State CISOs are finding it challenging to meet the needs for risk management and new cybersecurity investments at a time when tax revenue continues to shrink during the COVID-19 pandemic and agencies are expecting budget cuts.
The FBI and CISA warn that hackers are increasingly using voice phishing, or vishing, to target employees who are working from home due to the COVID-19 pandemic, steal their credentials and other data and use the information to launch other attacks or to steal financial data.
The COVID-19 pandemic is forcing big businesses to rethink their security plans. For example, the National Football League is experimenting with "zero trust" architectures, while Jet Blue is focusing on more frequent risk assessments.
The IcedID banking Trojan has been updated with additional evasion techniques, including a password-protected attachment, keyword obfuscation and a DLL file that acts as a second-stage downloader, according to Juniper Threat Labs.
Two critical, zero-day vulnerabilities affecting Internet Explorer and multiple versions of the Windows operating system are being exploited in the wild, Microsoft and the U.S. Cybersecurity and Infrastructure Security Agency warn, urging prompt patching.
Researchers at the security firm Kaspersky say distributed denial-of-service attacks increased dramatically in the second quarter, most likely as a result of the shift to a remote workforce because of the COVID-19 pandemic.
President Donald Trump, citing national security concerns, has signed two executive orders that will ban the Chinese-owned social media platforms TikTok and WeChat from the U.S. within 45 days. The orders appear designed to accelerate the sale of the two platforms to American firms.
Chip giant Intel is investigating what led to the posting of 20 GB of internal company data - including what appears to be confidential corporate information - to the MEGA cloud storage and file sharing platform.
Several Canon USA corporate websites remained offline Friday after the company reportedly sustained a ransomware attack. Earlier, the imaging company reported user data was missing from a cloud database.
WastedLocker, a ransomware strain that reportedly shut down Garmin's operations for several days in July, is designed to avoid security tools within infected devices, according to a technical analysis from Sophos.
Hackers with suspected ties to North Korea targeted U.S. aerospace and defense firms with fake job offer emails sent to employees, according to security firm McAfee. The messages contained malware designed to gain a foothold in networks and gather data.