Zoom was a popular online conferencing application before COVID-19 infected the world, but the pandemic drove usage of the service to astronomical levels. Before the virus spread, the platform garnered about 10 million meeting participants a day. By March, that number was 200 million a day. “[W]e did not design the product with the foresight…

As non-essential businesses have been forced to shut their doors around the world, many companies that previously relied heavily on the brick-and-mortar side of the business are now leaning more on revenue from their digital platforms. By 2023, according to research performed by Statista, applications may generate nearly $935 billion in revenue. With increased reliance…

A total of 17 vulnerabilities have been fixed with the release of Adobe Bridge 10.0.4 for Windows and macOS. The critical flaws have been described as stack-based buffer overflow, heap overflow, out-of-bounds write, use-after-free, and other memory corruption issues that can lead to arbitrary code execution. Three of the patched security holes, described as important…

While most people will say they are extremely concerned with their online privacy, previous experiments have shown that, in practice, users readily divulge privacy information online. A team of Penn State researchers identified a dozen subtle – but powerful – reasons that may shed light on why people talk a good game about privacy, but…

Ransomware is arguably the most significant cybercrime innovation in recent history. The ransomware business model is so effective that it is now the most common and devastating threat to organizations of all sizes. As a provider of cyber insurance, we have the misfortune of responding to ransomware attacks across tens of thousands of organizations, and…

Sending the malicious link or image was simple, but preparing the attack involved multiple steps that would be difficult to achieve for unsophisticated attackers. “We addressed the issue discussed in this blog and worked with the researcher under Coordinated Vulnerability Disclosure. While we have not seen any use of this technique in the wild, we…

Between late March and mid-April 2020, IBM X-Force Incident Response and Intelligence Services (IRIS) uncovered a phishing campaign targeting small businesses that appears to originate from the U.S. Government Small Business Administration (SBA.gov). The emails, which contain subjects and attachments related to the need for small businesses to apply for disaster relief loans or provide…

While the economic and social fallout of the coronavirus captures virtually all federal, state and local policymaking resources, the US is quickly moving into a critical election season with election safety and security issues still unresolved. Yesterday, the House of Representatives voted overwhelmingly to pass the latest in a string of coronavirus-related bills, a $484…