Daily News Digest

Stay current on the global cyber threat landscape and industry developments with CCOE’s daily digest and library of cybersecurity news and articles.

  • PCI Compliance is Vital to the Economic Engine of the World

    • The current COVID-19 pandemic has dramatically accelerated a trend that was already on the rise — a move toward many new forms of electronic payment that involve capturing and transmitting credit card data.
    • For merchants that process, store, and transmit credit card information, Payment Card Industry Data Security Standard (PCI DSS) compliance has never been more critical.
      Security Boulevard - Michael Peters | May 1, 2020
    Security Boulevard - Michael Peters | May 1, 2020
  • (hak-iq.us20.list-manage.com)
  • U.S. Universities Hit With 'Adult Dating' Spear-Phishing Attack
    • More than 150,000 emails spreading the Hupigon RAT that use adult dating as a lure have been uncovered, with almost half being sent to U.S. university and college email addresses.
    • The emails use an adult dating lure, sending the victim two pictures of women and requesting the recipient to choose one to connect with by clicking the link under the picture.

      threatpost - Lindsey O'Donnell | April 27, 2020
  • (threatpost.com)
  • What Every Business Needs to Know About Consumer Data Privacy in 2020
    • Whether it's when we hear of a data breach at Equifax, or the unauthorized use of personal information on Facebook, the issues of data privacy and data protection are part of our daily lives.
    • While these issues aren't the primary concern for most of us on a regular basis, they become significant when either of two things happens...

      business.com - Alejandro Uria | April 27, 2020
  • (business.com)
  • Microsoft Teams fixes funny Gifs cyber-attack flaw
    • A security problem in Microsoft Teams meant cyber-attacks could be initiated via funny Gif images, researchers have revealed.
    • Researchers discovered a problem that meant viewing a Gif could let hackers compromise an account and steal data.

      BBC News | April 27 2020
  • (bbc.com)
  • Most IT leaders believe remote workers are a security risk
    • 57 percent of UK IT decision makers still believe that remote workers are a security risk, and that they will expose their organization to the threat of a data breach...
    • Apathy continues to be a major problem, with 34 percent of IT leaders saying their remote workers simply don't care about security – exactly the same percentage as last year – which suggests organizations are struggling to get employees to buy into the security strategy.

      HelpNetSecurity | April 27, 2020
  • (helpnetsecurity.com)
  • WHO Officials Targeted by Cyber-Criminals as COVID-19 Pandemic Rages On
    • The coronavirus pandemic is still at full strength in most of the world's countries.
    • This is the time when the World Health Organization (WHO) needs to be as focused on battling the virus as possible.
    • Unfortunately, this is a difficult thing to do as the organization is being constantly bombarded with attacks from hackers and scammers.

      be[IN]crypto - Ali Raza | April 26, 2020
  • (beincrypto.com)
  • Why we adopt then abandon online safety practices
    • We try to follow experts' cybersecurity and privacy recommendations but quite often many of us do so halfway or we give up.
    • Security practices like avoiding clicking on unknown links or emails were much more adopted than privacy or ID theft practices (such as using ad blocker or placing a credit freeze on one's credit reports, respectively).
    • The potential reason behind this might be that the damage from security risks is much more tangible, the researchers said.
    • When it comes to privacy and the information companies collect about people, the harms are more difficult to visualize.

      Michigan News - Laurel Thomas | April 26, 2020
  • (news.umich.edu)
  • German government loses 'tens of millions' in COVID-19 phishing attack
    • The government of North Rhine-Westphalia (NRW) in western Germany has reportedly lost tens of millions of Euros after hackers impersonated its website for distributing emergency coronavirus funding.
    • The blame has been attributed to NRW officials who had failed to set up a secure method of distributing funds.

      ITPro. - Sabina Weston | April 20, 2020
  • (itpro.co.uk)
  • Walgreens Customers Say Rx Info 'In The Hands Of Thieves'
    • Walgreens didn't have reasonable or adequate cybersecurity procedures when customers' prescription records and personal information were exposed in a data breach last year, according to a proposed class action filed Monday in Illinois federal court.
    • Walgreen Co. discovered in late September abnormal activity on a number of customers' accounts online that led to unauthorized third parties gaining illegal access to customers' sensitive information, including protected health information, but the drug store chain didn't alert its customers until December.

      LAW360 - Lauren Berg | April 20, 2020
  • (law360.com)
  • Supreme Court (UK) data breach ruling will 'come as a relief' to pension schemes
    • On 1 April 2020, the Supreme Court overturned the Court of Appeal's decision in upholding the ruling of the High Court that the supermarket was vicariously liable for its former employee's actions of sending data to third parties.
    • The court noted that, once Morrisons were made aware of the leak of the personal information, it took steps to ensure that the data was removed from the internet as well as informing the police and the affected employees.

      PENSIONSAge - Jack Gray | April 17, 2020
  • (pensionsage.com)