The COVID-19 Healthcare Coalition says it's addressing the coronavirus crisis using secure data sharing and analysis.

Coalition Formed to Address COVID-19 Crisis

Marianne Kolbasuk McGee • March 27, 2020

More than two dozen healthcare organizations and technology firms have formed a coalition to help address the COVID-19 crisis by using secure information sharing and data analysis. But observers warn the group must devote enough attention to privacy and security issues.

Governance & Risk Management

Teleworking by Healthcare Employees: Security Challenges

Latest

Business Continuity Management / Disaster Recovery

Hijacked Routers Steering Users to Malicious COVID-19 Sites

Apurva Venkat • March 27, 2020

Cybercriminals are waging brute-force attacks that enable them to change DNS settings on home and small business routers to redirect victims to fake COVID-19-themed websites that push infostealer malware, according to the security firm Bitdefender.

Business Continuity Management / Disaster Recovery

Analysis: Russia's COVID-19 Disinformation Campaign

Nick Holland • March 27, 2020

The latest edition of the ISMG Security Report analyzes how and why Russia is spreading disinformation about the COVID-19 pandemic. Plus: the latest CCPA regulation updates; a CISO's tips on securely managing a remote workforce.

Cybercrime

Russia's Cybercrime Rule Reminder: Never Hack Russians

Mathew J. Schwartz • March 27, 2020

Russian authorities typically turn a blind eye to cybercrime committed by citizens, provided they target foreigners. But as the recent "BuyBest" arrests of 25 individuals demonstrate, authorities do not tolerate criminals that target Russians, and especially not anyone who targets Russian banks.

Cybercrime

Chinese Cyber Espionage Continues Despite COVID-19

Akshaya Asokan • March 26, 2020

Despite the global COVID-19 pandemic, which started in China, Chinese cyber espionage campaigns are continuing, with a new campaign from one APT group targeting at least 75 enterprises in 20 countries, according to the security firm FireEye.

Governance & Risk Management

Microsoft to Pause Non-Essential Software Updates

Mathew J. Schwartz • March 26, 2020

Microsoft has announced that it will pause all non-essential updates for Windows, while both Google and Microsoft have said their Chrome and Edge browsers will, for now, receive only stability and security updates. The moves come as IT teams are continuing to respond to the ongoing fallout of the COVID-19 pandemic.

Active Defense & Deception

Reduce Dwell Time of Advanced Threats With Deception

Varun Haran • March 26, 2020

Using deception technologies can impose a cost on cybercriminals and help reduce dwell times and increase visibility, says Acalvio CEO Ram Varadarajan.

Cybercrime

The Ecommerce Surge: Guarding Against Fraud

Nick Holland • March 26, 2020

As more consumers shift to online shopping during the COVID-19 pandemic, retailers must ramp up their efforts to guard against ecommerce payment fraud, says Toby McFarlane, a cybersecurity expert at CMSPI, a payments consultancy.

Endpoint Security

The Best of RSA Conference 2020

Information Security Media Group • March 25, 2020

At RSA Conference 2020 in San Francisco, Information Security Media Group's editorial team conducted more than 130 video interviews with industry thought leaders. Here are the highlights.

3rd Party Risk Management

COVID-19 and the CISO: Jim Routh on Leadership

Tom Field • March 25, 2020

At its core, cybersecurity is about applying scarce resources to the highest risk. And nothing quite puts that tenet to the test like the COVID-19 pandemic. Jim Routh, CISO of MassMutual, discusses the challenges of managing a remote workforce and third-party relationships during this crisis.

Endpoint Security

Symantec's Strategy as a Broadcom Unit

Varun Haran • March 25, 2020

Innovation, consolidation and integration will be key areas of focus for Symantec's enterprise security business following its acquisition by Broadcom, says CTO Paul Agbabian.

Business Continuity Management / Disaster Recovery

California Modifies Consumer Privacy Regulations - Again

Tom Field • March 24, 2020

Amidst the COVID-19 pandemic, California's attorney general on March 11 released a second modification of the proposed regulations to implement the California Consumer Protection Act. Attorney Sadia Mirza explains what's included in this "spring cleaning."

Business Continuity Management / Disaster Recovery

New Mirai Variant Exploits NAS Device Vulnerability

Ishita Chigilli Palli • March 24, 2020

Security researchers are tracking a variant of the prolific Mirai botnet called Mukashi, that's taking advantage of vulnerabilities in network-area storage devices made by Zyxel and giving its operators the ability to launch DDoS attacks. Zyxel has issued a patch for the vulnerability.