Switzerland has launched a pilot program for SwissCovid, a contact tracing app based on Apple and Google's jointly developed APIs. The APIs will work with iOS 13.5 and devices running Android 6.0 or higher. The pilot involves several thousand workers at Ecole polytechnique fédérale de Lausanne, ETH Zurich, the Swiss Army, and staff at some hospitals and cantonal administrations.

Category 2 adversaries are nothing to sneeze at, but their resources are finite. If you armor up enough, they will give up, and move onto an easier comparable target. In confronting the threat of category 3, everything you have learned ratchets up to a whole new level of paranoia. Category 3 adversaries have functionally unlimited resources for pursuing top targets.

Outdated or abandoned open source components are persistent in practically all commercial software, putting enterprise and consumer applications at risk from security issues, license compliance violations, and operational threats, concludes the Synopsys 2020 Open Source Security and Risk Analysis Report. The report highlights trends and patterns in open source usage within commercial applications.

A Dutch researcher has revealed a novel way to crack into a PC through a Thunderbolt port. The method, dubbed "Thunderspy" by researcher Björn Ruytenberg, sidesteps the login screen of a sleeping computer, as well as its hard disk encryption, to access all its data. "Thunderspy is stealth, meaning that you cannot find any traces of the attack. It does not require your involvement," he explained.

Warren Buffet once said, "Only when the tide goes out do you discover who's been swimming naked." You can cover over a host of sins when times are good, but bad or unsafe practices will be exposed when times are rough. Time and experience have borne out the accuracy of this witticism in the financial arena -- and we're now seeing its applicability to the intersection of infosec and COVID-19.

Like conventional criminals, criminal hackers choose easy, lucrative targets. One group in the crosshairs is made up of companies that have data on millions of users, such as private sector entities with a Web presence. Why go after one user at a time when data is collected in one place? Criminal hackers also like to hunt small organizations that have modest capital but weak information security.

The UK's plans to launch a smartphone application to track potential COVID-19 infections won't include Apple and Google. The country's National Health Service has designed its own mobile software to do contact tracing of people exposed to the coronavirus. The NHS reportedly found that its own tech works "sufficiently well." The NHS chose a centralized model for its data collection and storage.

Consumers and companies worldwide have ramped up online ordering for software products and digital goods as they struggle to improve productivity and security while working remotely and spending more time at home. The sharp spike in online commerce aligns with the timing of the current global pandemic. Software-based offerings accounted for the highest levels of growth.

More than any other factor, it is our asset that determines our adversary. For most of us, our asset is the corpus of sensitive personal details used for online transactions. This all comes down to how much data an adversary can glean from you, and how thoroughly it can analyze it. If your data passes through some software or hardware, its developer or maintainer enjoys some measure of control.

Canonical, the parent company of Ubuntu, has announced the general availability of Ubuntu 20.04 LTS, codenamed "Focal Fossa." This major upgrade places particular emphasis on security and performance. Released once every two years, the new long-term support version provides a platform for enterprise IT infrastructures and workloads across all sectors for five years.

At this point, remarking that people now are more concerned about online privacy than ever before is not a novel observation. What's fascinating, though, is that interest in personal digital security has remained high since the issue exploded about seven years ago. In other words, instead of experiencing a short-lived spike, digital privacy awareness has been sustained. This is encouraging.

Zoom's paying customers will be able to choose the region they want to use for their virtual meetings. Paying customers will be able to opt in or out of a specific data center region, although they won't be able to change their default, which for most customers is the United States. Zoom has data centers in the U.S., Canada, Europe, India, Australia, China, Latin America, and Japan/Hong Kong.

Google, Apple and MIT have made headlines with announcements of contact tracing mobile apps in the wings. Their purpose is to identify contacts of people who test positive for COVID-19 so appropriate actions can be taken to stem its spread. However, a Cambridge University professor threw some cold water on those apps. The apps proposed by Google, Apple and MIT all have voluntary aspects to them.

Some states defaulted to mail-in ballots some time ago, and their elections are unconstrained by the pandemic. However, in many parts of the U.S. the prevailing attitude is that the Web lacks enough security for elections. That seems odd, given that we now use the Internet to manage our finances, our healthcare, our businesses, our travel -- and now our shopping, including for food.

Life as we knew it before the coronavirus is gone forever, and many changes will manifest in the pandemic's aftermath. How will it impact privacy laws around the globe? No one knows for sure, and we will not know until after the coronavirus is behind us. Cybercriminals long have been taking advantage of the Internet, and now the spread of COVID-19 has sped up their evil work.

As the coronavirus pandemic worsened in the U.S., Zoom Video Communications offered free access to its videoconferencing platform and demand skyrocketed. "Zoom has quickly become the de facto for teleconferencing during the COVID-19 pandemic," said James McQuiggan, security awareness advocate at KnowBe4. "A lot of organizations are using it to keep in contact with their employees."

Under ordinary circumstances, the average consumer can order a latte on the way to the coffee shop, book a last-minute trip to the coast, and come home to find groceries delivered -- all with the click of a button. What makes these transactions so smooth and effortless? It starts with account creation. Consumers increasingly are willing to create accounts with sites they interact with regularly.

As COVID-19 continues to spread, states and cities across the U.S. have imposed restrictions -- from banning large gatherings to lockdowns, with citizens ordered to stay home except for essential jobs and errands, or get outdoor exercise. These steps came as infection numbers mounted, and the World Health Organization stated that COVID-19 was in fact a global pandemic.

E-commerce account takeovers increased 347 percent and shipping fraud jumped 391 percent from 2018 to 2019, a fraud and identity solutions company reported. Fraudsters are gaining access to accounts using credential stuffing, romance scams, social engineering, phishing or hacking. The three-digit rise in account takeovers is connected to the rash of data breaches over the last decade.

Apple users wondering if they've caught COVID-19 now can ask digital assistant Siri for advice. The company has rolled out a self-screening feature that allows users to ask, "Hey Siri, do I have the coronavirus?" Siri then takes them through a questionnaire prepared by the U.S. Centers for Disease Control and U.S. Public Health Service to determine if they're exhibiting symptoms of the disease.

As companies send employees home in an effort to curb the spread of COVID-19, cybersecurity experts are warning that telecommuting could be putting company assets and data at risk. There are a number of precautions that employees working from home should consider to ensure that sensitive data isn't compromised by cybercriminals taking advantage of the health crisis.

Microsoft and partners have disrupted the Necurs botnet group blamed for infecting more than 9 million computers globally. There are 11 botnets under the Necurs umbrella, all apparently controlled by a single group, according to Valter Santos, security researcher at Bitsight, which worked with Microsoft on the takedown. Four of those botnets account for about 95 percent of all infections.

Open source vulnerabilities rose by nearly 50 percent in 2019 over the previous year, based on a new report. Common vulnerabilities rated as high or critical severity were found in all of the most popular open source projects, according to the WhiteSource 2020 annual report, "The State of Open Source Security Vulnerabilities." The vulnerability rate is expected to continue rising.

The United States Office of Personnel Management last week urged agencies to prepare to allow federal employees to telework -- that is, work remotely.This came on the heels of the Department of Homeland Security closing its facilities in Washington state, after learning an employee had visited the Life Care facility in the city of Kirkland, which is ground zero for the state's COVID-19 outbreak.

A number of VPN and ad-blocking apps owned by Sensor Tower, a popular analytics platform, have been collecting data from millions of people using the programs on their Android and iOS devices, according to a report. The software involved includes Free and Unlimited VPN, Luna VPN, Mobile Data, Adblock Focus for Android devices, and Adblock Focus and Luna VPN for iOS hardware.

If you're an online retailer, congratulations are in order. Online holiday sales grew 18.8 percent in 2019 compared with 2018, according to Mastercard. Armed with new systems and processes -- as well as lessons from the past -- etailers were able to fulfill more orders than in previous years. E-commerce business leaders are already thinking ahead to the 2020 holiday season.

Members of the U.S. House of Representatives have introduced legislation that aims to protect online shoppers from purchasing counterfeit goods. The proposed Shop Safe Act would establish trademark liability for companies that sell counterfeits that pose a risk to consumer health and safety. It also would impose requirements online platforms to curb counterfeiting.

2019 was a milestone year for many in the payments industry, with contactless payments making up more than 50 percent of debit card transactions, and the good news doesn't end there. The consumer drive for seamless experiences is continuing to push the industry toward new innovations that will change the face of payments. So, what will 2020 hold for e-commerce and m-commerce?

We're only two months into a new year and already hundreds of millions of personal records have been compromised, including 123 million records from sporting retailer Decathlon and another 10.6 million records from MGM Resorts hotels. These announcements followed fuel and convenience chain Wawa's revelation that it was the victim of a nine-month-long breach of its payment card systems.

Two things are happening simultaneously: The RSA Security Conference is in full swing and so is COVID-19. It's a strange juxtaposition. There is geographic proximity in that the conference is going on undeterred just a few blocks from where the mayor declared a state of emergency, during the event, due to the ongoing spread of the virus. There's also topical alignment.