Security News > 2020 > June

The lion's share of the bugs are rated important, but there are 11 CVEs rated critical. These are all bugs affecting Windows 10, and many also affected the latest 2004 build.

These centred on the apparent difficulty in provisioning Intel AMT to endpoint devices and the management of some use cases such as remote wake-up and remote KVM. Such difficulties might easily arise when attempting to activate Intel AMT on new machines that may have been delivered to remote branch offices with no IT staff on-site, for example, or to workers that are connecting to the corporate network from outside the firewall. To address these issues, Intel has extended the Intel vPro® platform with a new software service known as Intel® Endpoint Management Assistant, which builds on and modernises the capabilities of Intel® AMT. Intel® EMA has been designed as a cloud-based point of control for managing endpoint devices wherever they may be, inside and outside the corporate firewall.

While OneDrive may seem like a secure cloud storage solution for companies looking to use Microsoft's suite of business tools, many glaring security issues can expose sensitive data and personally identifiable information if proper protection protocols are ignored. While OneDrive does provide cloud storage, it doesn't have cloud backup functionality, a critical distinction that must be made when choosing which information to upload and share.

These hurdles often drive users to seek risky workarounds, with 52 percent of respondents claiming they would "Definitely" or at least "Consider" bypassing secure access controls if they were under pressure to meet a deadline. In addition to exposing the risky behaviors of many IT and application development professionals when accessing the cloud, the survey also revealed some unwitting security gaps in organizations' access management policies.

Cloud environment threats and challenges Complex ownership: 66% of respondents surveyed say they rely on cloud providers for baseline security; yet perception of security ownership varied greatly across specific cloud platforms and applications. "The cloud holds enormous potential for business efficiency and innovation, but also can create a 'wild west' of broader and more distributed environments for organizations to manage and secure," said Abhijit Chakravorty, Cloud Security Competency Leader, IBM Security Services.

In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. Based on not much more but these few data points and his knowledge of silicon chip development - he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley - he said that for the next decade, component counts by area could double every year.

79% of organizations experienced DNS attacks, with the average cost of each attack hovering around $924,000, according to EfficientIP. The 2020 Global DNS Threat Report, conducted in collaboration with IDC, shows that organizations across all industries suffered an average 9.5 attacks this year. In terms of regional damage from DNS attacks, North America leads the way with the average cost of attack at $1,073,000.

Cisco's Talos threat intelligence and research group has released information on a recently addressed vulnerability in Firefox that could be exploited for code execution. Cisco Talos on Wednesday published technical details on the security flaw, explaining that successful exploitation could lead to remote code execution.

The increasing number of sophisticated cyber threats will lead to a rise in demand for Managed Detection and Response solutions from small and medium businesses. "MDR providers offer organizations the technology, process, and people to enable the proactive monitoring of their customer security environment and 24/7 threat detection to help mitigate security breaches, even more so during COVID-19.".

"Small and midsize organizations without adequate security resources require the best of both worlds. With leading throughput levels, layered security services, zero-touch SD-WAN capabilities and many other benefits, our new line of tabletop security appliances provides just that." WatchGuard's new tabletop security appliances are built to provide the advanced throughput and improved HTTPS traffic processing today's organizations need to keep up with the ever-increasing velocity of business, along with a comprehensive set of security services.