Security News > 2020 > February

From exposing private data on Trello to critical iPhone bugs - and everything in between. It's weekly roundup time.

Western military alliance NATO could have reacted with force to the 2017 WannaCry ransomware outbreak that locked up half of Britain's NHS, Germany's top cybergeneral has said. During a panel discussion about military computer security, Major General Juergen Setzer, the Bundeswehr's chief information security officer, admitted that NATO's secretary-general had floated the idea of a military response to the software nasty.

Western military alliance NATO could have reacted with force to the 2017 WannaCry ransomware outbreak that locked up half of Britain's NHS, Germany's top cybergeneral has said. During a panel discussion about military computer security, Major General Juergen Setzer, the Bundeswehr's chief information security officer, admitted that NATO's secretary-general had floated the idea of a military response to the software nasty.

Joe Vennix of Apple security has found another significant vulnerability in sudo utility that under a specific configuration could allow low privileged users or malicious programs to execute arbitrary commands with administrative privileges on Linux or macOS systems. Sudo has been designed to let users run apps or commands with the privileges of a different user without switching environments.

Despite heading a company that provides a technological solution for stopping targeted email attacks, Evan Reiser, CEO of Abnormal Security, knows that technology is not the complete answer to the malicious email problem. "Some businesses are giving up on technology and defaulting to an awareness-based security program for detecting email attacks, but that sets them up for failure. Our brains are wired to look for patterns and repeat processes, so for something that we do daily like email, it's only a matter of time before an employee accidentally clicks a link from a 'trusted' company," he told Help Net Security.

The bug-hunters at Checkpoint have laid claim to the discovery and reporting of two serious, and now patched, security flaws in Microsoft Azure. Among the fixes are security updates for iOS and macOS, the two major operating systems from Cook and Co. While there aren't any massive risks posed by the patched flaws, users and admins should look to get the patches in place before malware writers begin to take aim at them.

Encryption is a popular topic among security professionals and occasionally a polarizing one. Disk-level encryption has nothing to do with internal user visibility - it's just one component of what should be a comprehensive approach to data security to protect against database-level data loss.

Innovation in cybersecurity is a key enabler to facilitate progress in the NIS industry, boost employment in the cybersecurity sector and growth of EU GDP. ENISA published a report that analyses the current landscape for supporting innovation in cybersecurity in the EU. The study presents good practices and challenges from the Member States whilst trying to execute innovation as a strategic priority of their National Cyber Security Strategies. "The CSA, the NIS Directive and the GDPR incentivised innovation in relevant areas of cybersecurity and data protection. To encounter current and emerging cybersecurity risks and threats, EU Member States need to strengthen and adjust their national capabilities by developing innovative solutions and objectives under their NCSS," said Juhan Lepassaar, Executive Director of ENISA. Different approaches to innovation.

Traditional networking and interconnectivity approaches are not handling the pressures being placed on traditional computer networking, according to Stateless. Today, networking technologies are focused on the transfer of ones and zeros from one point to another.

The report revealed that in 2020, up to two thirds of employees surveyed could be headed for the door. "Our data shows a substantial portion of today's workforce already has one foot out the door. This is a huge shift from what we found last year: that despite disengagement, 65% of employees were planning on staying at their jobs," said Dr. Natalie Baumgartner, Chief Workforce Scientist at Achievers.