FBI, CISA Issue Joint Warning to Organizations Conducting Research
Hacking groups linked to China's government are targeting research and healthcare facilities that are working on developing vaccines, testing procedures and treatments for COVID-19, the FBI and the U.S. Cybersecurity and Infrastructure Security Agency warn in an alert.

Jordan McKee of 451 Research Discusses Card Payment Trends
The surge in e-commerce as a result of the COVID-19 pandemic means more payment card transactions - and more card fraud, says Jordan McKee of 451 Research, who discusses the latest trends.

Data Apparently Obtained From Three Breaches, ZeroFox Reports
Hackers are attempting to sell a fresh trove of approximately 26 million user records apparently obtained from three data breaches, according to researchers at the security firm ZeroFox.

Naikon Hacking Group Targeted Asia-Pacific Countries With New RAT
Over the last five years, a hacking group that's apparently tied to China has been targeting government ministries in the Asia-Pacific region as part of a cyber-espionage campaign, according to Check Point Research.

As manufacturers - including companies such as automakers that do not typically produce healthcare devices - race to help fill medical equipment shortages during the COVID-19 crisis, steps must be taken to ensure adequate security testing, says Fairuz Rafique of cybersecurity services firm EmberSec.

Meanwhile, Video Conferencing Firm Acquires Start-Up Encryption Company
Zoom has reached a settlement with the N.Y. attorney general's office to provide better security and privacy controls for its video conferencing platform. Meanwhile, the company announced it's acquiring a start-up encryption company.

The latest edition of the ISMG Security Report analyzes the many challenges involved in developing and implementing contact-tracing apps to help in the battle against COVID-19. Also featured: A discussion of emerging privacy issues and a report on why account takeover fraud losses are growing.

This webcast gives 6 tips for keeping employees safe and mitigating security threats as your workforce goes remote.
Learn how to protect employees from malicious web content.

Attacks Traced to Gangs Wielding Nefilim, Snake Strains
Ransomware attacks hit at least four large organizations around the world this week, including a hospital group in Europe that has been battling the COVID-19 pandemic.

Privacy Expert Deven McGraw on Emerging Privacy, Security Concerns
The COVID-19 crisis is presenting an array of new privacy and security challenges for healthcare providers adapting to protecting patient's medical information in new care settings, says privacy attorney Deven McGraw.

Malwarebytes Researchers Say Attacks Appear Related to Magecart
Cybercriminals are hiding malicious JavaScript skimmers in the "favicon" icons of several ecommerce websites in an effort to steal payment card data from customers, researchers at Malwarebytes say.

Ransomware Gangs Keep Pwning Poorly Secured Remote Desktop Protocol Endpoints
In honor of World Password Day, here's a task for every organization that uses remote desktop protocol: Ensure that all of your organization's internet-facing RDP ports have a password - and that it's complex and unique.

'Unauthorized Individual' Accessed SSH File, Company Says
Web hosting giant GoDaddy confirms that a data breach has affected about 28,000 of its customers' web hosting accounts, according to a news report. The company has reset passwords and usernames for some customers as a precaution, although it says no data appears to have been altered.

Cybercriminals Had Access to Millions of User Credentials, Police Say
Five suspected members of the InfinityBlack hacking group have been arrested, and authorities in Europe say they've seized two databases with more than 170 million entries, including combinations of stolen usernames and passwords.

New Materials Warn of Cyberthreats, Potential HIPAA Violations
Federal regulators are alerting healthcare organizations about an array of coronavirus-themed cyberthreats. Plus, they're advising them to avoid potential HIPAA privacy violations involving unauthorized disclosures of patient information to news outlets during the COVID-19 crisis.

Alleged GRU Agent Charged Earlier in Connection With U.S. Election Interference
German prosecutors believe that an alleged Russian hacker who apparently is a member of an elite military unit is responsible for the 2015 cyberattack against Germany's parliament, according to a news report. Earlier, the suspect was charged in connection with U.S. 2016 election interference.

Researchers: Malware Is Capable of Launching DDoS Attacks
Kaiji, a newly discovered botnet, is compromising Linux servers and IoT devices using brute-force methods that target the SSH protocol, according to the security firm Intezer. The botnet has the capability to launch DDoS attacks.

We Need These Apps, But Some Nations' Security and Privacy Follies Don't Bode Well
Despite the need to battle COVID-19, several nations' in-development digital contact-tracing apps are already dogged by security and privacy concerns. Whether enough users will ever trust these apps to make them effective remains a major question. Is it too late to get more projects back on track?