Week in review: COVID-19-related threats, cybersecurity implications of working remotely

Here’s an overview of some of last week’s most interesting news, articles and podcasts:

Some commercial password managers vulnerable to attack by fake apps
Encrypted vaults are accessed by a single master password or PIN, and they store and autofill credentials for the user. However, researchers at the University of York have shown that some commercial password managers (depending on the version) may not be a watertight way to ensure cybersecurity.

Trend Micro fixes two actively exploited zero-days in enterprise products
Trend Micro has fixed two actively exploited zero-day vulnerabilities in its Apex One and OfficeScan XG enterprise security products, and advises customers to update to the latest software versions as soon as possible.

Exploring the risky behavior of IT security professionals
Almost 65% of the nearly 300 international cybersecurity professionals canvased by Gurucul at RSA Conference 2020 said they access documents that have nothing to do with their jobs.

How to avoid a costly enterprise ransomware infection
In most cases of human-operated ransomware attacks against enterprises, the hackers don’t trigger the malware immediately: according to FireEye researchers, in most (75%) of cases, at least three days passed between the first evidence of malicious activity and ransomware deployment.

Phishing is a huge concern among security decision-makers and influencers
A serious disconnect exists between how decision makers (i.e., CISOs, CIOs and CEOs), and security practitioners (i.e., IT managers and directors, security architects and security operations analysts) perceive phishing prevention, according to a research by Ironscales.

How organizations can maintain a third-party risk management program from day one
In this podcast recorded at RSA Conference 2020, Sean Cronin, CEO of ProcessUnity, talks about the importance of third-party risk management and how companies can get started with a proven process that works.

Increase web application security without causing any user disruption
In this podcast recorded at RSA Conference 2020, Jason A. Hollander, CEO, and Paul B. Storm, President at Cymatic, talk about how their platform builds a defensible barrier around the user, so web-based threats can be stopped at the source.

Security is leaving the data center and moving to the edge
The traditional network security model, in which traffic is routed through the data center for inspection and policy enforcement, is for all intents and purposes obsolete. A 2019 study by research firm Gartner found that “more users, devices, applications, services and data are located outside of an enterprise than inside.”

ENISA looking for talented cybersecurity professionals
ENISA seeks to recruit a number of talented professionals from a wide range of backgrounds, to reinforce its capacity to shape Europe’s cybersecurity future. Work opportunities at ENISA are open to nationals of the 27 European Union Member States.

Playing the infinite game with threat intelligence and cyber fusion
Interestingly, and particularly for the cybersecurity space, what tends to be most damaging is what comes from the unknown. Therefore, to best prepare for cyber incidents, it is critical to minimize the unknowns.

Can 5G make you more vulnerable to cyberattacks?
Many enterprises and sectors are unaware of the 5G security vulnerabilities that exist today. Choice IoT says it’s critical for businesses to have a plan for discovering and overcoming them at the outset of a 5G/IoT platform rollout to avoid future cybersecurity disasters.

The cybersecurity implications of working remotely
We sat down with Demi Ben-Ari, CTO at Panorays, to discuss the cybersecurity risks of remote work facilitated by virtual environments.

Too many alarms and too few security analysts? Think SOAR
Security automation, orchestration and response (SOAR) speeds up the incident response process by replacing manual tasks with automated workflows. We sat down with Swimlane CEO Cody Cornell to learn more about the benefits for all organizations.

Why ransomware continues to knock on healthcare’s door, enter, and create havoc
To help ensure payment is made, some threat actors will delete backup data and encrypt the remaining data, thus making it almost impossible for the organization to recover from the situation on their own. At that point, the business is kneecapped and they are at the attackers’ mercy.

Overcoming crypto assessment challenges to improve quantum readiness
Large enterprises have a major problem when it comes to preparing for the advent of quantum computing: few, if any, have a working knowledge of all the locations where cryptographic keys are being stored and used across applications, browsers, platforms, files and modules, as well as being shared with third parties and vendors.

WordPress and Apache Struts weaponized vulnerabilities on the rise
Vulnerabilities in leading web and application frameworks, if exploited, can have devastating effects like the Equifax breach which affected 147 million people, according to RiskSense.

Guide: Supplier CCPA readiness for security and IT teams
This guide explores questions pertaining to CCPA and best practices for supplier readiness.

New infosec products of the week: March 20, 2020
A rundown of the most important infosec products released last week.

Given the extent of the COVID-19 virus diffusion around the globe and the repercussions it has had on our private and working lives, we have inevitably covered a variety of new threats and security implications related to it:

Fake Covid-19 tracker app delivers ransomware, disinformation abounds
As COVID-19 spreads across the globe and countries do their best to slow down the infection rate, cybercriminals’ onslaught against worried users is getting more intense by the day. The latest scheme includes a malicious Android tracker app that supposedly allows users to keep an eye on the spread of the virus, but locks victims’ phone and demands money to unlock it.

Cyber crooks continue to exploit COVID-19 for their malicious schemes
A time of chaos is a time for opportunity for unscrupulous individuals and groups, and COVID-19 is seemingly an unmissable boon for cyber crooks. We’ve already covered a variety of COVID-19-themed scams, phishing attempts, hoaxes and malware delivery campaigns, but new and inventive approaches are popping up daily.

Healthcare cybersecurity in the time of coronavirus
Brno University Hospital, in Brno, Czech Republic, which is one of the country’s COVID-19 testing centers, has recently been hit by a cyberattack. The nature of the attack has yet to be shared, but looks like it might be ransomware. The result? Some surgeries have been postponed and some patients redirected to nearby hospitals.

Three actions to boost your organization’s resilience against coronavirus disruptions
With the spread of the coronavirus (COVID-19), CIOs should focus on three short-term actions to increase their organizations’ resilience against disruptions and prepare for rebound and growth, according to Gartner.

Coronavirus: You don’t get a pass when it comes to cybersecurity
Criminal elements take advantage when we are disabled, distressed or otherwise distracted, kick you when you are down and strike when you can least afford it. Reports of multiple campaigns using fears of COVID-19 to lure victims into clicking.

How finance leaders plan to react to COVID-19
The potential for COVID-19 to lead to a global economic downturn is the top concern for finance leaders in the US and Mexico, according to PwC. However, 90% of finance leaders say their business would return to normal in less than 3 months if COVID-19 were to end immediately.

More about

Don't miss