In a message to employees, Huawei's rotating Chairman Eric Xu says the company is preparing for a "difficult" 2020 as security concerns over national security and the U.S. trade ban will linger into the new year.
Microsoft has taken control of 50 domains that the company says were used by a hacking group with ties to North Korea. The attackers used these sites to launch spear-phishing attacks against specific victims and spread malware.
A persistent question over the past several years is which managed service providers were affected by APT10, a tenacious Chinese hacking group. But a Wall Street Journal investigation on Monday has revealed new companies affected by Cloud Hopper attacks.
Human error looks to be the obvious culprit in an accidental data breach by Britain's Cabinet Office, which published the home addresses of celebrities such as Elton John and Olivia Newton-John when it released a list of individuals set to be recognized for their contributions to British society.
While CCPA has drawn the biggest headlines when it comes to new U.S. privacy laws, businesses and consumers should also take notice of New York's SHIELD Act, which goes into effect in March 2020. The law is expected to have impact on Wall Street firms and other financial institutions headquartered in the state.
The U.S. Coast Guard issued a security alert this month after a ransomware attack took down the IT network of an unnamed maritime facility. Investigators believe that the incident involved the Ryuk ransomware strain and started with a phishing email.
Seattle-based smart home device maker Wyze says an error by a developer exposed a database to the internet over a three-week period earlier this month. The data included customer emails, nicknames of online cameras, WiFi SSIDs, device information and Alexa tokens.
The U.S. Cyber Command is weighing several cyber strategies to counter Russian influence and interference during the 2020 presidential election, The Washington Post reports. The measures reportedly could include a 'limited cyber operation' against Russian targets.
Researchers at Positive Technologies say they discovered a vulnerability in enterprise software offerings from Citrix that potentially could put 80,000 companies in 158 countries at risk of a cyberattack.
An advanced persistent threat espionage campaign with suspected ties to the Chinese government quietly targeted businesses and governments in 10 countries for two years, bypassing two-factor authentication, according to a report by Fox-IT.
Because open source components have known vulnerabilities, it's important for companies to invest in the right tools to help developers build the right applications, says Patrick Pitchappa of BNP Paribas banking group.
It's important to look into the inherent risks of engaging with vendors before getting into assessing individual companies, says Devender Kumar, CISO at TMF Group, who discusses how to handle risks arising from third parties.