Security News > 2020 > April

The government newspaper of Iran has lost its.com website, with its publisher on Monday accusing the United States of "Stealing" the domain name. Contacted by AFP, Mehdi Shafii, head of the media group that publishes Iran, accused the US Treasury of wanting to "Block" and "Confiscate" the company's domain names.

With the release of version 3, Vivaldi now comes with a new tracking system that prevents anyone from tracking you as you navigate the web. The most logical approach is to enable tracking and then disable it on a site-by-site basis, when you find a site that doesn't function properly with tracking disabled.

Researchers say a critical denial-of-service vulnerability they discovered in Inductive Automation's Ignition Gateway could allow hackers to cause disruption on the plant floor. Researchers at industrial cybersecurity firm Claroty discovered that Ignition Gateway 8 is affected by a DoS vulnerability that could allow an attacker to cause significant disruption.

Attackers have been targeting the Sophos XG Firewall using a zero-day exploit, according to the security firm - with the ultimate goal of dropping the Asnarok malware on vulnerable appliances. Firewalls manually configured to expose a firewall service to the WAN zone that shares the same port as the admin or user portal were also affected," the firm explained.

More than 150,000 emails spreading the Hupigon RAT that use adult dating as a lure have been uncovered, with almost half being sent to U.S. university and college email addresses. Several U.S. universities have been targeted in a widespread spear-phishing attack that uses adult dating as a lure.

If an employee decides to pursue another job during the coronavirus pandemic, organizations must be prepared to keep proprietary data and company technology safe. While equipping employees with secure connections is one of the crucial first steps to launching a remote workforce, businesses must also consider how to rescind such access upon employee termination or departure.

One of the most dramatic all-at-once attacks that your network can suffer is, of course, ransomware. Ransomware attacks often rely on victims making a few basic mistakes that are often quite uncomfortable to confront - it's natural to assume you haven't made any, and it can feel both tired and tiring to keep going through the basics.

7% of the recommendations were only partially implemented and 30% were not implemented at all as of November 2019, although the FCC is planning on fully implementing all recommendations by April 2021. "Until FCC fully implements these recommendations and resolves the associated deficiencies, its information systems and information will remain at increased risk of misuse, improper disclosure or modification, and loss," GAO notes in the newly published report.

Obsidian Security announced protection for Zoom, enabling organizations to safely embrace the leading video communications service as a business-critical application. "Board meetings, medical appointments, and critical customer calls are all occurring over Zoom. Security teams are grappling with how to prevent account misuse and ensure that only the right people are in these meetings," said Glenn Chisholm, CEO of Obsidian.

This article explores eight common mistakes that firewall administrators make and describes how these mistakes can compromise firewall functionality and network security. Failing to patch a firewall means that attackers can use well-known and widely-available exploits for old and well-known firewall vulnerabilities to compromise our firewalls.