Ransomware attacks, phishing scams, fake news and several other cyberattacks made headlines in 2020. As millions of Americans shifted to remote work for business continuity, cybercriminals sprung into action, evolving their social engineering tactics. Smishing and vishing are new variants that are fast gaining traction, targeting mobile phones.
The Internal Revenue Service, state tax agencies and tax industry warned tax professionals of a new scam email that impersonates the IRS and attempts to steal Electronic Filing Identification Numbers (EFINs).
SHAREit, an Android application which has been downloaded more than a billion times, contains unpatched security vulnerabilities that the app maker has failed to fix for more than three months, according to a Trend Micro report.
Malwarebytes announced the findings of its annual “State of Malware” report. The latest report explores how the global pandemic forced many employees to quickly become a remote workforce and confined consumers to their homes. In the wake of this change, cybercriminals ditched many of their old tactics, placing a new emphasis on gathering intelligence, and exploiting and preying upon fears with targeted and sophisticated attacks. As a result, the State of Malware Report found a notable shift in the devices targeted and strategies deployed by cybercriminals.
Every week there seems to be a news story about another massive data breach with millions—and sometimes billions—of records containing personal data lost or stolen. We regularly hear about cyberattacks involving brute-forcing secure logins or exploiting software flaws, but there’s a new segment of the cybercriminal economy that’s growing fast: attackers who target companies that have unintentionally left data out in the open via misconfigured databases.
Bottomline and Strategic Treasurer released the results of the 2021 Treasury Fraud & Controls Survey. This is the 6th annual survey between the long-time collaborators, whose research partnership also includes the annual B2B Payments Survey. As in prior years, the 2021 survey gathered details about corporate and banking experiences, actions and plans regarding fraud. Results show that the pandemic accelerated both the threat of fraud and the response to it, with corporate and banking alignment on defensive automation.
Privacy lawyer Vivek Mohan has joined Mayer Brown as a partner in the Cybersecurity & Data Privacy practice in Northern California. Mr. Mohan joins from Apple Inc., where he served as a senior attorney on the company’s global privacy law & policy team and as head of information security law.
As part of an effort to help users apply its well-known Cybersecurity Framework (CSF) as broadly and effectively as possible, the National Institute of Standards and Technology (NIST) has released finalized cybersecurity guidance for positioning, navigation and timing (PNT) services.
Risk assessment is a key element of any discussion around security and the cloud. Security is measured in terms of how much risk there is of something happening – and nothing is without risk. So, when it comes to evaluating a move to cloud desktops, companies are really looking at how it will reduce risk.
With work from home becoming the norm, employees are likely letting their guards down, allowing people in the same household, whether family or visitors, to have access to work-related content. That is why a good cybersecurity strategy starts with people—and a zero trust approach.