Security News > 2020 > April

Microsoft has patched a worm-like vulnerability in its Teams workplace video chat and collaboration platform that could have allowed attackers to take over an organization's entire roster of Teams accounts just by sending participants a malicious link to an innocent-looking image. "Eventually, the attacker could access all the data from your organization's Teams accounts - gathering confidential information, meetings and calendar information, competitive data, secrets, passwords, private information, business plans, etc."

Abnormal Security, the platform that protects large enterprises from the most sophisticated, targeted email attacks, announced the appointment of Kevin Moore as Chief Revenue Officer. With over 20 years of success leading high-performing global sales teams in the security industry, Kevin is responsible for scaling Abnormal's worldwide sales team, operations and go-to-market engine.

Kingston Digital, the Flash memory affiliate of Kingston Technology Company, a world leader in memory products and technology solutions, announced KC2500, its next generation M.2 NVMe PCIe SSD for desktop, workstations and high-performance computing systems. KC2500 NVMe PCIe SSD delivers powerful performance using the latest Gen 3.0 x 4 controller and 96-layer 3D TLC NAND. With speeds up to 3,500MB/s read and up to 2,900MB/s write, KC2500 combines outstanding performance and endurance that improves workflow for desktop, workstation and power users.

Today, in part due to the work Let's Encrypt does, roughly 85% of all websites use HTTPS and over one billion certificates have been issued. What about money? Aas may have wanted to give away certificates for free, but building the Let's Encrypt apparatus was anything but free.

The website, GDPR.EU, is an advice site for organizations that are struggling to comply with the General Data Protection Regulation laws that were imposed by the EU in 2018. "However, the irony of a EU-funded web site about GDPR having security issues isn't lost on us."

Further worse news is that an attack against Apple's latest version of iOS 13.x can occur while the app is open in the background and does not require interaction by the user to execute the code and compromise your device. Users who rely on Mail.app to handle emails should stop using the app until Apple releases the official 13.4.5 update to patch the vulnerability.

To advance our response to threats, we also must draw on creativity, sharing and collaboration. Sharing of threat intelligence formally started about 20 years ago when Information Sharing and Analysis Centers came on the scene with the intent of helping organizations protect their infrastructure, employees and customers from cyberthreats targeting their specific industry.

MacOS Mojave focused on securing macOS features by restricting what permissions apps have to the user's system and the data it contains. One example of these types of restrictions set by default is when enabling the screen sharing protocol that allows IT to provide end-users with hands-on support when troubleshooting issues affecting their devices.

Coronavirus data story tracks hot spots around the world and in the USAnalyst used Microsoft's Power BI and public data to visualize the rise and fall of the coronavirus country by country and state by state. RSA: What it's like to attend a tech conference during the coronavirus epidemicSan Francisco was the site of the RSA 2020 conference, which took place despite cancellations from IBM, Verizon and AT&T. Google I/O 2020 latest casualty of coronavirus outbreak as tech conference cancelledMore than two months in advance, Google ditched its biggest event of the year, I/O 2020, because of the growing coronavirus threat.

Preventing idle SSH sessions from remaining connected is an easy way to add a bit more security to secure shell. Secure Shell includes a timeout feature that allows you to configure the SSH server such that it will disconnect a user, after a set period of inactivity.