A US government contractor is the latest victim to be taken down by a ransomware attack. Electronic Warfare Associates (EWA) have the Department of Defense, Department of Homeland Security and the Department of Justice listed among clients that they serve, describing the company as a veteran-owned business with a track record dating back over the last four decade.

Hackers are selling the payment card details of more than 30 million Americans and over 1 million foreigners on Joker's Stash, the internets largest payment card forum. This card dump which occurred on Monday was advertised as "BIGBADABOOM-III", but Gemini Advisory found that the card details traced back to Wawa, an East Coast convenience store chain.

As we enter a new year and a new decade, 2020 will be a critical year for businesses and governments around the globe as they deal with a more complex and evolving cyber threat landscape. NNT’s cybersecurity evangelists, CEO Mark Kerrison and CTO Mark Kedgley, have investigated the current state of the industry and identified key cybersecurity predictions and recommendations to help you improve your cybersecurity defenses in 2020.

A study by PAS Global recently discovered over 10,000 industrial endpoints that are affected by over 380,000 known security vulnerabilities. Industrial Control Systems (ICS) are used across the oil and gas industry, power generation, refining and chemical production, pulp and paper manufacturing, and mining industries. While advantageous for various reasons, these systems also pose a serious threat to security.

Detailed information about the job performance of more than 900 Regus employees was accidentally published online after the co-working space provider conducted a review of its sales staff. Regus owner IWG commissioned the mystery shopping business, Applause, to audit its sales staff through covert filming using "spy pens" fitted with miniature cameras.

Last week the National Institute of Standards and Technology (NIST) announced version 1.0 of its new Privacy Framework, a resource designed to help organizations manage privacy risks. A preliminary version of the Privacy Framework was released in September 2019, but the release of version 1.0 was not officially announced until January 2016, 2020.

Data protection regulators have issues €114 million in fines so far under the 2018 General Data Protection Regulation. The latest findings from DLA Piper found that over 160,000 data breach notifications have been reported across the European Union since the regulation came into effect on May 25, 2018. Geographically speaking, fines were the highest in France (€51m), Germany (€24.5m) and Austria (€18m).

New research has found that the Emotet malware strain has increasingly been targeting the United State's government and military. The malware that spreads via email has been infecting organizations across the globe since as far back as 2014, but researchers at Cisco Talos recently discovered that the US government is the latest victim to compromised. The discovery was made by closely examining the patterns of outbound email associated with the malware.

A Georgia court granted final approval for a settlement involving Equifax in a class-action lawsuit following the massive 2017 data breach. This week an Atlanta federal judge ruled this week that Equifax will pay $380.5 million to settle lawsuits relating to the 2017 data breach.

The Manor Independent School District is out $2.3 million after falling to an apparent phishing scam. Officials for the Texas school district claim that three separate fraudulent transactions took place in November 2019 following the phishing attack. The scammers carried out the attacks using a variety of tactics, including disguised email addresses, phone numbers, fake links, and more. The school district took to Facebook on January 10 to post that the incident was caused by a phishing email.