Security News > 2020 > March

Scripting attacks are nearly as common as malware-based attacks in the United States and, according to the most recent Crowdstrike Global Threat Report, scripting is the most common attack vector in the EMEA region. Python backdoor scripts are easy to find - a simple GitHub search turns up more than 200.

Research from the Better Business Bureau, the FINRA Investor Education Foundation, and the Stanford Center on Longevity found that people are more likely to lose money to a scam when they are socially or physically isolated from others, if they are actively engaging online, and if they are financially vulnerable. "According to our research, social isolation is a key risk factor for susceptibility to scams, as is financial vulnerability," said Melissa Lanning Trumpower, executive director of the BBB Institute for Marketplace Trust, BBB's foundation that conducted the research.

More than two-fifths of organizations experience false positive alerts in more than 20% of cases, while 15% reported more than half of their security alerts are false positives. On average, respondents indicated 26% of alerts fielded by their organization are false positives, a Neustar repot reveals.

"As the COVID-19 crisis disrupts organizations across the globe, HR leaders must respond quickly and comprehensively, considering both immediate and long-term talent consequences," said Brian Kropp, chief of research for the Gartner HR practice. A greater percentage of organizations plan to reduce work for external partners rather than employees - one-fifth of organizations plan to stop or limit consultant spend and/or reduce the number of contract workers.

United Microelectronics Corporation, a leading global semiconductor foundry, and Faraday Technology Corporation, a leading ASIC design service and IP provider, announced that Faraday's 28Gbps programmable SerDes PHY is now available on UMC's 28HPC process technology. UMC's 28HPC process stands out as an easy-to-adopt platform to realize high-speed interface designs; thus this 28nm 28G SerDes can significantly shorten chip design cycle times to more readily enable the infrastructure for 100G Ethernet, PCIe 4.0, 5G, and most xPON applications.

To resolve such issues, Amnimo is developing the Edge Gateway, which is optimized for IIoT. The objective is to equip the Edge Gateway with LTE communication features that can be used in a wide variety of industries; in particular, to develop an optimal design for use in surveillance-camera systems. Amnimo Edge Gateway characteristics Wide operating temperature range and power voltage range.

Authorities in the United States and Europe have issued warnings of increased malicious cyber-activity related to the ongoing COVID-19 pandemic. The attacks, FBI says, may come in the form of fake Centers for Disease Control and Prevention emails, phishing emails asking for personal information to receive money or encouraging people to donate for various causes, and offers for counterfeit treatments.

MaxLinear, a leading provider of radio frequency, analog and mixed-signal integrated circuits for the connected home, wired and wireless infrastructure, and industrial and multimarket applications, announced the expansion of its board to include optical communication industry veteran Greg Dougherty. "We are extremely pleased to welcome Greg to our board of directors," said Kishore Seendripu, Ph.D., MaxLinear's Chairman and Chief Executive Officer.

CORL Technologies, an industry-leading vendor security risk management company, has named vendor security risk and supply chain veteran Siobhan Hunter to its executive leadership team. Siobhan adds decades of cybersecurity risk and supply chain leadership from Fortune 500 companies to CORL's seasoned group of executive leaders.

A vulnerability in the popular Apache Tomcat web server is ripe for active attack, thanks to a proof-of-concept exploit making an appearance on GitHub. The Apache Tomcat open-source web server supports various JavaScript-based technologies, including the Apache JServ Protocol interface, which is where the vulnerability resides.