Bill Gates' official Twitter account was hijacked as part of a crypto scam. (Source:SeekingAlpha)

Several Prominent Twitter Accounts Hijacked in Crypto Scam

Scott Ferguson • July 15, 2020

Several prominent business executives and politicians, including Joe Biden, Elon Musk and Bill Gates, had their Twitter accounts hijacked in what appears to be a cryptocurrency scam, according to news reports. Some security experts believe that two-factor authentication protections failed.

Governance & Risk Management

IT & OT Convergence: Sizing Up the Security Risks

Latest

Fraud Management & Cybercrime

Using Digital IDs to Fight Financial Fraud

Suparna Goswami • July 16, 2020

The Institute of International Finance, a global association of financial institutions, is focusing on strategies for using digital identification and machine learning to combat financial crime, says Matthew Ekberg, a senior policy adviser at the institute.

Fraud Management & Cybercrime

Phishing Campaign Used Chase Fraud Alert as Lure

Doug Olenick • July 15, 2020

Fraudsters used phishing emails purporting to be a warning from Chase Bank about "unusual activity" on credit cards in an attempt to steal consumers' account credentials, according to Mariana Pereira of the security firm Darktrace.

Cyberwarfare / Nation-State Attacks

Malware Hidden in Chinese Tax Software

Akshaya Asokan • July 15, 2020

Malware designed to provide backdoor access to corporate networks, gain administrative privileges and deliver additional payloads was hidden in tax software the Chinese government requires companies doing business in the nation to use, researchers at the security firm Trustwave report.

Next-Generation Technologies & Secure Development

How to Make the Most of Cyber Intelligence

Anna Delaney • July 15, 2020

Creating a cyber intelligence strategy involves operational and tactical measures as well as technical approaches, says Jeff Bardin, chief intelligence officer at Treadstone 71.

3rd Party Risk Management

Britain's 5G Policy Failure: No Ideal Alternative to Huawei

Mathew J. Schwartz • July 15, 2020

Britain's U-turn on Huawei, announcing that it will now ban the manufacturer's gear from its 5G networks, highlights this as yet unresolved problem: Years of underinvestment and policy failures have left Britain and its allies with no inexpensive, trusted alternative.

Breach Notification

LiveAuctioneers Confirms Breach After Records Posted for Sale

Prajeet Nair • July 14, 2020

Auction website LiveAuctioneers has acknowledged that it sustained a data breach in June. The announcement came after threat intelligence firm CloudSEK reported that it discovered about 3.4 million LiveAutioneers customers' records had been posted for sale on a darknet forum.

Cyberwarfare / Nation-State Attacks

Israeli Court Dismisses Complaint Against NSO Group

Akshaya Asokan • July 14, 2020

An Israeli court has dismissed a petition filed by Amnesty International that sought to revoke the security export license of NSO Group, a tech firm that's been accused of selling hacking tools to governments for targeting dissidents, journalists and lawyers.

Cybercrime

Yet Again, Vulnerabilities Found in a Router

Jeremy Kirk • July 14, 2020

It's common for security researchers to be ignored when reporting a software vulnerability. The latest example - vulnerabilities found by Independent Security Evaluators in a router made by China-based Tenda.

Fraud Management & Cybercrime

Leveraging Analytics for Fraud Audits

Suparna Goswami • July 14, 2020

Data analytics can help auditors identify high-risk areas - a far better approach than relying on random samples, says forensics expert Vincent Walden.

Application Security

Ensuring Connected Devices Are Secure

Jeremy Kirk • July 14, 2020

The lessons of the Mirai botnet's abuse of internet-connected devices four years ago have been taken to heart, says Aaron Guzman of OWASP, which is working with others to improve security benchmarks and testing for connected devices.

Endpoint Security

Product Labels Could Make IoT Risks More Transparent

Jeremy Kirk • July 14, 2020

Manufacturers are increasingly adding connectivity to everyday devices, but it's not always evident how privacy and security is managed. Detailed technical labels could give purchasers more insight, says Pardis Emami-Naeini, a post-doctoral scholar at Carnegie Mellon University.

Cyberwarfare / Nation-State Attacks

Wells Fargo Bans TikTok App on Company Devices

Ishita Chigilli Palli • July 13, 2020

Wells Fargo, the fourth largest bank in the U.S., has directed employees to remove the TikTok social media app from their company-issued devices, citing security concerns. The news comes after Amazon sent mixed signals to its employees about use of the social media app.