Top Stories for this Week

Latest CyberAttack Channels

A few security service vendors have released mid-year cyberattack reports and have noted significant changes in attack vectors and methodologies due to the increased work from home and migration to cloud services. Two areas that have seen the significant changes that are especially relevant are in "Double Extortion" and Cloud service vulnerabilities.

Report: Despite more cyberthreats during COVID-19, most businesses are confident about cybersecurity

Remote working and phishing attacks spiked during the coronavirus pandemic, but organizations believe they're on track with their cybersecurity plans, according to a new report from CompTIA.

New Known Breaches in the Past Week

Anthem reaches data breach settlement of $39.5 million

A group of 43 attorneys general across the United States announced Wednesday that a $39.5 million settlement has been reached with Anthem stemming from their massive 2014 data breach that involved the personal information of 78.8 million Americans. By PV Times | October 1, 2020

Edureka suffers server breach: 2 million user data exposed

With the increase in digitization, data leaks are getting all the more frequent. In August, data of 235 million users of Instagram, Youtube and TikTok were exposed. And now, data of $2 million users were disclosed after Edureka suffers server breach. The leaked data included names, phone numbers and even addresses of users. By Reshab Agarwal | October 02, 2020

Casino in California investigating whether customers’ private data breached following cyber-attack on its system

The Cache Creek Casino in California suffered a massive cyber attack after which it was forced to close down its operations on September 20, 2020. However, it is not clear whether any customer or employee private data was exposed due to the cyber attack. By The Indian Wire | October 4, 2020

Clinical Trials Hit by Ransomware Attack on Health Tech Firm

A Philadelphia company that sells software used in hundreds of clinical trials, including the crash effort to develop tests, treatments and a vaccine for the coronavirus, was hit by a ransomware attack that has slowed some of those trials over the past two weeks. By Nicole Perlroth | October 3, 2020

Home Health Agencies Keep Getting Hit by Cyberattacks

Among the information hacked may have been names, dates of birth, contact information, and Social Security or driver’s license numbers, according to the in-home care provider. Private health insurance data, plus Medicare and Medicaid information may also have been compromised, in addition to sensitive medical information. By Andrew Donlan | October 4, 2020

General Cybersecurity News

Cyber Security Awareness Month 2020: Assessing Today's Data Risks

October is National Cyber Security Awareness Month (NCSAM). Started by the National Cyber Security Division within the Department of Homeland Security and the non-profit National Cyber Security Alliance in 2004, the goal of this designation is to raise awareness of the importance of cyber security. By Joyce Wells | October 01, 2020

Half of All Organizations Experienced Cyber Security Incidents During the Remote Working Period

During this period, a third of organizations experienced ransomware attacks while half experienced a data breach or a security incident. By Alicia Hope | October 05, 2020

Take measures to prevent cyber breaches

Given the increase in hackers targeting of real estate businesses, it’s important that companies across the industry, from brokers, agents, real estate finance firms, title companies, property managers, etc. implement a sound cyber security plan encompassing education, vigilance and best practices. By Joseph Saracino | October 06, 2020

Evolution of Next Level Phishing Attacks with Worm-like Distribution

Hackers have been devising creative ways to bypass security measures. Recently an innovative attack method was identified by Craig Hays, a cybersecurity architect and bug bounty hunter. Due to the outrageous success rate of the attack, he described it as one of the greatest password thefts ever seen. By Cyware Social | October 03, 2020

US gov’t warns against paying off ransomware attackers

The US Treasury Department’s Office of Foreign Assets Control (OFAC) has now issued an advisory to warn organizations making or facilitating ransomware payments that they could run afoul of US regulations and face stern penalties. By Amer Owaida | October 06, 2020

Why developing cybersecurity education is key for a more secure future

Cybersecurity threats are growing every day, be they are aimed at consumers, businesses or governments. The pandemic has shown us just how critical cybersecurity is to the successful operation of our respective economies and our individual lifestyles. By Deshini Newman | October 5, 2020

Small Business Cybersecurity Concerns

New Bill Aims to Bolster Cybersecurity for Local governments, SMBs, Nonprofits

House and Senate legislators have proposed a bill aimed at bumping up cybersecurity resources tailored for local governments, small businesses (SMBs) and nonprofit organizations to defend themselves against cyber attacks. By DH Kass | October 02, 2020

Consumers and Business Owners are Underprepared for Evolving Cyberthreats

As COVID-19 drives more Americans to turn to virtual or digital business interactions, cyber criminals have found fertile hunting ground for new opportunities to exploit weaknesses. According to a new Nationwide Agent Authority survey, many American consumers and businesses are dangerously underprepared to defend against common and evolving cyberthreats. By CPA Practice Advisor | October 01, 2020

Firms invest $14mn on cybersecurity, SMBs $275K on average in 2020

Despite the overall IT budget cuts in the pandemic times, cybersecurity remains an investment priority and small and medium businesses (SMBs) allocated $275,000 to cybersecurity while enterprises invested $14 million on average this year, a new report said on Sunday. By IANS | October 05, 2020

OnPoint Issues Guidance for Personal Protection Against Cybercrimes

A data breach can spell disaster for a startup. Compliance violation fines can cripple a business, and damage to brand value can result in business irrelevance. So it’s vital to take a cybersecurity-first approach. By Andrew Zola | October 2, 20200

Nationwide agent survey reveals the truth about cyber

“Our survey highlights concerning vulnerabilities for consumers and small business owners, many of whom may be more focused on keeping their family or business afloat in tough times, as opposed to guarding against cybersecurity threats,” said Catherine Rudow, vice president of cyber insurance for Nationwide. By Ryan Smith | October 05, 2020

Attack Vectors this Week

Black-T Malware Emerges From Cryptojacker Group TeamTNT

Researchers have discovered the latest cryptojacking malware gambit from TeamTNT, called Black-T. The variant builds on the group’s typical approach, with a few new — and sophisticated — extras. By Becky Bracken | October 05, 2020

Types of Cyber Attacks: A Closer Look at Common Threats

In 2020, 80 percent of firms saw an increase in cyber attacks. You need a robust defense mechanism to prevent your sensitive information from getting exposed to unauthorized users. By understanding the different types of cyber attacks and how they are executed, you can identify potential threats and take the required steps to prevent them if a cybersecurity event occurs. By Dave Wallen | October 6, 2020

Cyber Insurance News

Cyber Insurance Market Next Big Thing | Major Giants: American International, The Chubb, Zurich Insurance, Berkshire Hathaway

The Global Cyber Insurance Market has witnessed continuous growth in the past few years and is projected to grow even further during the forecast period (2019-2027). The assessment provides a 360° view and insights, outlining the key outcomes of the industry. By Openpr | October 02, 2020

War, Terrorism, and Catastrophe in Cyber Insurance: Understanding and Reforming Exclusions

Insurance is one of the most promising tools for addressing pervasive cyber insecurity. A robust market for insuring cyber incidents could, among other things, financially incentivize organizations to adopt better cyber hygiene—thereby reducing cyber risk for society as a whole. By Jon Bateman | October 05, 2020

Things to consider before buying an individual cyber insurance policy

A personal cyber insurance policy protects daily online users from risks that could arise from cyber-attacks. It covers multiple online risks ranging from the most common to severe ones, namely - privacy and data breach, social media hacking, cyberstalking, IT theft, malware damage, email phishing, email spoofing, media liability, cyber extortion, and personal identity theft. By Shreeraj Deshpande | October 03, 2020

Regulations, Frameworks, and Controls

Companies may be punished for paying ransoms to sanctioned hackers - U.S. Treasury

Facilitating ransomware payments to sanctioned hackers may be illegal, the U.S. Treasury said on Thursday, signaling a crackdown on the fast-growing market for consultants who help organizations pay off cybercriminals. By Raphael Satter | October 02, 2020