Daily News Digest

Stay current on the global cyber threat landscape and industry developments with CCOE’s daily digest and library of cybersecurity news and articles.

  • What Every Business Needs to Know About Consumer Data Privacy in 2020
    • Whether it's when we hear of a data breach at Equifax, or the unauthorized use of personal information on Facebook, the issues of data privacy and data protection are part of our daily lives.
    • While these issues aren't the primary concern for most of us on a regular basis, they become significant when either of two things happens...

      business.com - Alejandro Uria | April 27, 2020
  • (business.com)
  • Microsoft Teams fixes funny Gifs cyber-attack flaw
    • A security problem in Microsoft Teams meant cyber-attacks could be initiated via funny Gif images, researchers have revealed.
    • Researchers discovered a problem that meant viewing a Gif could let hackers compromise an account and steal data.

      BBC News | April 27 2020
  • (bbc.com)
  • Most IT leaders believe remote workers are a security risk
    • 57 percent of UK IT decision makers still believe that remote workers are a security risk, and that they will expose their organization to the threat of a data breach...
    • Apathy continues to be a major problem, with 34 percent of IT leaders saying their remote workers simply don't care about security – exactly the same percentage as last year – which suggests organizations are struggling to get employees to buy into the security strategy.

      HelpNetSecurity | April 27, 2020
  • (helpnetsecurity.com)
  • WHO Officials Targeted by Cyber-Criminals as COVID-19 Pandemic Rages On
    • The coronavirus pandemic is still at full strength in most of the world's countries.
    • This is the time when the World Health Organization (WHO) needs to be as focused on battling the virus as possible.
    • Unfortunately, this is a difficult thing to do as the organization is being constantly bombarded with attacks from hackers and scammers.

      be[IN]crypto - Ali Raza | April 26, 2020
  • (beincrypto.com)
  • Why we adopt then abandon online safety practices
    • We try to follow experts' cybersecurity and privacy recommendations but quite often many of us do so halfway or we give up.
    • Security practices like avoiding clicking on unknown links or emails were much more adopted than privacy or ID theft practices (such as using ad blocker or placing a credit freeze on one's credit reports, respectively).
    • The potential reason behind this might be that the damage from security risks is much more tangible, the researchers said.
    • When it comes to privacy and the information companies collect about people, the harms are more difficult to visualize.

      Michigan News - Laurel Thomas | April 26, 2020
  • (news.umich.edu)
  • German government loses 'tens of millions' in COVID-19 phishing attack
    • The government of North Rhine-Westphalia (NRW) in western Germany has reportedly lost tens of millions of Euros after hackers impersonated its website for distributing emergency coronavirus funding.
    • The blame has been attributed to NRW officials who had failed to set up a secure method of distributing funds.

      ITPro. - Sabina Weston | April 20, 2020
  • (itpro.co.uk)
  • Walgreens Customers Say Rx Info 'In The Hands Of Thieves'
    • Walgreens didn't have reasonable or adequate cybersecurity procedures when customers' prescription records and personal information were exposed in a data breach last year, according to a proposed class action filed Monday in Illinois federal court.
    • Walgreen Co. discovered in late September abnormal activity on a number of customers' accounts online that led to unauthorized third parties gaining illegal access to customers' sensitive information, including protected health information, but the drug store chain didn't alert its customers until December.

      LAW360 - Lauren Berg | April 20, 2020
  • (law360.com)
  • Supreme Court (UK) data breach ruling will 'come as a relief' to pension schemes
    • On 1 April 2020, the Supreme Court overturned the Court of Appeal's decision in upholding the ruling of the High Court that the supermarket was vicariously liable for its former employee's actions of sending data to third parties.
    • The court noted that, once Morrisons were made aware of the leak of the personal information, it took steps to ensure that the data was removed from the internet as well as informing the police and the affected employees.

      PENSIONSAge - Jack Gray | April 17, 2020
  • (pensionsage.com)
  • What data breaches teach us about security procedures
    • Bots are now capable of performing upwards of 100 attacks per second, making it easier and faster for fraudsters to commit ATO fraud on a massive scale.
    • A recent study by Google found 66% of those polled said they use the same password for more than one online account, with the average user having 7.6 social media accounts.

      TechRadar - Labhesh Patel | April 17, 2020
  • (techradar.com)
  • Misconfiguration Remains the #1 Cause of Data Breaches in the Cloud
    • 96% of cloud engineering teams are now 100% distributed and working from home in response to the novel Coronavirus crisis.
    • 83% have completed the transition or are doing so.
    • Of those making the shift, 84% are concerned about security vulnerabilities caused by new access policies, networks, and devices used for managing cloud infrastructure remotely.
    • Asked what they'd need to manage cloud misconfigurations more effectively and efficiently, 95% of IT pros cited tooling to automatically detect and remediate misconfiguration events.

      Security Boulevard - Filip Truta | April 16, 2020
  • (securityboulevard.com)