Security News > 2020 > June

Siemens' LOGO! programmable logic controllers are affected by critical vulnerabilities that can be exploited remotely to launch denial-of-service attacks and modify the device's configuration. According to Siemens, the vulnerabilities impact all versions of its LOGO!8 BM devices, which are designed for basic control tasks.

According to Vice, the FBI had tried to hack into Hernandez's computer but failed, as the approach they used "Was not tailored for Tails." Hernandez then proceeded to mock the FBI in subsequent messages, two Facebook employees told Vice. Facebook had tasked a dedicated employee to unmasking Hernandez, developed an automated system to flag recently created accounts that messaged minors, and made catching Hernandez a priority for its security teams, according to Vice.

Facebook paid a cybersecurity firm six figures to develop a zero-day in a Tor-reliant operating system in order to unmask a man who spent years sextorting hundreds of young girls, threatening to shoot or blow up their schools if they didn't comply, Motherboard's Vice has learned. Hernandez was such a persistent threat, and he was so good at hiding his real identity, that Facebook took the "Unprecedented" step of working with a third-party firm to develop an exploit, Vice reports.

A city in northern Alabama will pay a ransom worth $300,000 in Bitcoins in response to a hack of its computer system. Florence City Council voted unanimously at an emergency meeting Wednesday evening to make the payment from the city's insurance fund in an effort to preserve information tied to its city workers and customers, news outlets reported.

Twitter on Friday announced that it took down more than 30,000 accounts pertaining to three networks associated with China, Turkey, and Russia state-linked manipulation activities. A total of 32,242 accounts were added to the social platform's archive of state-linked information operations, while the accounts themselves, along with all of the content associated with them, have been permanently removed from Twitter.

Just about to share an article with a sensational headline? Stop! Did you at least read it first? Sharing clickbait containing spurious content without bothering to check it over is a perennial problem for attention-challenged social media users and now Twitter wants to help stop it.

Artificial intelligence company SparkCognition and German industrial giant Siemens have joined forces for an industrial security solution designed for the energy sector. The new solution, named " DeepArmor Industrial, fortified by Siemens," combines SparkCognition's AI-powered cyber defense solution DeepArmor with Siemens' expertise in operational technology security to help organizations protect endpoints and remote assets.

ConnectWise isn't a vendor most Reg readers deal with directly, but the fact the company has just issued its first-ever security advisory deserves attention. That's because ConnectWise specialises in software that IT services providers use to manage your IT. The 38-year-old company is the dominant force in that market, meaning that if you work with a system integrator, managed services provider or other outsourcer there's a decent chance that ConnectWise touches some of the tech your business relies on.

Trend Micro has pulled the Privacy Browser from its Dr Safety Android security suite following the discovery of a reoccurring flaw that could be abused to trick people into thinking malicious pages were legit. Trend responded by pulling the app from its Android security suite.

Despite the rhetoric around DevSecOps, security remains an afterthought when organizations are building software. The surge in web app security breaches in 2019 further solidifies that we are a long way from delivering on the DevSecOps vision.