Security News > 2020 > January

Organizations should long ago have put in place multifactor authentication and a breach response plan and continued to actively shore up any defenses that are lagging. Here's the U.S. government once again warning organizations that support critical infrastructure to do the basics.

Symantec's parent Broadcom has offloaded its Cyber Security Services operation to Accenture for an undisclosed sum. Some 300 staff are employed by the security services division, and presumably most, if not all, will shuffle off to their new employer in March, when the buy clears.

Email and data security company Mimecast on Monday announced the acquisition of threat protection solutions provider Segasec. The acquisition, Mimecast says, is expected to help it better defend customers against fake websites that aim to harvest the credentials of their customers, employees, partners, and third-party vendors within their supply chains.

An information disclosure vulnerability affecting Microsoft Access can cause sensitive data from system memory to be unintentionally saved in database files, email security company Mimecast revealed on Tuesday. The vulnerability, dubbed "MDB Leaker" by Mimecast, is related to "The improper management of system memory by an application." It can cause the content of uninitialized memory elements to be saved into Microsoft Access MDB files.

In early December, Tampa FL-based security services firm ReliaQuest, released a separate report discussing the effect of this tendency to purchase individual stand-alone tools to solve newly discovered issues. Problems include more tools than company capacity to productively use them, and a burden of maintenance forcing security teams to spend more time managing the tools than defending against threats.

The Federal Bureau of Investigation is once again asking Apple to help unlock the iPhone of a potential terrorist. The statement does not indicate whether Apple will in fact assist in unlocking the phones, which the FBI said are being held in the crime lab at Quantico, Va. Deja-Vu Privacy Implications.

In an unexpected industry twist, consulting giant Accenture on Tuesday announced that it has agreed to acquire Symantec's Cyber Security Services business from Broadcom for an undisclosed sum. The acquisition significantly expands Accenture Security's managed security services offerings and capabilities, and will add more than 300 employees around the world to the group.

ISARA is among several Canadian technology innovators selected by the APMA - Canada's national automotive association representing OEM producers of parts, equipment, tools, supplies, advanced technology, and services for the worldwide automotive industry - for inclusion in the demonstration car at APMA's booth within the Smart Cities showcase. "As cars become ever smarter and more connected, data security is an integral component of driver safety," said ISARA CEO and Co-founder Scott Totzke.

Google on Monday published the first Android security bulletin for 2020, with patches for 40 vulnerabilities, including a critical flaw in the Media framework. The Android Security Bulletin for January 2020 was split into two parts: the first addresses 7 vulnerabilities in Framework, Media framework, and System, while the second includes fixes for 33 security flaws in Kernel, Qualcomm, and Qualcomm closed-source components.

Despite the difficulties of identifying deepfakes, social media sites are recognizing the need to crack down on the manipulated, misleading videos. Facebook is banning deepfake videos, which stem from a technique of human-image synthesis based on artificial intelligence to create fake content.