Security News > 2020 > January

Nearly a year after Malta's Bank of Valletta yanked itself from the internet amid a "Cyber intrusion", Britain's National Crime Agency has made three arrests. In the hours after the funds arrived, cash withdrawals and card payments were made to the tune of £340k, with money spaffed over London stores such as Harrods and Selfridges, the NCA alleged.

Microsoft is offering rewards of up to $20,000 for finding vulnerabilities in its Xbox gaming platform through its latest bug bounty program unveiled this week. The Xbox Bounty Program is open to gamers, security researchers and basically anyone who can help the tech giant identify security vulnerabilities in the Xbox Live network and services and share them with the Xbox team, Chloé Brown, a Microsoft Security Response Center program manager, said in a blog post Thursday.

The United States on Thursday welcomed the European Union's new rules on fifth-generation internet but pressed them to go further after the bloc resisted Washington's pressure to ban China's Huawei directly. The European Union, setting guidelines that mirror those announced a day earlier by Britain, said Wednesday that countries should ban telecoms operators deemed to be a security risk.

Gamers, security researchers, and technologists have been invited to identify security vulnerabilities in Xbox network and services and report them to Microsoft. Microsoft runs a number of bug bounty programs and has now decided that their Xbox offerings need extra attention from security researchers.

While organizations may have no way of avoiding productivity losses during periods of sports-induced distractions, there are a few things they can do to avoid cyber trouble. Having an effective intelligence capability tied to a strong physical security team can empower organizations like the NFL to know their adversaries in advance and to be prepared for what they may attempt.

International progress on state-level so-called cybersecurity "Norms" is hopelessly bogged down in an explosion of NGOs and internal United Nations rivalries between two overlapping groups, a French security conference heard this week. Not only are there two overlapping United Nations groups tasked with defining international cybersecurity norms, but even agreed declarations are ignored because nobody notices what the UN comes up with on cybersecurity, diplomats complained.

A class-action lawsuit against Facebook for scanning a user's face in photos and offering tagging suggestions looks like it's finally done churning through the courts. The upshot: it will pay $550 million to settle the suit, Facebook disclosed in its quarterly earnings report on Wednesday.

The latest edition of the ISMG Security Report discusses the ramifications of the U.K's decision to allow limited use of Huawei's equipment in 5G networks. Plus: Updates on Wawa's stolen card...

Both achievements set new benchmarks for SOAR platforms, significantly reducing mean time to detect and response for security incidents. Cisco launches IoT security architecture to deliver enhanced visibility across IoT and OT environments.

Organizations are not making progress in reducing their endpoint security risk, especially against new and unknown threats, a Ponemon Institute study reveals. 68% IT security professionals say their company experienced one or more endpoint attacks that compromised data assets or IT infrastructure in 2019, an increase from 54% of respondents in 2017.