IBM researchers found an SMS phishing campaign spreading Emotet to mobile banking customers (Source: IBM)

SMS Phishing Campaign Used to Spread Emotet: Report

Ishita Chigilli Palli • February 21, 2020

Mobile banking customers are being targeted by yet another SMS phishing campaign, according to new research from IBM X-Force. This time, however, in addition to trying to steal usernames and credentials, the attackers are also attempting to install Emotet malware.

Business Continuity Management / Disaster Recovery

Joker's Stash Advertises Second Batch of Indian Card Data

Latest

Breach Notification

Defense Department Agency Reports Data Breach

Apurva Venkat • February 21, 2020

A U.S. Defense Department agency that's responsible for providing secure communications and IT equipment for the president and other top government officials says a data breach of one of its systems may have exposed personal data, including Social Security numbers.

Fraud Management & Cybercrime

GAO: Census Bureau Comes Up Short on Cybersecurity

Akshaya Asokan • February 20, 2020

The U.S. Census Bureau has not done enough to address cybersecurity issues in preparation for the 2020 census, which is slated to begin in April, according to a new report from the Government Accountability Office.

Breach Notification

Hackers Post Details on MGM Resorts Guests: Report

Ishita Chigilli Palli • February 20, 2020

Hackers have posted on an underground forum the personal information of 10.6 million MGM Resorts guests, according to a news report. The hotel chain confirms it was breached last year.

Business Continuity Management / Disaster Recovery

Ransomware Attack Hit US Natural Gas Facility

Ishita Chigilli Palli • February 19, 2020

A ransomware attack on a U.S. natural gas compression facility led to a two-day shutdown of operations, according to an alert from the Cybersecurity and Infrastructure Security Agency.

Governance

Coronavirus Update: Tips for Travel

Tom Field • February 19, 2020

Globally, the coronavirus has infected more than 75,000 people and led to over 2,000 deaths. But business travelers should avoid panic, says pandemic expert Regina Phelps, who offers preventive health tips for those headed to international events, such as the RSA 2020 conference.

Endpoint Security

Preview: 12 Top Keynote Sessions at RSA Conference 2020

Mathew J. Schwartz • February 19, 2020

Are you attending the RSA 2020 conference? To help navigate the show, here's a preview of 12 top keynote sessions featuring some of the biggest names in cybersecurity tackling critical subjects, including cryptography, critical infrastructure security, bug bounties and supply chain risks.

Cybercrime

Unpatched VPN Servers Hit by Apparent Iranian APT Groups

Scott Ferguson • February 18, 2020

Unpatched Fortinet, Palo Alto and Pulse Secure VPN servers, as well as Citrix gateways, continue to be targeted by hackers, who are exploiting critical flaws to install backdoors inside corporate networks. Security firm ClearSky warns that apparent Iranian APT attackers are the latest to join the fray.

Events

RSA Conference 2020 Preview

Tom Field • February 18, 2020

"The Human Element" is the theme of the RSA Conference 2020, but there are plenty of technology-rich topics in store for attendees, including session tracks that focus on election security, open source tools, product security and anti-fraud. Britta Glade, a conference director, previews the event.

Application Security

Cybersecurity Plan for 2020 US Election Unveiled

Akshaya Asokan • February 17, 2020

The U.S. Cybersecurity Infrastructure and Security Agency has released its cybersecurity plan for the run-up to the 2020 presidential election, outlining the agency's role as a facilitator that will assist federal, state and local agencies in protecting critical election infrastructure.

Business Continuity Management / Disaster Recovery

IBM Exits RSA Conference 2020 Over Coronavirus Worries

Mathew J. Schwartz • February 17, 2020

With IBM and seven other sponsors withdrawing from next week's RSA Conference 2020 - as worries over the China-centered outbreak of the coronavirus continue - will others follow suit?

Cyberwarfare / Nation-State Attacks

US Charges Huawei With Stealing Trade Secrets

Ishita Chigilli Palli • February 14, 2020

The U.S. Justice Department has filed new charges against Huawei and several of its subsidiaries, plus its CFO, accusing them of engaging in a conspiracy to steal trade secrets from American companies.

Governance

Senator Calls for Creation of Federal Online Privacy Agency

Apurva Venkat • February 14, 2020

U.S. Sen. Kirsten Gillibrand, D-N.Y., is proposing the creation of a new federal agency dedicated to protecting online privacy, taking that task away from the Federal Trade Commission.