Security News > 2020 > May

Zimperium, the global leader in mobile security, announced a strategic partnership with ZecOps, the leading agentless automated Digital Forensics and Incident Response provider, enhancing Zimperium's offering with ZecOps' advanced mobile forensics capabilities. "Through our partnership with ZecOps, Zimperium is now the only company that can provide companies and government agencies with on-device, machine learning-based threat detection and automated digital-rich forensics for incident response efforts."

Code42, the leader in insider threat detection, investigation and response, is now integrated with Palo Alto Networks Cortex XSOAR, the industry's first extended security, orchestration, automation and response platform with native threat intel management that empowers security leaders with instant capabilities against threats across their entire enterprise. The integration delivers accelerated insider threat incident response and automated remediation with data risk intelligence and context about potential file exfiltration - happening across endpoints, email, cloud, and SaaS applications - on or off the corporate network.

Entrust Datacard, a leading provider of trusted identity and secure issuance technology solutions, announced that it has joined the PTC Partner Network. Entrust Datacard also announced that its Internet of Things security platform, ioTrust, has achieved ThingWorx Ready status.

The small group of policy wonks that forced California's legislature to rush through privacy legislation two years ago are back - and this time they want a ballot. The big question now is whether history repeats itself and the threat of a ballot initiative passing is sufficient for lawmakers to promise additions to the existing law in return to take the ballot off the table.

Leading global technology solutions provider Avnet announced the availability of the Avnet XRF16 system-on-module, featuring the Xilinx Zynq UltraScale+ Radio Frequency System-on-Chip SoC Gen-2. The new module enhances Avnet's product offerings for developers working on applications that require next-generation 5G connectivity by accelerating valuable development and production time.

Taking a closer look at the malware, the malicious Mac executable is located in "Contents/Resources/Base.lproj/" directory of the fake application and pretends to be a nib file, according to researchers at Malwarebytes, in a posting on Wednesday. Once it starts, it creates a property list file that specifies the application that needs to be executed after reboot, and the content of the plist file is hardcoded within the application.

Three weeks after Google removed 49 Chrome extensions from its browser's software store for stealing crypto-wallet credentials, 11 more password-swiping add-ons have been spotted - and some are still available to download. The dodgy add-ons masquerade as legit crypto-wallet extensions, and invite people to type in their credentials to access their digital money, but are totally unofficial, and designed to siphon off those login details to crooks. Denley provided The Register with a list of extension identifiers, previously reported to Google, and we were able to find some still available in the Chrome Web Store at time of writing.

A new report details major vulnerabilities among the executive suite at some of the largest pharmaceutical companies. A new report from cybersecurity firm BlackCloak details widespread vulnerabilities among the executive suite at some of the largest pharmaceutical companies on planet Earth.

The InfinityBlack hacking group, which is responsible for selling millions of stolen credentials, has been dismantled. "A number of investigation measures by specialists from the Cyber Investigation Division of the Vaud Cantonal Police made it possible to dismantle the InfinityBlack hackers' network, set up to exploit this data to the detriment of businesses," according to Europol's Tuesday announcement.

In a report released Wednesday, AdaptiveMobile Security illustrates the expansion of SMS spam campaigns related to COVID-19 across the US and Canada. In one of the SMS spam campaigns, the spammer tells the recipient that his coronavirus stimulus payment is waiting for his acceptance, which must be given by a specific date.