From attacks on the UVM Health Network that delayed chemotherapy appointments, to ones on public schools that delayed students going back to the classroom, ransomware gangs disrupted organizations to inordinate levels in 2020. Remote learning platforms shut down. Hospital chemotherapy appointments cancelled. Ransomware attacks in 2020 dominated as a top . . . Read more
Underground marketplace pricing on RDP server access, compromised payment card data and DDoS-For-Hire services are surging.
From ransomware attacks that crippled hospitals, to espionage attacks targeting COVID-19 vaccine supply chain, Beau Woods discusses the top healthcare security risks. Healthcare cybersecurity threats have been under the spotlight this past year, in particular with the rise of COVID-19 and the budgetary and resource strains that has put on . . . Read more
Critical vulnerabilities discovered by Digital Defense can allow attackers to gain root access and take over devices running same firmware. Buggy firmware opens a number of D-Link VPN router models to zero-day attacks. The flaws, which lack a complete vendor fix, allow adversaries to launch root command injection attacks that . . . Read more
In the early fog of the COVID-19 pandemic, cybersecurity took a back seat to keeping patients alive. Lost in the chaos was IT security.
Lookout’s Hank Schless discusses accelerated threats to mobile endpoints in the age of COVID-19-sparked remote working. Smartphones, tablets, collaboration apps and other modern framework tools are critical to maintaining productivity remotely, but they also demand an integrated security strategy purpose-built for mobile devices. The coronavirus pandemic has completely upended the . . . Read more
The Better Business Bureau warns of phishing messages with the Zoom logo that tell recipients they have a missed meeting or suspended account. A new Zoom-themed phishing attack is circulating through email, text and social media messages, aiming to steal credentials for the videoconferencing service. The Better Business Bureau (BBB) . . . Read more
Philippines COVID-KAYA app allowed for unauthorized access typically protected by ‘superuser’ credentials and also may have exposed patient data. A platform used by healthcare workers in the Philippines designed to share data about COVID-19 cases contained multiple flaws that exposed healthcare worker data and could potentially could have leaked patient . . . Read more
Bugcrowd Founder Casey Ellis talks about COVID-19’s impact on bug bounty hunters, bug bounty program adoption and more.
How a retail sector reeling from COVID-19 can lock down their online systems to prevent fraud during the upcoming holiday shopping spike. The raging pandemic has forced many retailers to re-imagine their businesses, shifting from in-person to contactless interactions through online sales. This new socially distanced reality is colliding with . . . Read more