April 2020 - Page 2 of 4 - Cyber Security Minute

Massive work-from-home movement exposes cybersecurity weaknesses

Issued by: Help Net Security

News coverage of the recent uptick in cyber threat activity is showing an incomplete picture. Despite the focus on VPN hacks and attacks at home, computers at more than 50,000 organizations in the US had been infected prior to stay-at-home orders, according to Team Cymru and Arctic Security. Researchers say they are witnessing previously infected…

Vulnerabilities

iOS Mail bug allows remote zero-click attacks

Issued by: Blog Malwarebytes

On Monday, ZecOps released a report about a couple concerning vulnerabilities with the Mail app in iOS. These vulnerabilities would allow an attacker to execute arbitrary code in the Mail app or the maild process that assists the Mail app behind the scenes. Most concerning, though, is the fact that even the most current version…

Malware & Threats

COVID-19 affects web traffic and attack trends

Issued by: Help Net Security

There have been significant changes in web attack and traffic trends as a result of COVID-19, according to Imperva. The monthly report also revealed that the Cyber Threat Index remains at a ‘high’ level and the financial services sector has been suffering the most from cross-scripting site (XSS) attacks, and a continued increase in attacks…

Malware & Threats

46% of SMBs have been targeted by ransomware, 73% have paid the ransom

Issued by: Help Net Security

Ransomware attacks are not at all unusual in the SMB community, as 46% of these businesses have been victims. And 73% of those SMBs that have been the targets of ransomware attacks actually have paid a ransom, Infrascale reveals. Yet, more than a quarter of the total SMB survey group said they lack a plan…

Network Security

5 steps to create a security incident response plan

Issued by: CSO

The only thing worse than getting hit with a cyberattack is getting hit with a cyberattack and not having a strong security incident response plan in place. Sophisticated Advanced Persistent Threat (APT) attacks are typically aimed at high-value targets like credit card companies, banks, retailers, healthcare facilities and hotel chains that store large volumes of…

Network Security

Are your employees ready for remote work?

Issued by: Kaspersky Blog

Employees are the weakest link in any corporate security system. Anyone whose job it is to protect information systems can confirm: No matter how advanced a security technology is, a careless or clueless employee can always stumble into a way to put the infrastructure at risk. If you recently switched your employees to home-working mode…

Network Security

4 Cybersecurity Lessons from the Pandemic

Issued by: Dark Reading

I switched from epidemiology to network security as my day job years ago, but today’s pandemic reminds me of the similarities between the two fields. There are many lessons we can take from the real-world virus and apply them to security in the online world. It may not be obvious, but the spread of information…

Network Security

Threat modeling explained: A process for anticipating cyber attacks

Issued by: CSO

Threat modeling definition Threat modeling is a structured process through which IT pros can identify potential security threats and vulnerabilities, quantify the seriousness of each, and prioritize techniques to mitigate attack and protect IT resources. This broad definition may just sound like the job description of a cybersecurity professional, but the important thing about a…

Network Security

Trump administration moves to revoke China Telecom’s US license on security grounds

Issued by: CSO

Highlighting the diminished opportunities for Chinese telecom and technology providers in the US, the Department of Justice (DOJ) announced last week that the Trump Administration would seek to revoke and terminate the licenses of mobile operator China Telecom. China Telecom is authorized to provide communications, data, television and business services in the US as a…

Malware & Threats

Apple Is Top Pick for Brand Phishing Attempts

Issued by: Dark Reading

Apple was the brand most commonly used in spoofing attacks during the first quarter of 2020, when 10% of all brand phishing attempts related to the tech giant, researchers report. Check Point’s “Brand Phishing Report” for the first quarter of 2020 highlights the brands that cybercriminals most frequently imitate to steal personal and financial data….