality of fraud prevention and outreach they can provide to customers.