Check out Dark Reading’s updated, exclusive news and commentary surrounding the coronavirus pandemic.
6/29/2020
Tall Order for Small Businesses: 3 Tips to Find Tailored Security Solutions
SMBs are responsible for nearly 44% of US economic activity, but given the current climate, it can be difficult for them to find available and/or affordable resources.
6/26/2020
5 New InfoSec Job Training Trends: What We’re Studying During COVID-19
With the pandemic uprooting networks and upending careers, which security skills are hot — and which are not?
Good Cyber Hygiene in a Post-Pandemic World Starts with Us
Three ways that security teams can improve processes and collaboration, all while creating the common ground needed to sustain them.
6/25/2020
Contact Tracing & Threat Intel: Broken Tools & Processes
How epidemiology can solve the people problem in security.
06/24/2020
Rethinking Enterprise Access, Post-COVID-19
New approaches will allow businesses to reduce risk while meeting the needs of users, employees, and third parties. Here are three issues to consider when reimagining enterprise application access.
6/22/2020
Pandemic Accelerates Priceline’s ‘Coffee Shop’ Remote-Access Strategy
The travel-booking giant had been slowly starting to transition away from VPN dependence. Then COVID-19 happened, and suddenly 700 third-party call-center workers were working from home.
Employees Say They’re Working From Home Without Security Guidance
Working from home is new for many enterprise employees, yet many say they’ve received little in the way of new training or technology to keep them safe.
Long-Term Effects of COVID-19 on the Cybersecurity Industry
The maelstrom of change we’re going through presents a unique opportunity to become enablers. And to do that requires flexibility.
6/18/2020
Healthcare CISOs Share COVID-19 Response Stories
Cybersecurity leaders discussed the threats and challenges that arose during the pandemic, and how they responded, during a virtual roundtable
Most Contact-Tracing Apps Fail Basic Security
A survey of 17 Android applications for informing citizens if they had potential contact with a COVD-19-infected individual finds few have adopted code-hardening techniques.
6/17/2020
7 Tips for Employers Navigating Remote Recruitment
Hiring experts explain how companies should approach recruitment when employers and candidates are working remotely.
Collaboration Undermined When Security Teams Work Remotely, Some Argue
Knowledge workers are perfectly suited for remote work, but the benefits of collaboration — and the requirements of proving identity — make fully remote security teams problematic.
06/16/2020
IoT Security Trends & Challenges in the Wake of COVID-19
The demand for Internet of Things security practices that protect sensitive medical equipment and data will double within the next five years. Here’s why.
06/12/2020
The Future Will Be Both Agile and Hardened
What COVID-19 has taught us about the digital revolution.
06/11/2020
What COVID-19 Teaches Us About Social Engineering
Unless we do something proactively, social engineering’s impact is expected to keep getting worse as people’s reliance on technology increases and as more of us are forced to work from home.
06/10/2020
Employees Stream Entertainment on Enterprise Systems During Pandemic
Employees aren’t limiting use of their work computers to business purposes while working from home.
The Telehealth Attack Surface
Amid the surge in digital healthcare stemming from the coronavirus pandemic, security is taking a backseat to usability.
Fake COVID-19 Contact-Tracing Apps Infect Android Phones
Researchers find 12 Android applications disguised as official COVID-19 contact tracing apps installing malware onto devices.
3 Ways the Pandemic Will Affect Enterprise Security in the Future
While CISOs have been focused on immediate threats, it’s time to look ahead to what a post-COVID-19 future will look like.
06/09/2020
CSO’s Guide to ‘Employee-First’ Security Operations During COVID-19 & Beyond
As the work-at-home environment continues to inform new ways of doing business, it’s important that security teams remain flexible and ready for change.
06/08/2020
Safeguard Your Remote Workforce
DDoS attacks on VPN servers can not only bring remote work to a standstill but also cut off admins from accessing their systems. Here are three ways to stay safer.
06/05/2020
Q&A: Eugene Spafford on the Risks of Internet Voting
Allowing people to cast their ballots online to circumvent coronavirus-related health concerns introduces problems that we simply don’t know how to manage, says the Purdue University professor and security leader.
Local, State Governments Face Cybersecurity Crisis
Ransomware hit small government organizations hard in 2019. Now they have to deal with budget cuts, pandemic precautions, social unrest, and the coming election cycle.
The Privacy & Security Outlook for Businesses Post-COVID-19
Long-term business needs — and the ethical implications that result — don’t simply go away just because we’re navigating a global health crisis.
06/04/2020
Malware Campaign Hides in Resumes and Medical Leave Forms
The campaigns have been part of the overall increase in coronavirus-related malware activity.
06/03/2020
Social Distancing for Healthcare’s IoT Devices
Security pros need to double down around prevention of lateral movement by attackers, especially if IoT devices are connected to the network.
06/02/2020
10 Tips for Maintaining Information Security During Layoffs
Insider cyber threats are always an issue during layoffs — but with record numbers of home office workers heading for the unemployment line, it’s never been harder to maintain cybersecurity during offboarding.
Risk Assessment & the Human Condition
Five lessons the coronavirus pandemic can teach security professionals to better assess, monitor, manage, and mitigate organizational risk.
Cybersecurity Spending Hits ‘Temporary Pause’ Amid Pandemic
For now, security teams face freezes in projects and hiring – and budget cuts, security industry analysts say.
Banking on Data Security in a Time of Insecurity
How banks can maintain security and data integrity in the middle of a pandemic.
5/29/2020
Bank of America Security Incident Affects PPP Applicants
The incident occurred when Paycheck Protection Program applications were uploaded to a test platform and accidentally shared.
Digital Distancing with Microsegmentation
Physical distancing has blunted a virus’s impact; the same idea can be applied to computers and networks to minimize breaches, attacks, and infections.
5/28/2020
Data Loss Spikes Under COVID-19 Lockdowns
Two new reports suggest a massive gap between how organizations have prepared their cybersecurity defenses and the reality of their efficacy.
5/27/2020
Stay-at-Home Orders Coincide With Massive DNS Surge
A variety of sites saw as much as seven times the number of domain requests in late March and early April, suggesting attackers attempted massive denial-of-service attacks.
GDPR Enforcement Loosens Amid Pandemic
The European Union has given some organizations more breathing room to remedy violations, yet no one should think regulators are planning to abandon the privacy legislation in the face of COVID-19.
5/26/2020
How to Pay a Ransom
Even prior to the COVID-19 pandemic, ransomware attacks were on the rise and becoming more expensive. Now your organization has fallen victim and is going to pay. Here’s how to handle it.
Q&A: Eugene Kaspersky on Tourism, the Pandemic, and Cybersecurity
The CEO and co-founder of eponymously named security vendor has launched a new travel accelerator program amid the COVID-19 crisis.
5/21/2020
The Need for Compliance in a Post-COVID-19 World
With the current upheaval, business leaders may lose focus and push off implementing security measures, managing risk, and keeping up with compliance requirements. That’s a big mistake.
5/20/2020
Centralized Contact Tracing Raises Concerns Among Privacy-Conscious Citizens
The long debate over whether encryption and anonymity shield too much criminal behavior also has staged a resurgence.
Coronavirus-Themed Phishing Fears Largely Overblown, Researchers Say
As COVID-19-themed spam rises, phishing—not so much. An analysis of newly registered domains finds that only 2.4% are actually phishing sites aiming to steal credentials.
Is Zero Trust the Best Answer to the COVID-19 Lockdown?
Enterprises need to recognize that remote access and other pandemic-related security challenges cannot be fixed with buzzwords or silver-bullet security tools.
5/19/2020
Long-Term Remote Work: Keeping Workers Productive & Secure
The pandemic has changed how we get work done. Now, data security must catch up.
5/18/2020
The 3 Top Cybersecurity Myths & What You Should Know
With millions of employees now attempting to work from home, it’s vital to challenge misconceptions about cybersecurity.
5/15/2020
Templates Make Coronavirus Phishing Campaigns Easy
Ready-made website templates make it simple for criminals to create fake government and NGO websites for COVID-19-related phishing campaigns.
Microsoft Open Sources Its Coronavirus Threat Data
Microsoft’s COVID-19 intelligence will be made publicly available to help businesses fight virus-related security threats.
5/14/2020
Facebook Fails to Staunch Coronavirus Misinformation
The social media giant in April affixed warning labels on 50 million pieces of content
Ensuring Business Continuity in Times of Crisis
Three basic but comprehensive steps can help you and your organization get through adversity.
5/13/2020
More Tips for Staying Safe While Working from Home
While some users are up to speed with the WFH protocol, it’s worth adding a few more items to your security checklist.
5/12/2020
Secure Contact Tracing Needs More Transparent Development
Experts worry that without proper planning, today’s decisions about developing contact-tracing apps could have unforeseen consequences in the years to come.
Coronavirus, Data Privacy & the New Online Social Contract
How governments can protect personal privacy in contact tracing while saving peoples’ lives.
6 Free Cybersecurity Training and Awareness Courses
Most are designed to help organizations address teleworking risks related to COVID-19 scams.
5/8/2020
As Remote Work Becomes the Norm, Security Fight Moves to Cloud, Endpoints
A majority of firms expect to keep more employees working remotely post-pandemic, forcing businesses to undertake more comprehensive digital and cloud transformations.
DocuSign Phishing Campaign Uses COVID-19 as Bait
The newly discovered campaign lures victims with a supposed file concerning the coronavirus pandemic.
5/7/2020
Malicious Bots Infiltrate Online Food Delivery
With grocery delivery in higher demand than ever, new add-ons have emerged to secure slots for consumers, presenting a new pathway for bad bots to wreak havoc.
Now More Than Ever? Securing the Software Life Cycle
The more things change, the more they stay the same. That’s true for software security, even in these turbulent times.
Cybersecurity Home School: Garfield Teaches Security
The famous cartoon cat can help kids ages 6 to 11 learn to be more secure when they’re online.
7 Ways Parents Can Better Protect Their Online-Gamer Offspring
It’s 11 a.m. Are your kids locked in their rooms playing games online?
5/6/2020
The Price of Fame? Celebrities Face Unique Hacking Threats
Hackers are hitting the sports industry hard on social media and luring quarantined consumers with offers of free streaming services, a new report shows.
Half of Companies Have Suffered a Cybersecurity Issue Amid COVID-19 Crisis
Survey shows 49% expect to experience a data breach or cybersecurity incident in the next month.
5/5/2020
Attackers Adapt Techniques to Pandemic Reality
Over the past several months, threat actors have quickly shifted their tactics to take advantage of interest in the coronavirus, two studies find.
Post-Pandemic Presentation Plans
Coming to a conference near you — who knows when.
5/4/2020
Stay-at-Home Students Offered Lessons to Boost Cybersecurity
Stuck at home with a primary- or secondary-school student? Organizations from professional training groups to national governments are teaming up to offer virtual cybersecurity training for teens — in some cases, for free.
How InfoSec Pros Can Help Healthcare During the Coronavirus Pandemic
Security pros are banding together to ensure healthcare facilities can focus on saving lives instead of defending against cyber attacks. Here are a few places you can volunteer your services.
7 Tips for Security Pros Patching in a Pandemic
The shift to remote work has worsened patch management challenges and created new ones. Security pros share insights and best practices.
5/1/2020
Fake Microsoft Teams Emails Phish for Credentials
Employees belonging to organizations in industries such as energy, retail, and hospitality have been recipients, Abnormal Security says.
DHS CISA Launches Site for Teleworking Security
The new website is intended to be a one-stop source for information on securing teleworkers and their employers.
Best Practices for Managing a Remote SOC
Experts share what it takes to get your security analysts effectively countering threats from their home offices.
Apple Makes It Easier to Unlock iPhone While Wearing a Mask
The beta release of iOS 13.5 brings an updated FaceID so that users wearing masks can bypass facial recognition and unlock their phone with a code
Industrial Networks’ Newest Threat: Remote Users
We know remote working isn’t going away anytime soon, so it’s crucial we be extra vigilant about security for industrial networks and critical infrastructure.
4/29/2020
86% of Companies Report Network Disruption Amid Remote Work Shift
Nearly two-thirds say disruptions were at least moderate in severity, and more have seen VPN connectivity issues as employees work from home.
7 Secure Remote Access Services for Today’s Enterprise Needs
Secure remote access is a “must” for enterprise computing today, and there are options for you to explore in the dynamic current environment.
7 Fraud Predictions in the Wake of the Coronavirus
It’s theme and variations in the fraud world, and fraudsters love — and thrive — during chaos and confusion
Phishers Start to Exploit Oil Industry Amid COVID-19 Woes
While a massive flood of attacks has yet to materialize, cybersecurity experts say this could be the calm before the storm.
4/28/2020
5 Big Lessons from the Work-from-Home SOC
Accustomed to working in the same room, security teams now must find ways to operate effectively in the new remote reality.
Increased Credential Threats in the Age of Uncertainty
Three things your company should do to protect credentials during the coronavirus pandemic.
Security Pros Reassigned to IT Tasks in Coronavirus Pandemic
Most security practitioners surveyed say their job functions have changed during the pandemic, and 90% are now working remotely full time.
4/27/2020
Will the Pandemic Complicate Cyber Insurance Claims?
While quarantined workers are keeping safe at home, they could be jeopardizing your insurance policy.
COVID-19 Quarantine: A Unique Learning Opportunity for Defenders
Use these spare moments at home to master new skills that will help protect your organization and enhance your career.
4/24/2020
WHO Confirms Email Credentials Leak
Washington Post had identified the group as one among several whose passwords and emails were dumped online and abused.
4/23/2020
Why Consumers, SMBs Are Likely to Fall for Coronavirus Scams
Data reveals both a lack of skepticism and a willingness to engage with emails crafted to seem like government communications.
5 Ways to Prove Security’s Worth in the Age of COVID-19
Tightened budgets are placing jobs at risk, but security pros say they’re armed with ways to demonstrate that what they’re doing merits keeping them employed.
Resiliency: The Trait National Sporting Leagues Share with Security & IT Teams
During unprecedented times such as these, both businesses and professional sports are forced to go back to basics.
White-Hat Hackers Help ‘Fold’ COVID-19 Proteins
A grassroots effort provides scientists with computing power to help simulate the novel coronavirus’ proteins and come up with therapeutic solutions for the disease.
4/22/2020
11 Tips for Protecting Active Directory While Working from Home
To improve the security of your corporate’s network, protect the remote use of AD credentials.
Domain Registrars Under Pressure to Combat COVID-19-Related Scams
A huge increase in malicious website registrations has prompted concern from US lawmakers.
4/21/2020
Is COVID-19 Intensifying the Need for Security Staffing?
Overall, security practitioners should find themselves in a better working situation than many other professionals. However, we are not immune.
Microsoft Proposes Privacy Controls for COVID-19 Contact Tracking, Tracing
As governments broaden use of digital technologies to stem pandemic, sensitive health and location data need to be protected, company says.
Work-from-Home Exposes Already-Infected Machines in 50K US Organizations
Researchers find massive spike in infected enterprises worldwide.
4/20/2020
Stimulus Payments Are Popular Leverage for Cyberattacks
More than 4,300 domains related to stimulus and relief packages, many of them malicious, have been registered since January.
COVID-19 Caption Contest Winners
It was a tough choice! And the winner is…
Remote Access Makes a Comeback: 4 Security Challenges in the Wake of COVID-19
As companies continue to support increasing numbers of work-from-home employees, the pressure to secure access and reduce risk has never been greater.
4/17/2020
COVID-Themed Phishing Messages Fill Phishing Filters on Gmail
In the past week, Google says it identified more than 18 million daily phishing messages featuring coronavirus themes.
Cybersecurity Home-School: The Robot Project
This fun project can teach your homebound children and teens about cybersecurity (and keep them occupied for at least a little while).
‘Look for the Helpers’ to Securely Enable the Remote Workforce
CISOs and CIOs, you are our helpers. As you take action to reassure your company, your confidence is our confidence.
4/16/2020
4 Cybersecurity Lessons from the Pandemic
An epidemiologist-turned-CTO describes the parallels between the spread of a computer virus and the real-world coronavirus.
Post Pandemic, Technologists Pose Secure Certification for Immunity
Going digital with immunity passports could speed rollout and allow for better warnings of potential hot spots. But security and privacy issues remain.
5 Things Ransomware Taught Me About Responding in a Crisis
What happened in Atlanta is worth studying because it was one of the earliest cases of a major city ransomware attacks and because it came out the other side stronger and more resilient.
4/15/2020
Which InfoSec Jobs Will Best Survive a Recession?
With COVID-19 making a mess of the global economy, companies are seeking to cut corners – and some boardrooms still see security as a “cost center.” Are infosec careers vulnerable now?
4/14/2020
Will Gentler HIPAA Rules on Telehealth Now Protect Us From Breach Litigation Later?
Edge Ask-the Experts Patricia Calhoun and Patricia Carreiro, attorneys at Carlton Fieldsr espond to a reader question.
Insecure Home Office Networks Heighten Work-at-Home Risks
Nearly one in two organizations has one or more devices accessing its corporate network from a home network with at least one malware infection, BitSight says.
How Company Cultures Dictated Work-from-Home Readiness
Companies large and small are discovering just how prepared they were for all employees to work remotely
7 Ways COVID-19 Has Changed Our Online Lives
The pandemic has driven more of our personal and work lives online – and for the bad guys, business is booming. Here’s how you can protect yourself.
4/13/2020
Pandemic Could Make Schools Bigger Targets of Ransomware Attacks
Most have had to implement distance learning, making them much more vulnerable, Armor says.
Network Data Shows Spikes, Vulnerability of Work-at-Home Shift
Traffic on the public Internet has grown by half this year, and videoconferencing bandwidth has grown by a factor of five, all driven by remote-work edicts.
4/10/2020
8 Phishing Lures Preying on Pandemic Panic
Phishing campaigns and scams are skyrocketing to take advantage of people concerned about COVID-19 impacts. Here are some key examples in action.
4/9/2020
Emails Impersonating Trump, White House Seek to Exploit Pandemic Fears
The phishing campaign is only the latest among many related to COVID-19, INKY says.
Zoom, Microsoft & NTT Data Leaders Share Work-from-Home Security Tips
Tech leaders encourage organizations to maintain security awareness training and offer advice on how to protect their information.
4/8/2020
Microsoft Releases COVID-19 Security Guidance
Information includes tips on how to keep IT systems infection-free.
Keeping Vigilant for BEC Amid COVID-19 Chaos
FBI and security experts warn that attackers are particularly targeting cloud-based email systems at the moment.
After Adopting COVID-19 Lures, Sophisticated Groups Target Remote Workers
While coronavirus-themed emails and files have been used as a lure for weeks, attackers now are searching for ways to actively target VPNs and remote workers to take advantage of weaker security.
4/7/2020
The Coronavirus & Cybersecurity: 3 Areas of Exploitation
Criminal, political, and strategic factors are combining to create a perfect storm of cyber infections that target the global supply chain.
71% of Security Pros See Threats Jump Since COVID-19 Outbreak
Phishing is the top threat, followed by websites offering false information about the pandemic, malware, and ransomware attacks.
COVID-19 Omdia Analyst Advisory: Security
A listing of free security products and services collected for Dark Reading by Omdia analysts to help you meet the challenges of the coronavirus pandemic.
4/2/2020
Phishers Try ‘Text Direction Deception’ Technique to Bypass Email Filters
With COVID-19 concerns running high, attackers are trying new tactics to get to users.
A Hacker’s Perspective on Securing VPNs As You Go Remote
As organizations rush to equip and secure their newly remote workforce, it’s important to keep things methodical and purposeful.
Bad Bots Build Presence Across the Web
Bots that mimic human behavior are driving a growing percentage of website traffic while contributing to an avalanche of misinformation.
4/1/2020
Could Work-From-Home Staff be Violating Privacy Laws During Conference Calls?
If you are lucky enough to be able to do your job from home right now, you should be aware of a few key things.
3/31/2020
Patching Poses Security Problems with Move to More Remote Work
Security teams were not ready for the wholesale move to remote work and the sudden expansion of the attack surface area, experts say
3/31/2020
Why Third-Party Risk Management Has Never Been More Important
Given today’s coronavirus pandemic, the need for companies to collect cybersecurity data about their business partners is more critical than ever. Here’s how to start.
3/31/2020
Limited-Time Free Offers to Secure the Enterprise Amid COVID-19
These products and services could be of immediate help to infosec pros now protecting their organizations while working from home.
3/27/2020
Purported Brute-Force Attack Aims at Linksys Routers as More People Work Remotely
The attack takes control of poorly secured network devices, redirecting Web addresses to a COVID-themed landing page that attempts to fool victims into downloading malware.
3/26/2020
How Zoom, Netflix, and Dropbox are Staying Online During the Pandemic
Inside the efforts to keep the quarantined world’s popular Internet services running smoothly.
3/25/2020
COVID-19: Getting Ready for the Next Business Continuity Challenge
What comes after you’ve empowered your remote workforce in the wake of the coronavirus pandemic? Dealing with a large portion of that workforce getting sick at the same time.
3/24/2020
Cybercriminals’ Promises to Pause During Pandemic Amount to Little
As pandemic worsens, online profiteering — from frausters to ransomware operators to cybercriminal hacking — continues unabated, despite some promises from the underground.
3/23/2020
FBI Warns of Fake CDC Emails in COVID-19 Phishing Alert
Fraudsters exploit concerns by claiming to offer virus-related information or promising stimulus checks.
3/23/2020
8 Infosec Page-Turners for Days Spent Indoors
Stuck inside and looking for a new read? Check out these titles written by security practitioners and reporters across the industry.
3/20/2020
Attack Surface, Vulnerabilities Increase as Orgs Respond to COVID-19 Crisis
In typical fashion, attackers are gearing up to take advantage of the surge in teleworking prompted by the pandemic.
3/19/2020
DDoS Attack Targets German Food Delivery Service
Liefrando delivers food from more than 15,000 restaurants in Germany, where people under COVID-19 restrictions depend on the service.
3/19/2020
VPN Usage Surges as More Nations Shut Down Offices
As social distancing becomes the norm, interest in virtual private networks has rocketed, with some providers already seeing a doubling in users and traffic since the beginning of the year.
3/17/2020
Attorney General Directs DoJ to Prioritize Coronavirus Crime
Criminal activity related to the pandemic cannot be tolerated, William Barr states in memo.
3/17/2020
Security Lessons We’ve Learned (So Far) from COVID-19
Takeaways about fighting new fires, securely enabling remote workforces, and human nature during difficult times.
3/16/2020
Privacy in a Pandemic: What You Can (and Can’t) Ask Employees
Businesses struggle to strike a balance between workplace health and employees’ privacy rights in the midst of a global health emergency.
3/12/2020
Working from Home? These Tips Can Help You Adapt
COVID-19 means many people are doing their jobs from outside the confines of the office. That may not be as easy as it sounds.
3/11/2020
COVID-19 Drives Rush to Remote Work. Is Your Security Team Ready?
A rapid transition to remote work puts pressure on security teams to understand and address a wave of potential security risks
3/9/2020
Malware Campaign Feeds on Coronavirus Fears
A new malware campaign that offers a “coronavirus map” delivers a well-known data-stealer.
2/13/2020
Coronavirus Raises New Business Continuity, Phishing Challenges for InfoSec
What happens when understaffed security teams at home and abroad are sequestered in physical quarantine zones?
Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
Recommended Reading:
More Insights
