The European Network and Information Security Agency, ENISA, has compiled a list of existing initiatives focused on finding and preventing software vulnerabilities.

This webcast gives 6 tips for keeping employees safe and mitigating security threats as your workforce goes remote.
Learn how to protect employees from malicious web content.

Meanwhile, Video Conferencing Firm Acquires Start-Up Encryption Company
Zoom has reached a settlement with the N.Y. attorney general's office to provide better security and privacy controls for its video conferencing platform. Meanwhile, the company announced it's acquiring a start-up encryption company.

Naikon Hacking Group Targeted Asia-Pacific Countries With New RAT
Over the last five years, a hacking group that's apparently tied to China has been targeting government ministries in the Asia-Pacific region as part of a cyber-espionage campaign, according to Check Point Research.

Data Apparently Obtained From Three Breaches, ZeroFox Reports
Hackers are attempting to sell a fresh trove of approximately 26 million user records apparently obtained from three data breaches, according to researchers at the security firm ZeroFox.

Australia, India and UK Pursuing Centralized Approach Many Privacy Experts Warn Against
Technology is no panacea, including for combating COVID-19. While that might sound obvious, it's worth repeating because some governments continue to hype contact-tracing apps. Such apps won't magically identify every potential exposure. But they could make manual contact-tracing programs more effective.

Terminology Shift Announced by Britain's National Cyber Security Center
Forget "whitelists" and "blacklists" in cybersecurity. So recommends Britain's National Cyber Security Center, in a bid to move beyond the racial connotations inherent to the terminology. Henceforth, NCSC - part of intelligence agency GCHQ - will use the terms "allow list" and "deny list." Will others follow?

Ransomware Gangs Keep Pwning Poorly Secured Remote Desktop Protocol Endpoints
In honor of World Password Day, here's a task for every organization that uses remote desktop protocol: Ensure that all of your organization's internet-facing RDP ports have a password - and that it's complex and unique.

The latest edition of the ISMG Security Report analyzes the rising costs of ransomware attacks and the latest victims. Also featured: An assessment of Australia's new contact-tracing app designed to help battle the spread of COVID-19, and a discussion of applying the "zero trust" model to the remote workforce.

The latest edition of the ISMG Security Report analyzes the many challenges involved in developing and implementing contact-tracing apps to help in the battle against COVID-19. Also featured: A discussion of emerging privacy issues and a report on why account takeover fraud losses are growing.

As manufacturers - including companies such as automakers that do not typically produce healthcare devices - race to help fill medical equipment shortages during the COVID-19 crisis, steps must be taken to ensure adequate security testing, says Fairuz Rafique of cybersecurity services firm EmberSec.

The European Network and Information Security Agency has released a new guide on building effective IT security public private partnerships.

ENISA has issued guidance to national telecom regulatory authorities about the implementation of Article 13a, in particular about the security measures that providers of public communications networks must take to ensure security and integrity of these networks.

ENISA has published the first EU report ever on cybersecurity challenges in the Maritime sector. This principal analysis highlights essential key insights, as well as existing initiatives, as a baseline for cybersecurity. Finally, high-level recommendations are given for addressing these risks.

Attacks Traced to Gangs Wielding Nefilim, Snake Strains
Ransomware attacks hit at least four large organizations around the world this week, including a hospital group in Europe that has been battling the COVID-19 pandemic.

Meanwhile, Video Conferencing Firm Acquires Start-Up Encryption Company
Zoom has reached a settlement with the N.Y. attorney general's office to provide better security and privacy controls for its video conferencing platform. Meanwhile, the company announced it's acquiring a start-up encryption company.

Naikon Hacking Group Targeted Asia-Pacific Countries With New RAT
Over the last five years, a hacking group that's apparently tied to China has been targeting government ministries in the Asia-Pacific region as part of a cyber-espionage campaign, according to Check Point Research.

Data Apparently Obtained From Three Breaches, ZeroFox Reports
Hackers are attempting to sell a fresh trove of approximately 26 million user records apparently obtained from three data breaches, according to researchers at the security firm ZeroFox.

Australia, India and UK Pursuing Centralized Approach Many Privacy Experts Warn Against
Technology is no panacea, including for combating COVID-19. While that might sound obvious, it's worth repeating because some governments continue to hype contact-tracing apps. Such apps won't magically identify every potential exposure. But they could make manual contact-tracing programs more effective.

Terminology Shift Announced by Britain's National Cyber Security Center
Forget "whitelists" and "blacklists" in cybersecurity. So recommends Britain's National Cyber Security Center, in a bid to move beyond the racial connotations inherent to the terminology. Henceforth, NCSC - part of intelligence agency GCHQ - will use the terms "allow list" and "deny list." Will others follow?

Ransomware Gangs Keep Pwning Poorly Secured Remote Desktop Protocol Endpoints
In honor of World Password Day, here's a task for every organization that uses remote desktop protocol: Ensure that all of your organization's internet-facing RDP ports have a password - and that it's complex and unique.

Vistra Energy, a Texas-based power generation firm, recently underwent a network transformation project. CISO Paul Reyes, joined by Zscaler's Dan Shelton, opens up on how to make the move to cloud-based models and what it can do to support your business.

The latest edition of the ISMG Security Report analyzes the rising costs of ransomware attacks and the latest victims. Also featured: An assessment of Australia's new contact-tracing app designed to help battle the spread of COVID-19, and a discussion of applying the "zero trust" model to the remote workforce.

The latest edition of the ISMG Security Report analyzes the many challenges involved in developing and implementing contact-tracing apps to help in the battle against COVID-19. Also featured: A discussion of emerging privacy issues and a report on why account takeover fraud losses are growing.

The FDIC is clarifying its policy and supervisory approach related to facilitating payment processing services directly, or indirectly through a third party, for merchant customers engaged in higher-risk activities.

Five federal regulatory agencies encourage financial institutions to work with customers affected by the federal government shutdown.

The FDIC has announced a series of steps intended to provide regulatory relief to financial institutions and facilitate recovery in areas of Illinois affected by severe storms, straight-line winds, and tornadoes.

This webcast gives 6 tips for keeping employees safe and mitigating security threats as your workforce goes remote.
Learn how to protect employees from malicious web content.

Meanwhile, Video Conferencing Firm Acquires Start-Up Encryption Company
Zoom has reached a settlement with the N.Y. attorney general's office to provide better security and privacy controls for its video conferencing platform. Meanwhile, the company announced it's acquiring a start-up encryption company.

Naikon Hacking Group Targeted Asia-Pacific Countries With New RAT
Over the last five years, a hacking group that's apparently tied to China has been targeting government ministries in the Asia-Pacific region as part of a cyber-espionage campaign, according to Check Point Research.

Data Apparently Obtained From Three Breaches, ZeroFox Reports
Hackers are attempting to sell a fresh trove of approximately 26 million user records apparently obtained from three data breaches, according to researchers at the security firm ZeroFox.

Australia, India and UK Pursuing Centralized Approach Many Privacy Experts Warn Against
Technology is no panacea, including for combating COVID-19. While that might sound obvious, it's worth repeating because some governments continue to hype contact-tracing apps. Such apps won't magically identify every potential exposure. But they could make manual contact-tracing programs more effective.

Terminology Shift Announced by Britain's National Cyber Security Center
Forget "whitelists" and "blacklists" in cybersecurity. So recommends Britain's National Cyber Security Center, in a bid to move beyond the racial connotations inherent to the terminology. Henceforth, NCSC - part of intelligence agency GCHQ - will use the terms "allow list" and "deny list." Will others follow?

Ransomware Gangs Keep Pwning Poorly Secured Remote Desktop Protocol Endpoints
In honor of World Password Day, here's a task for every organization that uses remote desktop protocol: Ensure that all of your organization's internet-facing RDP ports have a password - and that it's complex and unique.

The latest edition of the ISMG Security Report analyzes the rising costs of ransomware attacks and the latest victims. Also featured: An assessment of Australia's new contact-tracing app designed to help battle the spread of COVID-19, and a discussion of applying the "zero trust" model to the remote workforce.

India is modifying its 2020 National Cybersecurity Policy to take into account the shift to teleworking as a result of the COVID-19 pandemic, says Lt. Gen. (Retd) Rajesh Pant, national cybersecurity coordinator.

The latest edition of the ISMG Security Report analyzes the many challenges involved in developing and implementing contact-tracing apps to help in the battle against COVID-19. Also featured: A discussion of emerging privacy issues and a report on why account takeover fraud losses are growing.