Security News > 2020 > March

Facebook is denying that a recent content moderation glitch has anything to do with workforce issues, but it's also saying that automated systems are to blame for being overzealous in stamping out misinformation. On Monday, Facebook had put out an industry statement saying that it was joining Google, LinkedIn, Microsoft, Reddit, Twitter, and YouTube to scrub misinformation contained in posts about COVID-19.

If each of your security controls is a segment of your overall security strategy, you can't have one segment be an extremely weak one. The security solutions in your environment, the intelligence sources at your disposal, the infrastructure your company utilizes is going to be constantly changing, and a lot of times those decisions are not made by the CISO. Acquisitions, mergers, and partnerships are driven by the business, which will force the security team to adapt and integrate with a whole variety of security apparatus, and you need to be leveraging a platform that supports the largest variety of integration points but also the most diverse set of use cases because what you need today is not what you'll need tomorrow.

Can you tell me what is Cymatic's approach to web security and what differentiates you in the marketplace? We built a web application defense platform that's able to identify, basically calculate risk, and also really understand users from inside of the web application.

As the world comes to grips with the coronavirus pandemic, the situation has proven to be a blessing in disguise for threat actors, who've taken advantage of the opportunity to target victims with scams or malware campaigns. Now, according to a new report published by Check Point Research today and shared with The Hacker News, hackers are exploiting the COVID-19 outbreak to spread their own infections, including registering malicious Coronavirus-related domains and selling discounted off-the-shelf malware in the dark web.

As the world comes to grips with the coronavirus pandemic, the situation has proven to be a blessing in disguise for threat actors, who've taken advantage of the opportunity to target victims with scams or malware campaigns. Now, according to a new report published by Check Point Research today and shared with The Hacker News, hackers are exploiting the COVID-19 outbreak to spread their own infections, including registering malicious Coronavirus-related domains and selling discounted off-the-shelf malware in the dark web.

Almost 65% of the nearly 300 international cybersecurity professionals canvased by Gurucul at RSA Conference 2020 said they access documents that have nothing to do with their jobs. "Detecting impermissible access to resources by authorized users, whether it is malicious or not, is virtually impossible with traditional monitoring tools. That's why many organizations are turning to security and risk analytics that look at both employee and entity behaviors to identify anomalies indicative of insider threats."

On the first day of the Pwn2Own 2020 hacking competition, participants earned a total of $180,000 for demonstrating exploits targeting Windows 10, Ubuntu Desktop and macOS. Pwn2Own typically takes place at the CanSecWest cybersecurity conference in Vancouver, Canada, and participants have to attend in person. On the first day of Pwn2Own 2020, a team from the Georgia Tech Systems Software & Security Lab successfully executed code on macOS through Safari.

"This research demonstrates that despite heightened compliance focus, businesses struggle to manage foundational security like PKI and the tools and processes that maintain it. This is concerning, especially as the number of digital certificates and keys within enterprise continues to multiply," said Chris Hickman, CSO at Keyfactor. "A lack of program ownership, combined with the constant care and feeding that digital identities need, has introduced new risk, creating an exposure epidemic. Unless leaders invest in in-house processes and outsourced resources to manage PKI, enterprise will risk failed audits, fines and worse, a security breach."

Hong Kong has made it mandatory for all new arrivals to wear an "Electronic wristband" that links to a smartphone to provide location-tracking services, so that authorities can be sure they're observing COVID-19 quarantine requirements. Here's the fun part in the press release: "The staff at the communication centres set up by the Office of the Government Chief Information Officer will check the location of people under quarantine from time to time and make surprise video calls to ensure that they are staying at their dwelling places."

Hong Kong has made it mandatory for all new arrivals to wear an "Electronic wristband" that links to a smartphone to provide location-tracking services, so that authorities can be sure they're observing COVID-19 quarantine requirements. Here's the fun part in the press release: "The staff at the communication centres set up by the Office of the Government Chief Information Officer will check the location of people under quarantine from time to time and make surprise video calls to ensure that they are staying at their dwelling places."