Check out Dark Reading’s updated, exclusive news and commentary surrounding the coronavirus pandemic.
US Indicts 2 Chinese Nationals for Stealing IP & Business Secrets, Including COVID-19 Research
Pair working on behalf of themselves and China’s Ministry of State Security, Justice Department says.
Number of Reported Breaches Decrease In First Half of 2020
With the pandemic as a backdrop, publicly reported US data breaches dropped as more employees and suppliers stayed home.
UK Data Privacy Legislation Cannot Be Bypassed to Limit Spread of COVID-19
The UK faces GDPR data privacy challenges regarding its COVID-19 “Test and Trace” program. Despite the importance of contact tracing, its intent to ignore privacy legislation is extremely worrying.
Keys for a Safe Return to the Post-Quarantine Office
Security teams will need to keep these important considerations in mind as employees make their way back to the workplace.
Russian Cyberattacks Target COVID-19 Research, Vaccine Development
Government agencies in the US, UK, and Canada report Russian group Cozy Bear is targeting organizations developing coronavirus vaccines.
Zero-Trust Efforts Rise with the Tide of Remote Working
With employees likely to continue to spend much, if not all, of their time working from home, companies are focusing more on technologies to boost the security of their now-distributed workplace.
A Paramedic’s Lessons for Cybersecurity Pros
A paramedic turned cybersecurity expert shares his experiences in both fields, highlights their similarities, and explains how they can learn from each other.
As Offices Reopen, Hardware from Home Threatens Security
Devices out of sight for the past several months could spell trouble when employees bring them back to work.
As More People Return to Travel Sites, So Do Malicious Bots
Attacks against travel-related websites are on the rise as the industry begins to slowly recover from COVID-19, new data shows.
Lessons from COVID-19 Cyberattacks: Where Do We Go Next?
We need to learn from the attacks and attempts that have occurred in order to prepare for the future.
Another COVID-19 Side Effect: Rising Nation-State Cyber Activity
While financial institutions and government remain popular targets, COVID-19 research organizations are now also in the crosshairs.
COVID-19 Puts ICS Security Initiatives ‘On Pause’
Security pros concerned that increased remote access to vulnerable operational technology and stalled efforts to harden OT environments puts critical infrastructure at greater risk.
CISA Issues Advisory on Home Routers
The increase in work-from-home employees raises the importance of home router security.
Profile of the Post-Pandemic CISO
Projects that were high priorities before the COVID-19 outbreak have taken a back seat to new business needs. For security leaders that has meant new responsibilities that could very well stick around in the pandemic’s aftermath.
3 Ways to Flatten the Health Data Hacking Curve
With more people working from home, health data security is more challenging but vitally important. These tips can help safeguard healthcare data.
Tall Order for Small Businesses: 3 Tips to Find Tailored Security Solutions
SMBs are responsible for nearly 44% of US economic activity, but given the current climate, it can be difficult for them to find available and/or affordable resources.
5 New InfoSec Job Training Trends: What We’re Studying During COVID-19
With the pandemic uprooting networks and upending careers, which security skills are hot — and which are not?
Good Cyber Hygiene in a Post-Pandemic World Starts with Us
Three ways that security teams can improve processes and collaboration, all while creating the common ground needed to sustain them.
Contact Tracing & Threat Intel: Broken Tools & Processes
How epidemiology can solve the people problem in security.
Rethinking Enterprise Access, Post-COVID-19
New approaches will allow businesses to reduce risk while meeting the needs of users, employees, and third parties. Here are three issues to consider when reimagining enterprise application access.
Pandemic Accelerates Priceline’s ‘Coffee Shop’ Remote-Access Strategy
The travel-booking giant had been slowly starting to transition away from VPN dependence. Then COVID-19 happened, and suddenly 700 third-party call-center workers were working from home.
Employees Say They’re Working From Home Without Security Guidance
Working from home is new for many enterprise employees, yet many say they’ve received little in the way of new training or technology to keep them safe.
Long-Term Effects of COVID-19 on the Cybersecurity Industry
The maelstrom of change we’re going through presents a unique opportunity to become enablers. And to do that requires flexibility.
Healthcare CISOs Share COVID-19 Response Stories
Cybersecurity leaders discussed the threats and challenges that arose during the pandemic, and how they responded, during a virtual roundtable
Most Contact-Tracing Apps Fail Basic Security
A survey of 17 Android applications for informing citizens if they had potential contact with a COVD-19-infected individual finds few have adopted code-hardening techniques.
7 Tips for Employers Navigating Remote Recruitment
Hiring experts explain how companies should approach recruitment when employers and candidates are working remotely.
Collaboration Undermined When Security Teams Work Remotely, Some Argue
Knowledge workers are perfectly suited for remote work, but the benefits of collaboration — and the requirements of proving identity — make fully remote security teams problematic.
IoT Security Trends & Challenges in the Wake of COVID-19
The demand for Internet of Things security practices that protect sensitive medical equipment and data will double within the next five years. Here’s why.
The Future Will Be Both Agile and Hardened
What COVID-19 has taught us about the digital revolution.
What COVID-19 Teaches Us About Social Engineering
Unless we do something proactively, social engineering’s impact is expected to keep getting worse as people’s reliance on technology increases and as more of us are forced to work from home.
Employees Stream Entertainment on Enterprise Systems During Pandemic
Employees aren’t limiting use of their work computers to business purposes while working from home.
The Telehealth Attack Surface
Amid the surge in digital healthcare stemming from the coronavirus pandemic, security is taking a backseat to usability.
Fake COVID-19 Contact-Tracing Apps Infect Android Phones
Researchers find 12 Android applications disguised as official COVID-19 contact tracing apps installing malware onto devices.
3 Ways the Pandemic Will Affect Enterprise Security in the Future
While CISOs have been focused on immediate threats, it’s time to look ahead to what a post-COVID-19 future will look like.
CSO’s Guide to ‘Employee-First’ Security Operations During COVID-19 & Beyond
As the work-at-home environment continues to inform new ways of doing business, it’s important that security teams remain flexible and ready for change.
Safeguard Your Remote Workforce
DDoS attacks on VPN servers can not only bring remote work to a standstill but also cut off admins from accessing their systems. Here are three ways to stay safer.
Q&A: Eugene Spafford on the Risks of Internet Voting
Allowing people to cast their ballots online to circumvent coronavirus-related health concerns introduces problems that we simply don’t know how to manage, says the Purdue University professor and security leader.
Local, State Governments Face Cybersecurity Crisis
Ransomware hit small government organizations hard in 2019. Now they have to deal with budget cuts, pandemic precautions, social unrest, and the coming election cycle.
The Privacy & Security Outlook for Businesses Post-COVID-19
Long-term business needs — and the ethical implications that result — don’t simply go away just because we’re navigating a global health crisis.
Malware Campaign Hides in Resumes and Medical Leave Forms
The campaigns have been part of the overall increase in coronavirus-related malware activity.
Social Distancing for Healthcare’s IoT Devices
Security pros need to double down around prevention of lateral movement by attackers, especially if IoT devices are connected to the network.
10 Tips for Maintaining Information Security During Layoffs
Insider cyber threats are always an issue during layoffs — but with record numbers of home office workers heading for the unemployment line, it’s never been harder to maintain cybersecurity during offboarding.
Risk Assessment & the Human Condition
Five lessons the coronavirus pandemic can teach security professionals to better assess, monitor, manage, and mitigate organizational risk.
Cybersecurity Spending Hits ‘Temporary Pause’ Amid Pandemic
For now, security teams face freezes in projects and hiring – and budget cuts, security industry analysts say.
Banking on Data Security in a Time of Insecurity
How banks can maintain security and data integrity in the middle of a pandemic.
Bank of America Security Incident Affects PPP Applicants
The incident occurred when Paycheck Protection Program applications were uploaded to a test platform and accidentally shared.
Digital Distancing with Microsegmentation
Physical distancing has blunted a virus’s impact; the same idea can be applied to computers and networks to minimize breaches, attacks, and infections.
Data Loss Spikes Under COVID-19 Lockdowns
Two new reports suggest a massive gap between how organizations have prepared their cybersecurity defenses and the reality of their efficacy.
Stay-at-Home Orders Coincide With Massive DNS Surge
A variety of sites saw as much as seven times the number of domain requests in late March and early April, suggesting attackers attempted massive denial-of-service attacks.
GDPR Enforcement Loosens Amid Pandemic
The European Union has given some organizations more breathing room to remedy violations, yet no one should think regulators are planning to abandon the privacy legislation in the face of COVID-19.
How to Pay a Ransom
Even prior to the COVID-19 pandemic, ransomware attacks were on the rise and becoming more expensive. Now your organization has fallen victim and is going to pay. Here’s how to handle it.
Q&A: Eugene Kaspersky on Tourism, the Pandemic, and Cybersecurity
The CEO and co-founder of eponymously named security vendor has launched a new travel accelerator program amid the COVID-19 crisis.
The Need for Compliance in a Post-COVID-19 World
With the current upheaval, business leaders may lose focus and push off implementing security measures, managing risk, and keeping up with compliance requirements. That’s a big mistake.
Centralized Contact Tracing Raises Concerns Among Privacy-Conscious Citizens
The long debate over whether encryption and anonymity shield too much criminal behavior also has staged a resurgence.
Coronavirus-Themed Phishing Fears Largely Overblown, Researchers Say
As COVID-19-themed spam rises, phishing—not so much. An analysis of newly registered domains finds that only 2.4% are actually phishing sites aiming to steal credentials.
Is Zero Trust the Best Answer to the COVID-19 Lockdown?
Enterprises need to recognize that remote access and other pandemic-related security challenges cannot be fixed with buzzwords or silver-bullet security tools.
Long-Term Remote Work: Keeping Workers Productive & Secure
The pandemic has changed how we get work done. Now, data security must catch up.
The 3 Top Cybersecurity Myths & What You Should Know
With millions of employees now attempting to work from home, it’s vital to challenge misconceptions about cybersecurity.
Templates Make Coronavirus Phishing Campaigns Easy
Ready-made website templates make it simple for criminals to create fake government and NGO websites for COVID-19-related phishing campaigns.
Microsoft Open Sources Its Coronavirus Threat Data
Microsoft’s COVID-19 intelligence will be made publicly available to help businesses fight virus-related security threats.
Facebook Fails to Staunch Coronavirus Misinformation
The social media giant in April affixed warning labels on 50 million pieces of content
Ensuring Business Continuity in Times of Crisis
Three basic but comprehensive steps can help you and your organization get through adversity.
More Tips for Staying Safe While Working from Home
While some users are up to speed with the WFH protocol, it’s worth adding a few more items to your security checklist.
Secure Contact Tracing Needs More Transparent Development
Experts worry that without proper planning, today’s decisions about developing contact-tracing apps could have unforeseen consequences in the years to come.
Coronavirus, Data Privacy & the New Online Social Contract
How governments can protect personal privacy in contact tracing while saving peoples’ lives.
6 Free Cybersecurity Training and Awareness Courses
Most are designed to help organizations address teleworking risks related to COVID-19 scams.
As Remote Work Becomes the Norm, Security Fight Moves to Cloud, Endpoints
A majority of firms expect to keep more employees working remotely post-pandemic, forcing businesses to undertake more comprehensive digital and cloud transformations.
DocuSign Phishing Campaign Uses COVID-19 as Bait
The newly discovered campaign lures victims with a supposed file concerning the coronavirus pandemic.
Malicious Bots Infiltrate Online Food Delivery
With grocery delivery in higher demand than ever, new add-ons have emerged to secure slots for consumers, presenting a new pathway for bad bots to wreak havoc.
Now More Than Ever? Securing the Software Life Cycle
The more things change, the more they stay the same. That’s true for software security, even in these turbulent times.
Cybersecurity Home School: Garfield Teaches Security
The famous cartoon cat can help kids ages 6 to 11 learn to be more secure when they’re online.
7 Ways Parents Can Better Protect Their Online-Gamer Offspring
It’s 11 a.m. Are your kids locked in their rooms playing games online?
The Price of Fame? Celebrities Face Unique Hacking Threats
Hackers are hitting the sports industry hard on social media and luring quarantined consumers with offers of free streaming services, a new report shows.
Half of Companies Have Suffered a Cybersecurity Issue Amid COVID-19 Crisis
Survey shows 49% expect to experience a data breach or cybersecurity incident in the next month.
Attackers Adapt Techniques to Pandemic Reality
Over the past several months, threat actors have quickly shifted their tactics to take advantage of interest in the coronavirus, two studies find.
Post-Pandemic Presentation Plans
Coming to a conference near you — who knows when.
Stay-at-Home Students Offered Lessons to Boost Cybersecurity
Stuck at home with a primary- or secondary-school student? Organizations from professional training groups to national governments are teaming up to offer virtual cybersecurity training for teens — in some cases, for free.
How InfoSec Pros Can Help Healthcare During the Coronavirus Pandemic
Security pros are banding together to ensure healthcare facilities can focus on saving lives instead of defending against cyber attacks. Here are a few places you can volunteer your services.
7 Tips for Security Pros Patching in a Pandemic
The shift to remote work has worsened patch management challenges and created new ones. Security pros share insights and best practices.
Fake Microsoft Teams Emails Phish for Credentials
Employees belonging to organizations in industries such as energy, retail, and hospitality have been recipients, Abnormal Security says.
DHS CISA Launches Site for Teleworking Security
The new website is intended to be a one-stop source for information on securing teleworkers and their employers.
Best Practices for Managing a Remote SOC
Experts share what it takes to get your security analysts effectively countering threats from their home offices.
Apple Makes It Easier to Unlock iPhone While Wearing a Mask
The beta release of iOS 13.5 brings an updated FaceID so that users wearing masks can bypass facial recognition and unlock their phone with a code
Industrial Networks’ Newest Threat: Remote Users
We know remote working isn’t going away anytime soon, so it’s crucial we be extra vigilant about security for industrial networks and critical infrastructure.
86% of Companies Report Network Disruption Amid Remote Work Shift
Nearly two-thirds say disruptions were at least moderate in severity, and more have seen VPN connectivity issues as employees work from home.
7 Secure Remote Access Services for Today’s Enterprise Needs
Secure remote access is a “must” for enterprise computing today, and there are options for you to explore in the dynamic current environment.
7 Fraud Predictions in the Wake of the Coronavirus
It’s theme and variations in the fraud world, and fraudsters love — and thrive — during chaos and confusion
Phishers Start to Exploit Oil Industry Amid COVID-19 Woes
While a massive flood of attacks has yet to materialize, cybersecurity experts say this could be the calm before the storm.
5 Big Lessons from the Work-from-Home SOC
Accustomed to working in the same room, security teams now must find ways to operate effectively in the new remote reality.
Increased Credential Threats in the Age of Uncertainty
Three things your company should do to protect credentials during the coronavirus pandemic.
Security Pros Reassigned to IT Tasks in Coronavirus Pandemic
Most security practitioners surveyed say their job functions have changed during the pandemic, and 90% are now working remotely full time.
Will the Pandemic Complicate Cyber Insurance Claims?
While quarantined workers are keeping safe at home, they could be jeopardizing your insurance policy.
COVID-19 Quarantine: A Unique Learning Opportunity for Defenders
Use these spare moments at home to master new skills that will help protect your organization and enhance your career.
WHO Confirms Email Credentials Leak
Washington Post had identified the group as one among several whose passwords and emails were dumped online and abused.
Why Consumers, SMBs Are Likely to Fall for Coronavirus Scams
Data reveals both a lack of skepticism and a willingness to engage with emails crafted to seem like government communications.
5 Ways to Prove Security’s Worth in the Age of COVID-19
Tightened budgets are placing jobs at risk, but security pros say they’re armed with ways to demonstrate that what they’re doing merits keeping them employed.
Resiliency: The Trait National Sporting Leagues Share with Security & IT Teams
During unprecedented times such as these, both businesses and professional sports are forced to go back to basics.
White-Hat Hackers Help ‘Fold’ COVID-19 Proteins
A grassroots effort provides scientists with computing power to help simulate the novel coronavirus’ proteins and come up with therapeutic solutions for the disease.
11 Tips for Protecting Active Directory While Working from Home
To improve the security of your corporate’s network, protect the remote use of AD credentials.
Domain Registrars Under Pressure to Combat COVID-19-Related Scams
A huge increase in malicious website registrations has prompted concern from US lawmakers.
Is COVID-19 Intensifying the Need for Security Staffing?
Overall, security practitioners should find themselves in a better working situation than many other professionals. However, we are not immune.
Microsoft Proposes Privacy Controls for COVID-19 Contact Tracking, Tracing
As governments broaden use of digital technologies to stem pandemic, sensitive health and location data need to be protected, company says.
Work-from-Home Exposes Already-Infected Machines in 50K US Organizations
Researchers find massive spike in infected enterprises worldwide.
Stimulus Payments Are Popular Leverage for Cyberattacks
More than 4,300 domains related to stimulus and relief packages, many of them malicious, have been registered since January.
COVID-19 Caption Contest Winners
It was a tough choice! And the winner is…
Remote Access Makes a Comeback: 4 Security Challenges in the Wake of COVID-19
As companies continue to support increasing numbers of work-from-home employees, the pressure to secure access and reduce risk has never been greater.
COVID-Themed Phishing Messages Fill Phishing Filters on Gmail
In the past week, Google says it identified more than 18 million daily phishing messages featuring coronavirus themes.
Cybersecurity Home-School: The Robot Project
This fun project can teach your homebound children and teens about cybersecurity (and keep them occupied for at least a little while).
‘Look for the Helpers’ to Securely Enable the Remote Workforce
CISOs and CIOs, you are our helpers. As you take action to reassure your company, your confidence is our confidence.
4 Cybersecurity Lessons from the Pandemic
An epidemiologist-turned-CTO describes the parallels between the spread of a computer virus and the real-world coronavirus.
Post Pandemic, Technologists Pose Secure Certification for Immunity
Going digital with immunity passports could speed rollout and allow for better warnings of potential hot spots. But security and privacy issues remain.
5 Things Ransomware Taught Me About Responding in a Crisis
What happened in Atlanta is worth studying because it was one of the earliest cases of a major city ransomware attacks and because it came out the other side stronger and more resilient.
Which InfoSec Jobs Will Best Survive a Recession?
With COVID-19 making a mess of the global economy, companies are seeking to cut corners – and some boardrooms still see security as a “cost center.” Are infosec careers vulnerable now?
Will Gentler HIPAA Rules on Telehealth Now Protect Us From Breach Litigation Later?
Edge Ask-the Experts Patricia Calhoun and Patricia Carreiro, attorneys at Carlton Fieldsr espond to a reader question.
Insecure Home Office Networks Heighten Work-at-Home Risks
Nearly one in two organizations has one or more devices accessing its corporate network from a home network with at least one malware infection, BitSight says.
How Company Cultures Dictated Work-from-Home Readiness
Companies large and small are discovering just how prepared they were for all employees to work remotely
7 Ways COVID-19 Has Changed Our Online Lives
The pandemic has driven more of our personal and work lives online – and for the bad guys, business is booming. Here’s how you can protect yourself.
Pandemic Could Make Schools Bigger Targets of Ransomware Attacks
Most have had to implement distance learning, making them much more vulnerable, Armor says.
Network Data Shows Spikes, Vulnerability of Work-at-Home Shift
Traffic on the public Internet has grown by half this year, and videoconferencing bandwidth has grown by a factor of five, all driven by remote-work edicts.
8 Phishing Lures Preying on Pandemic Panic
Phishing campaigns and scams are skyrocketing to take advantage of people concerned about COVID-19 impacts. Here are some key examples in action.
Emails Impersonating Trump, White House Seek to Exploit Pandemic Fears
The phishing campaign is only the latest among many related to COVID-19, INKY says.
Zoom, Microsoft & NTT Data Leaders Share Work-from-Home Security Tips
Tech leaders encourage organizations to maintain security awareness training and offer advice on how to protect their information.
Microsoft Releases COVID-19 Security Guidance
Information includes tips on how to keep IT systems infection-free.
Keeping Vigilant for BEC Amid COVID-19 Chaos
FBI and security experts warn that attackers are particularly targeting cloud-based email systems at the moment.
After Adopting COVID-19 Lures, Sophisticated Groups Target Remote Workers
While coronavirus-themed emails and files have been used as a lure for weeks, attackers now are searching for ways to actively target VPNs and remote workers to take advantage of weaker security.
The Coronavirus & Cybersecurity: 3 Areas of Exploitation
Criminal, political, and strategic factors are combining to create a perfect storm of cyber infections that target the global supply chain.
71% of Security Pros See Threats Jump Since COVID-19 Outbreak
Phishing is the top threat, followed by websites offering false information about the pandemic, malware, and ransomware attacks.
COVID-19 Omdia Analyst Advisory: Security
A listing of free security products and services collected for Dark Reading by Omdia analysts to help you meet the challenges of the coronavirus pandemic.
Phishers Try ‘Text Direction Deception’ Technique to Bypass Email Filters
With COVID-19 concerns running high, attackers are trying new tactics to get to users.
A Hacker’s Perspective on Securing VPNs As You Go Remote
As organizations rush to equip and secure their newly remote workforce, it’s important to keep things methodical and purposeful.
Bad Bots Build Presence Across the Web
Bots that mimic human behavior are driving a growing percentage of website traffic while contributing to an avalanche of misinformation.
Could Work-From-Home Staff be Violating Privacy Laws During Conference Calls?
If you are lucky enough to be able to do your job from home right now, you should be aware of a few key things.
Patching Poses Security Problems with Move to More Remote Work
Security teams were not ready for the wholesale move to remote work and the sudden expansion of the attack surface area, experts say
Why Third-Party Risk Management Has Never Been More Important
Given today’s coronavirus pandemic, the need for companies to collect cybersecurity data about their business partners is more critical than ever. Here’s how to start.
Limited-Time Free Offers to Secure the Enterprise Amid COVID-19
These products and services could be of immediate help to infosec pros now protecting their organizations while working from home.
Purported Brute-Force Attack Aims at Linksys Routers as More People Work Remotely
The attack takes control of poorly secured network devices, redirecting Web addresses to a COVID-themed landing page that attempts to fool victims into downloading malware.
How Zoom, Netflix, and Dropbox are Staying Online During the Pandemic
Inside the efforts to keep the quarantined world’s popular Internet services running smoothly.
COVID-19: Getting Ready for the Next Business Continuity Challenge
What comes after you’ve empowered your remote workforce in the wake of the coronavirus pandemic? Dealing with a large portion of that workforce getting sick at the same time.
Cybercriminals’ Promises to Pause During Pandemic Amount to Little
As pandemic worsens, online profiteering — from frausters to ransomware operators to cybercriminal hacking — continues unabated, despite some promises from the underground.
FBI Warns of Fake CDC Emails in COVID-19 Phishing Alert
Fraudsters exploit concerns by claiming to offer virus-related information or promising stimulus checks.
8 Infosec Page-Turners for Days Spent Indoors
Stuck inside and looking for a new read? Check out these titles written by security practitioners and reporters across the industry.
Attack Surface, Vulnerabilities Increase as Orgs Respond to COVID-19 Crisis
In typical fashion, attackers are gearing up to take advantage of the surge in teleworking prompted by the pandemic.
DDoS Attack Targets German Food Delivery Service
Liefrando delivers food from more than 15,000 restaurants in Germany, where people under COVID-19 restrictions depend on the service.
VPN Usage Surges as More Nations Shut Down Offices
As social distancing becomes the norm, interest in virtual private networks has rocketed, with some providers already seeing a doubling in users and traffic since the beginning of the year.
Attorney General Directs DoJ to Prioritize Coronavirus Crime
Criminal activity related to the pandemic cannot be tolerated, William Barr states in memo.
Security Lessons We’ve Learned (So Far) from COVID-19
Takeaways about fighting new fires, securely enabling remote workforces, and human nature during difficult times.
Privacy in a Pandemic: What You Can (and Can’t) Ask Employees
Businesses struggle to strike a balance between workplace health and employees’ privacy rights in the midst of a global health emergency.
Working from Home? These Tips Can Help You Adapt
COVID-19 means many people are doing their jobs from outside the confines of the office. That may not be as easy as it sounds.
COVID-19 Drives Rush to Remote Work. Is Your Security Team Ready?
A rapid transition to remote work puts pressure on security teams to understand and address a wave of potential security risks
Malware Campaign Feeds on Coronavirus Fears
A new malware campaign that offers a “coronavirus map” delivers a well-known data-stealer.
Coronavirus Raises New Business Continuity, Phishing Challenges for InfoSec
What happens when understaffed security teams at home and abroad are sequestered in physical quarantine zones?
Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio