Security News > 2020 > February

FireMon announced at RSA Conference 2020 expanded capabilities for API integrations with ServiceNow, Cisco ACI and Swimlane to help customers improve network security visibility, control, and efficiency while maximizing the value of their investments in security and IT service management systems. The FireMon API provides security professionals unlimited flexibility to customize change management workflows, increase visibility across tools and infrastructures, and maximize resources and cost efficiencies.

Among app developers presented with a warning message from Google asking them to curb the number of permission requests in their apps, 60 percent of those removed permissions. Google uses an automated process to determine what type of app is being uploaded and gauges how many permissions are being requested relative to similar apps uploaded to Google Play.

According to Mary T. Barra, CEO of the automaker, GM has invested $100 million into cybersecurity per year, including the hire of nearly 500 men and women. In 2019, GM reached nearly 300,000 students and teachers across the United States, Barra noted, including with a Society of Automotive Engineers-led interactive cybersecurity challenge and curriculum for middle-school students.

At the RSA Conference in San Francisco, TechRepublic's Veronica Combs spoke with Darren Thomas, senior product manager at McAfee, about the company's Security Innovation Alliance and its partnership with OASIS. Darren Thomas: The whole goal of the alliance is to foster information exchange and to reduce the friction points when it comes to integrations between different products. We are in the process of developing some common tooling under the auspice of OASIS. It's an OASIS open project.

Attackers shouldn't have been able to remove sensitive data like Social Security numbers from military networks, according to cybersecurity experts. Joe Lareau, senior security engineer, Exabeam, said that as political tensions around the globe continue to rise, government agencies have to be vigilant and create modern security systems that can handle a variety of attacks.

A former Microsoft software engineer was convicted this week on 18 federal criminal charges tied to stealing more than $10 million through the company's online retail platform, according to the U.S. Department of Justice. Voldymyr Kvashuk, a Ukrainian resident who first worked as a contractor and then as a full-time engineer at Microsoft from 2016 to 2018, was found guilty on five counts of wire fraud, six counts of money laundering, two counts of aggravated identity theft, two counts of filing false tax returns, and one count each of mail fraud, access device fraud and access to a protected computer in furtherance of fraud, according to the U.S. Attorney's Office for the Western District of Washington, which oversaw the case.

Cisco says it will release patches for wireless devices affected by the recently disclosed Wi-Fi chip vulnerability named Kr00k. Cybersecurity firm ESET revealed on Wednesday that over one billion Wi-Fi-capable devices were at one point affected by a vulnerability that can allow hackers to obtain potentially sensitive information from wireless communications.

A Lincoln health care company has been targeted by cybercriminals, but company officials said there's no evidence of any patient data being compromised. NRC Health said it immediately shut down its system Feb. 11 to contain the ransomware attack, the Lincoln Journal Star reported.

As a result, thousands of events around the world are being canceled, postponed or turned into online-only events in the wake of the coronavirus and the looming threat of COVID-19. Shopify Unite 2020 developers conference was set for May 6-8 in Toronto and now the in-person portion is canceled and it will be an online-only event.

Machine learning creates a profile of expected email contacts and turns on a stop sign when new people pop up.