How are threat actors so successful? They gather breached data and information from open sources – think social media profiles or even voting records – to build digital profiles of individuals with just a few clicks. This can then lead to, among other attacks, phishing scams such as business email compromise, potentially inflicting a significant financial toll on an organization.
To better regulate the use of personal data and protect citizens, the European Union adopted the General Data Protection Regulation (GDPR), which came into force on 25 May 2018. In the UK, the GDPR is tailored by the Data Protection Act 2018. Non-EU businesses with offices in Europe, or who hold or process data coming from Europe, also need to be fully appraised of GDPR.
The digital revolution has made it easier for companies to collect insights on their markets to better understand their clientele's behavior. But it has also paved the way for potential abuses, creating a climate of suspicion. How can AI earn the public’s trust?
Criminals are leveraging elevated interest in COVID-19 to send emails to unsuspecting people to infect computers with ransomware, malware or other computer viruses. And why not? According to Forbes, the COVID-19 crisis has turned the U.S. workforce into a work-from-home army, giving cybercriminals new, less secure, access points for cyber viruses and phishing attacks, revealing vulnerabilities in cybersecurity strategies for the coronavirus crisis. And since there’s a tremendous curiosity for coronavirus information — people are more likely to click without checking the credibility of the source.
Here, we talk to Julian Waits, General Manager of Cybersecurity at Business Unit at Devo, to find out how security operations center (SOC) leaders can create a culture of growth among their teams.
Mandiant Threat Intelligence researchers have identified FIN11, a financially-motivated hacking group behind bold, large and long-running malware campaigns. The hackers have expanded their range of targets the past two years while using increasingly aggressive ransomware attacks.
Norway has blamed Russia for the August cyberattack that targeted the email system of the country's parliament. "Based on the information the government has, it is our view that Russia is responsible for these activities," Foreign Minister Ine Eriksen Soreide said in a statement, the Moscow Times reports.
Carnival Corporation has disclosed that an Aug. 15 ransomware attack accessed the personal data of guests and employees of Carnival Cruise Line, Holland America Line and Seabourn. However, Carnival said there is a "a low likelihood of the data being misused."
Sixty-three percent of government workers say they are worried that cyberattacks on candidates, political parties, and voting infrastructure will impact the integrity of the upcoming U.S. election, according to the Government & Election Cybersecurity Threat Index released by Morphisec, provider of Advanced Threat Prevention. In addition, more than 3-in-4 government workers (77%) believe that states and local governments need more federal funding to protect voting infrastructure better.
The digitalization of industrial infrastructure is underway, and 55% of organizations are confident that the Internet of Things, as one of its key aspects, will change the state of security in industrial control systems (ICS). According to Kaspersky’s recent report, 20% of organizations have already prioritized IoT-related incidents, but effective solutions against IoT threats are not yet widespread.