Security News > 2020 > June

Does your IT security model take into account things like pacemakers? According to Dr Victoria Baines, speaking at Infosec Europe, "We also perhaps neglect the idea that critical infrastructure might be inside people" as well as merely carried in their pockets. Baines was speaking during a panel webinar about protecting critical national infrastructure.

Encounter rates for enterprise mobile phishing increased 37 percent between the last quarter of 2019 and the first quarter of 2020, from around 16 percent to 22 percent. The Mobile Phishing Spotlight Report from Lookout highlights how threat actors have shifted their tactics to take advantage of the evolving move from the physical to mobile or home office in the wake of the COVID-19 pandemic, which forced many companies to order their employees to work from home and use mobile devices as part of their every-day productivity.

Firefox 77 and Tor Browser 9.5 were released this week with patches for a variety of vulnerabilities, including several rated high severity. Mozilla's browser arrived with a total of 8 security fixes, including 5 that address high severity issues.

A new report from digital identity platform ForgeRock shows how and where data breaches are affecting US businesses and their customers. With more than 5 billion records compromised in 2019, breaches cost US organizations more than $1.2 trillion.

Security researchers have tested nearly 1,000 enterprise apps offered on Google's G Suite Marketplace and discovered that many ask for permission to access to user data via Google APIs as well as to communicate with external services. The G Suite Marketplace is an online "App store" from which enterprise applications that are integrated with G Suite can be added to an entire domain or to individual G Suite accounts.

Here's how employees in the US, UK, France and Germany are putting systems at risk, according to CyberArk. As companies have responded to the coronavirus pandemic by shifting employees from the physical workspace to the home office, the remote working environment has greatly expanded-and with this new normal, come some challenges to corporate security. "The security posture of organizations continues to be tested as many remote employees face daunting challenges balancing productivity and security across their professional and personal workspaces," said Marianne Budnik, CMO of CyberArk, in the press release.

Automated exposure notification services are set to be released in the coming weeks to help track the spread of the COVID-19 virus and deliver notifications to individuals who might have been exposed. The Exposure Notification Privacy Act makes participation in these exposure notification systems voluntary, based on affirmative, express consent, and also provides consumers with increased control over their data.

The image, a seemingly innocuous sunset sky above placid waters, may be viewed without harm. The fault does not appear to have been maliciously created.

The customer reports that they have already paid the invoices and provides proof of the wire transfer, but the document shows that the money transfer was made to the worn bank account. The customer says they've followed the accounting department's instructions, after receiving an email with "New" wire instructions from them.

Checkmarx announced the launch of Checkmarx SCA, the company's new, SaaS-based software composition analysis solution. CxSCA leverages Checkmarx's source code analysis and automation capabilities, empowering security and development teams to easily identify vulnerabilities within open source software that present the greatest risk and enable developers to focus and prioritize remediation efforts accordingly.