Security News > 2020 > June

Two of the bugs could allow complete remote control of the device. "A compromised device can become part of an internet of things botnet that launches distributed denial-of-service attacks, used to pivot to other connected devices, leveraged to mine for cryptocurrency or used in various other unauthorized ways," explained researchers at IBM X-Force, in a posting last week.

A California university which is dedicated solely to public health research has paid a $1.14m ransom to a criminal gang in the hopes of regaining access to its data. The University of California San Francisco paid out in the apparently successful hope that the Netwalker group would send it a decryption utility for its illicitly encrypted files, which it referred to as "Data ... important to some of the academic work we pursue as a university serving the public good".

Industrial giant Honeywell announced recently that it has added several new features to its Forge cybersecurity platform. The Forge Cybersecurity Suite, which Honeywell launched last year, is designed to help organizations protect industrial internet of things and operational technology assets.

iOS apps are repeatedly reading clipboard data, which can include all sorts of sensitive information. A novel feature Apple added provides a banner warning every time an app reads clipboard contents.

Late last week, the University of California San Francisco revealed that it paid roughly $1.14 million to cybercriminals to recover data encrypted during a ransomware attack earlier this month. "While we stopped the attack as it was occurring, the actors launched malware that encrypted a limited number of servers within the School of Medicine, making them temporarily inaccessible," UCSF says.

1Password is launching a first-of-its-kind domain breach report. Now, companies using 1Password's enterprise password manager can swiftly identify compromised accounts and take action to protect the enterprise by alerting users to create new secure passwords generated via 1Password.

Breach protection solutions provider Cynet on Monday announced that it has raised $18 million in a Series B+ funding round, which brings the total raised by the company to $38 million. Cynet previously raised $13 million in a Series B funding round in June 2018.

Collaborate more effectively to improve security operations, even when teams are working remotely. The best days for security technologies and teams are when they aren't seen - when they're doing their jobs to secure the business, employees and customers, without impacting productivity and user experience.

A data breach has impacted Maine State Police's information sharing database for federal, state and local law enforcement officials, the agency confirmed late Friday. State police say they were notified on June 20 by Netsential that a data breach may have included information from the Maine Information and Analysis Center, or MIAC. The agency has contracted the Houston, Texas-based company, which provides web hosting services to hundreds of law enforcement and government agencies across the country, since 2017.

On the one hand, 72% of firms consider the SOC a key part of their security strategy; but on the other hand, 60% of SOC staff have considered changing careers because of stress, while 65% claim to have limited visibility into the attack surface. A survey of 600 professionals working in IT and security, conducted by Ponemon and commissioned by Devo, seeks to better understand the causes behind the effective and ineffective areas of SOCs.