Security News > 2020 > July

Amazon Web Services on Tuesday announced the general availability of a fully managed service designed to help customers identify potentially fraudulent online activities. Leveraging machine learning, the Amazon Fraud Detector can spot payment and identity fraud almost instantly.

Qualys today announced Qualys Multi-Vector EDR. Taking a new multi-vector approach to Endpoint Detection and Response, Qualys now brings the unifying power of its highly scalable cloud platform to EDR. Traditional EDR solutions singularly focus on endpoints' malicious activities to hunt and investigate cyberattacks. Multi-Vector EDR enables security teams to unify multiple context vectors like asset and software inventory, end-of-life visibility, vulnerabilities and exploits, misconfigurations, network traffic summary, MITRE ATT&CK tactics and techniques, malware, endpoint telemetry, and network reachability by leveraging the Qualys backend to correlate with threat intelligence for accurate detection, investigation and response - ALL, in a single, cloud-based app with a single lightweight agent.

The majority of Americans characterized data privacy as a human right, yet most still don't take adequate security precautions with their information, a KPMG report found. KPMG's The New Imperative for Corporate Data Responsibility report, released on Wednesday, surveyed American consumers to determine their attitudes toward data privacy and what they expect from corporations.

A team of cybersecurity researchers today disclosed details of a new high-risk vulnerability affecting billions of devices worldwide-including servers and workstations, laptops, desktops, and IoT systems running nearly any Linux distribution or Windows system. GRUB2 Bootloader Vulnerability Discovered by researchers from Eclypsium, BootHole is a buffer overflow vulnerability that affects all versions of GRUB2 and exists in the way it parses content from the config file, which typically is not signed like other files and executables-leaving an opportunity for attackers to break the hardware root of trust mechanism.

A team of cybersecurity researchers today disclosed details of a new high-risk vulnerability affecting billions of devices worldwide-including servers and workstations, laptops, desktops, and IoT systems running nearly any Linux distribution or Windows system. GRUB2 Bootloader Vulnerability Discovered by researchers from Eclypsium, BootHole is a buffer overflow vulnerability that affects all versions of GRUB2 and exists in the way it parses content from the config file, which typically is not signed like other files and executables-leaving an opportunity for attackers to break the hardware root of trust mechanism.

The Vatican and the Catholic Diocese of Hong Kong have been the targets of alleged Chinese state-backed hackers ahead of talks on renewal of a landmark 2018 deal that helped thaw diplomatic relations between the Vatican and China, according to a monitoring group. Recorded Future said that the Hong Kong Study Mission to China - a key link between the Vatican and China - and the Pontifical Institute for Foreign Missions also were targeted.

Face masks not only have shown in research to slow the spread of COVID-19, they also deter facial-recognition technology from correctly identifying people, according to a new study. New research from the National Institute of Standards and Technology found that even the best of 89 commercial facial recognition algorithms tested experienced error rates between 5 percent and 50 percent when matching people in digitally applied face masks with photos of the same person without a mask.

Video creation service Promo.com this week confirmed that user data was exposed as a result of a data breach identified last week. In 2016, it launched the Promo video creation platform for businesses and in 2019 it rebranded from Slidely to Promo.com.

Russian intelligence services are using a trio of English-language websites to spread disinformation about the coronavirus pandemic, seeking to exploit a crisis that America is struggling to contain ahead of the presidential election in November, U.S. officials said Tuesday. Two Russians who have held senior roles in Moscow's military intelligence service known as the GRU have been identified as responsible for a disinformation effort meant to reach American and Western audiences, U.S. government officials said.

The same group noted that while banks continue to show the most interest in threat intelligence, over the past 12 months healthcare organizations have doubled their research into it, manufacturers have increased their interest in threat intelligence more than 50%, and energy and utilities are asking about it 30 percent more frequently, as is the services sector. Can the rest of the world catch up to the same level of security effectiveness that banks have achieved? Data showing that more sectors are diving deeper into security is a promising sign.