Researchers Identify the Departments and Industries Most Susceptible to Email-Based Cyber-Attacks
by Filip Truta, from Business Insights , on 16.09.2020
Simulated phishing campaign reveals recipients typically open the email 50% of the time, 32% click the malicious attachment or link, and 13% submit sensitive data Employees in Quality Management and Health, Purchasing / Administrative Affairs, Legal / Internal Control, Human Resources, and Research and Development have the highest rates opening and interacting with malicious emails Phishing attacks are winning because they target fundamental and typical human nature, researchers say Users that deal with extensive email exchanges daily are proportionally more prone to phishing attacks than those that don’t. Hardly a surprise. But, according to one report, researchers have been able to pinpoint the exact industries and departments most prone to falling victim to email-borne cyber threats. read more
Telehealth Now the Biggest Cyber-Threat to Healthcare, New Data Shows
by Filip Truta, from Business Insights , on 15.09.2020
The adoption of telehealth vendors has significantly expanded healthcare providers' attack surface Researchers find a noticeable increase in leaks from primary healthcare and telehealth companies on the dark web since February 2020 Threat actors use strains of ransomware that are uniquely tailored to take down healthcare IT infrastructures Despite new risks from telehealth vendors, the healthcare sector has improved its security posture compared to 2019 While COVID-19 has proven the healthcare industry's overall resilience, it has also increased its cybersecurity risk. A new report indicates that the rapid adoption and onboarding of telehealth vendors has led to a significantly increased digital footprint and attack surface, leaving both provider and patient data at risk. read more
Ransomware Was the Top Cyber Insurance Claim in Q1 2020
by Filip Truta, from Business Insights , on 14.09.2020
Ransomware retakes the lead (from business email compromise) as the top cyber insurance claim the first half of the year Analysts observed a 47% increase in the severity of ransomware attacks, on top of a 100% increase from 2019 to Q1 2020 Ransomware (41%), funds transfer loss (27%), and business email compromise incidents (19%) were the most frequent types of loss Data from 25,000 small-to-midsize organizations reveals ransomware as the top cyber insurance claim in the first half of 2020, with the average ransomware demand increasing 100% from 2019 through Q1 2020. read more
Bluetooth Low-Energy Vulnerability Exposes Millions of Devices to Man-in-the-Middle Attacks
by Alina Daniela BIZGA, from IoT Security Insights , on 11.09.2020
Devices supporting Bluetooth BR/EDR and LE using Cross-Transport Key Derivation (CTKD) for pairing are vulnerable to man-in-the-middle (MITM) attacks, according to the École Polytechnique Fédérale de Lausanne (EPFL) and Purdue University researchers. The vulnerability, dubbed “BLURtooth,” could let attackers overwrite or reduce the encryption key strength for pairing Bluetooth devices securely, allowing additional access to ... The post Bluetooth Low-Energy Vulnerability Exposes Millions of Devices to Man-in-the-Middle Attacks appeared first on Bitdefender. read more
Researchers Develop New Artificial Intelligence Technique That Could Protect Medical Devices Against Cyberattacks and Human Errors
by Alina Daniela BIZGA, from IoT Security Insights , on 07.09.2020
Researchers at Ben-Gurion University of the Negev (BGU) have developed a new artificial intelligence-based method that can protect medical devices such as CT (computed tomography), MRI (magnetic resonance imaging) and ultrasound machines from malicious activity, human error and software bugs. According to lead BGU researcher Tom Mahler, medical devices controlled by instructions sent from a host PC could be targeted ... The post Researchers Develop New Artificial Intelligence Technique That Could Protect Medical Devices Against Cyberattacks and Human Errors appeared first on Bitdefender. read more
Australian Government Proposes Guide to Strengthen IoT Security
by Silviu STAHIE, from IoT Security Insights , on 04.09.2020
The Australian government has released a guide named the Code of Practice: Securing the Internet of Things for Consumers to steer the industry into building IoT devices with more robust cybersecurity features. Government and companies are fighting to make the IoT space more secure, but obstacles include fragmentation of the market, the lack of regulations ... The post Australian Government Proposes Guide to Strengthen IoT Security appeared first on Bitdefender. read more
Smart Doorbell Users Warned of Impending FBI Incursion by Neighbors
by Silviu STAHIE, from IoT Security Insights , on 02.09.2020
A leaked ‘technical analysis bulletin’ from the FBI has revealed yet a new problem generated by the smart doorbell cameras. In this case, the camera causes trouble for law enforcement. A trove of documents totaling 269 GB from various law enforcement agencies in the United States showed up online. BlueLeaks is the name of the ... The post Smart Doorbell Users Warned of Impending FBI Incursion by Neighbors appeared first on Bitdefender. read more
DARPA Invests to Make IoT Micro-Patching a Reality
by Silviu STAHIE, from IoT Security Insights , on 28.08.2020
Purdue University researchers and other teammates from the University of California, Santa Barbara and Swiss Federal Institute of Technology Lausanne (EPFL) have received a grant from the Defense Advanced Research Projects Agency (DARPA) to improve the way developers remotely patch IoT devices. Security is the most significant problem of IoT devices, and one of the ... The post DARPA Invests to Make IoT Micro-Patching a Reality appeared first on Bitdefender. read more
Microsoft Patches Azure Sphere Vulnerabilities Found by Cisco
by Silviu STAHIE, from IoT Security Insights , on 27.08.2020
Azure Sphere affected by code execution and privilege escalation vulnerabilities Microsoft already released an update for the platform Security researchers have found multiple vulnerabilities in Microsoft's Azure Sphere, an IoT platform for microcontroller unit (MCU) devices. Researchers from Cisco Talos have identified four vulnerabilities affecting a cloud-connected and custom SoC platform that Microsoft built with ... The post Microsoft Patches Azure Sphere Vulnerabilities Found by Cisco appeared first on Bitdefender. read more
US Secret Service Bought Location Data on Citizens, Bypassing Warrants
by Silviu STAHIE, from IoT Security Insights , on 26.08.2020
The US Secret Service (USSS) bought location data gathered from mobile devices from a company named Babel Street, allowing it to bypass warrants. Many people are unaware that phones and tablets are also part of the Internet of Things. Those devices gather a lot of private data, including people’s locations. Companies sell data collected from ... The post US Secret Service Bought Location Data on Citizens, Bypassing Warrants appeared first on Bitdefender. read more
