IPStorm, a malware botnet discovered last year, has now infected 13,500 systems and is branching out beyond Windows to infect Android, Linux and Mac systems. IPStorm leaves a reverse shell on infected devices that could be used for executing distributed-denial-of-service attacks, installing crypto-mining apps or relaying malicious traffic as part of a proxy network, but the hackers' end goal remains unknown.

Artificial intelligence will open up new roles in the IT job marketplace 15 years from now, including AI trainers, virtual reality managers and advanced data scientists, respondents to a recent Citrix survey said. More than half of the 1,000 employees surveyed said full-time work would be rare in 15 years, and more than half of the 500 surveyed C-suite leaders said most high-value specialist workers would work as freelance contractors.

Enterprises looking forward to 5G technology should switch to a zero-trust security framework, says former ISACA Board Chairman Rob Clyde of Clyde Consulting. "No longer will firewalls be able to protect everything, so each device has to take care of its own security: That's the nature of zero trust," Clyde says.

At least two-thirds of respondents to a European survey have adopted, or plan to adopt, a zero-trust security framework, reports Gigamon, which monitors networks. More than 8 out of 10 surveyed IT and security professionals reported an increase in cybersecurity threats since the year began.

A variant of phishing known as vishing involves scammers posing on the phone as trusted sources, in one case as the front desk of The Ritz London asking for credit card information. Ntirety CEO Emil Sayegh writes that vishing is an upscale variant of the scam in which crude criminals call purporting to be from Apple, Microsoft, the IRS or a local utility company.

IoT today has helped reduce the toil of routine and repetitive tasks, and the market is growing. With it, so are IoT security risk areas and concerns. New vulnerabilities are constantly being discovered, which means there is a need to monitor, maintain and review both policy and practice as they relate to specific use cases and operating environments on a regular basis. Full Story: ISACA

Medisys Health Group of western Canada has disclosed that it was the victim of a ransomware attack and that it paid the cybercriminals to protect the data of 60,000 clients. The company says the data could include names, provincial health numbers and test results and that it is contacting affected customers directly.

Just as good pandemic hygiene involves social distancing and washing of hands, good cyberhygiene for a small or midsize business also involves simple matters, writes James Bergl of cybersecurity company Datto. His list: patching vulnerabilities, managing access through multifactor authentication and other procedures, and developing a plan for incident response.

Twilio is expanding its internet of things offerings with the launch of Microvisor, a platform for building connected services. Also, it has unveiled a toolkit for embedding video within apps, an API for collecting data from all Twilio-powered services and a mobile app for managing the remote workforce.

VMware is acquiring automation software vendor SaltStack to broaden its network automation capabilities. VMware's Ajay Singh noted that automation makes cloud computing "faster, simpler and in many ways safer" and wrote that SaltStack's open-source approach would increase developer productivity.