Personal information about present and former Google employees was compromised in an incident involving US law firm Fragomen, Del Rey, Bernsen & Loewy, which handles immigration law cases. The law firm says a "limited number" of Google employees were affected.
Earn SC Media's BEST Cybersecurity Degree in the Nation Will your degree always be in-demand? Stand out from other applicants by earning a BS, MS, TMBA, or DSc in cybersecurity from Capitol Technology University, the 2020 winner of the SC Media Award for Best Cybersecurity Higher Education Program.
Multifactor authentication is key to preventing data breaches, but about 78% of administrators of Microsoft 365 don't use it, says software company CoreView. The company also notes that 36% of 365 administrators have global privileges, whereas security guidelines recommend two to four per business.
Market research company Forrester says it expects one-third of security breaches to have an insider component by next year, up from the current level of 25%. The main reason, states Forrester analyst Jeff Pollard, is that insider threats have evolved from "a dirty secret" into a factor disclosed to regulators and the public.
Only about 1 in 3 cybersecurity professionals consider the threat data they receive to be both accurate and relevant, finds a survey by Neustar. Considering the pandemic and the remote working conditions it created, "actionable, contextualized, near real-time threat data" is more important than ever, says Neustar executive Rodney Joffe.
Reinhart Hansen of security company Imperva says the company has noted a tenfold increase in distributed-denial-of-service attacks over the past year, with cybercriminals charging as little as $50 for a five-minute attack. "That tiny investment can have major implications when websites go down and criminals manage to tunnel into backend servers and customer data," Hansen says.
Virtual private networks become a weak point in security if "access to them is handed out willy-nilly to contractors," writes Jason Soroko, Sectigo's chief technology officer. In this commentary, Soroko covers a wide variety of threats and writes that many administrators don't manage secure shell keys carefully enough.
Scalable Capital, a German financial robo-adviser backed by Blackrock, has reported a data breach involving details about individual bank accounts, investment portfolios and taxes. The company says no funds were at risk from the cyberattack, which affected 20,000 customers in the UK and Germany.