(Source: Tom Raftery via Flickr/CC)

3 Charged in Twitter Hack

Doug Olenick • July 31, 2020

A Florida teenager and a second unidentified individual were arrested and a third man was charged in connection with hacking 130 high-profile Twitter accounts to pull off a cryptocurrency scam,

►

Business Continuity Management / Disaster Recovery

Cybersecurity Leadership: What We've Learned From COVID-19

Latest

Account Takeover

Twitter Hack: Suspects Left Easy Trail for Investigators

Doug Olenick • August 3, 2020

Suspects in the epic attack against Twitter were uncovered, in part, by the use of their real photo identification for cryptocurrency accounts they used to broker the sale of stolen usernames. The mistakes proved crucial to their identification, according to court documents.

Cybercrime

Top Cybersecurity Challenge: 'More Capable Threat Actors'

Mathew J. Schwartz • August 3, 2020

The pace of online crime hasn't been flagging, as "more capable threat actors" - criminals and nation-states alike - have been bringing more advanced tools and tactics to bear on victims, says Raj Samani, chief scientist at McAfee.

Cyberwarfare / Nation-State Attacks

Microsoft May Be TikTok's Privacy and Security Lifeline

Jeremy Kirk • August 3, 2020

Is Microsoft coming to TikTok's rescue? It appears that's a very strong possibility following President Donald Trump's threat Friday to ban the app in the U.S. Microsoft hasn't committed to buying part of TikTok, but says if it did, it would bring the popular app world-class security and privacy protections.

Artificial Intelligence & Machine Learning

Fraud Detection: Lessons From Novartis Case

Suparna Goswami • August 3, 2020

Incidents of fraud at pharmaceutical giant Novartis that resulted in over $1 billion in fines worldwide might have been avoided if the company's compliance team used data analytics to detect patterns, says Thomas Fox, a compliance evangelist and author.

Cybercrime

Secret Service Agent Offers Cybercrime-Fighting Insights

Anna Delaney • August 3, 2020

Christopher Leone, assistant special agent in charge, United States Secret Service, offers advice to organizations on forging relationships with law enforcement as part of their cybersecurity incident preparedness plans.

Cybercrime

FastPOS Malware Creator Pleads Guilty

Akshaya Asokan • August 1, 2020

A member of the infamous Infraud Organization who was the creator of a malware strain called FastPOS has pleaded guilty to a federal conspiracy charge. Valerian Chiochiu assisted other cybercriminals through the Infraud site before authorities shuttered it in 2018, prosecutors say.

COVID-19

FBI: COVID-19-Themed Phishing Spreads Netwalker Ransomware

Prajeet Nair • July 31, 2020

The FBI is warning that attacks using a ransomware variant called Netwalker have increased since June, targeting government organizations, educational entities, healthcare firms and private companies in the U.S. and elsewhere. Phishing campaigns spreading the malware are using COVID-19 themes as a lure.

Endpoint Security

Boot-Loading Flaw Affects Linux, Windows Devices

Akshaya Asokan • July 31, 2020

A vulnerability that can impede the boot-loading process of an operating system could potentially affect billions of Linux and Windows machines, according to Eclypsium. The flaw, called "BootHole," could enable an attacker to gain near total control of an infected device.

Account Takeover

Analysis: The Hacking of Mobile Banking App Dave

Nick Holland • July 31, 2020

The latest edition of the ISMG Security Report analyzes the hacking of Dave, a mobile banking app. Plus: Sizing up the impact of GDPR after two years of enforcement and an assessment of IIoT vulnerabilities.

Breach Notification

Blackbaud's Bizarre Ransomware Attack Notification

Mathew J. Schwartz • July 31, 2020

How many different shades of bizarre is the data breach notification issued by software vendor Blackbaud? Over the course of three paragraphs, Blackbaud normalizes hacking, congratulates its amazing cybersecurity team, and says it cares so much for its customers that it paid a ransom to attackers.

COVID-19

ONC's Donald Rucker: More Work to Do on Health Data Privacy

Marianne Kolbasuk McGee • July 30, 2020

In an exclusive, wide-ranging video interview, Don Rucker, M.D., HHS national coordinator for health IT, discusses why more work needs to be done to protect the privacy of health data as well as why the U.S. needs to ramp up secure health information exchange among clinicians.

Breach Notification

Questions Persist About Ransomware Attack on Blackbaud

Mathew J. Schwartz • July 30, 2020

Numerous unanswered questions persist concerning a ransomware outbreak at Blackbaud, which provides cloud-based marketing, fundraising and customer relationship management software used by thousands of charities, universities, healthcare organizations and others.