A fake website claiming to be that of the "US Trading Commission" -- which does not exist -- is preying on victims of data breaches under the guise of offering compensation, Kaspersky Labs reports. Victims are asked to fill out forms with personal data, including Social Security numbers and credit card information, and the site offers to sell them a Social Security number if they don't have one.
Northwestern MS in Information Systems Build the skills needed for IT management roles. Learn from and network with a faculty of leading industry experts. Choose from 8 specializations to suit your goals. Study online or on campus. Learn more.
Mitsubishi Electric has confirmed Japanese newspaper reports that the world's largest electronics and electrical equipment manufacturing firm -- which is also one of Japan's biggest defense contractors -- suffered a data breach last year that was most likely from China. The hackers compromised an employee account, accessed about 14 departments and stole 200 megabytes of files.
Nation-state attackers were able to break into two municipal networks in the US during 2019 by exploiting CVE-2019-0604, a flaw associated with servers running Microsoft SharePoint, the FBI reported. The bureau says the attacks enabled intruders to view user data, gain consistent backdoor access and exercise administrative privileges.
Antivirus software from leading vendors might not protect Windows machines using Microsoft's Encrypting File System from certain types of ransomware attacks, security researchers say. Vendors are responding in various ways to the researchers' development of "concept ransomware" that uses EFS to lock files.
Firewall vendors have kept their products relevant by adding intrusion prevention system capabilities and other security features, writes Tufin Chairman and CEO Ruvi Kitov. Even with the rise in cloud computing, firewalls remain important for on-premises security and the internet of things, he writes.
The Cybersecurity State Coordinator Act of 2020 would require that each state have a cybersecurity leader to speed up response times and improve communication with the federal government. The state coordinators would be appointed and overseen by the Department of Homeland Security.
Companies that have "facilities with chemicals of interest" should safeguard their sites against the risk of an Iranian attack by increasing physical security and cybersecurity controls, according to a bulletin released by the Department of Homeland Security. The bulletin recommends stronger controls at sites that handle toxic or flammable chemicals, or substances that could be stolen and used alone or in combination with other chemicals to create weapons.