Security News > 2020 > July

The Kremlin on Thursday denied claims by Britain that "Russian actors" sought to meddle in last year's general election and that Russian intelligence services most likely hacked coronavirus vaccine research. "We have no information on who could have hacked pharmaceutical companies and research centres in Britain," Kremlin spokesman Dmitry Peskov told the TASS news agency.

An issue related to the Zoom feature that allows for the customization of meeting URLs could have been exploited for phishing attacks, Check Point reveals. The recently identified security issue, Check Point says, is related to the Zoom Vanity URL, a custom URL that organizations are required to use when looking to enable single sign-on.

That's the reason why companies should constantly test their environments against TTPs. The baseline profiling of your core network components, OS, devices and apps, adversary simulations, achieving full visibility and analytics across many different network data sources, correlation, and understanding of how each component affects the other one seems like a good approach for dealing with cybersecurity risks. What's your take on using open source tools within an enterprise security architecture?

Cisco has fixed 33 CVE-numbered flaws in a variety of its devices, including five critical ones affecting RV-series VPN routers and firewalls and Cisco Prime License Manager, which is used by enterprises to manage user-based licensing. Cisco Small Business RV110W Wireless-N VPN Firewalls with firmware releases prior to v1.2.2.8 can be taken over by attackers via a system account has a default and static password.

A Trend Micro research is warning consumers of a major new wave of attacks attempting to compromise their home routers for use in IoT botnets. "Cybercriminals know that a vast majority of home routers are insecure with default credentials and have ramped up attacks on a massive scale. For the home user, that's hijacking their bandwidth and slowing down their network. For the businesses being targeted by secondary attacks, these botnets can totally take down a website, as we've seen in past high-profile attacks."

As attackers ramp up efforts to exploit this crisis, a slew of high-profile attacks on global brands and record-breaking fines for GDPR breaches have had little impact on client-side security and data protection deployments. There's a troubling lack of security controls required to prevent data theft and loss through client-side attacks like Magecart, formjacking, cross-site scripting, and credit card skimming.

As cyberattacks escalate, Infoblox and Forrester Consulting investigated how security and risk teams are using their DNS investments. 94% of S&R leaders either use or consider DNS as a starting point for threat investigations but only 43% of security and risk leaders rely on DNS as a data source to complete their investigations.

Why is Application Security a Business Enabler? Alex, application security is often discussed in terms of security breaches, business disruption, and regulatory fines. Companies building strong security behind their application infrastructure, empower the workforce to access resources without compromising security.

Why is Application Security a Business Enabler? Alex, application security is often discussed in terms of security breaches, business disruption, and regulatory fines. Companies building strong security behind their application infrastructure, empower the workforce to access resources without compromising security.

A study from North Carolina State University and Microsoft finds that the technical interviews currently used in hiring for many software engineering positions test whether a job candidate has performance anxiety rather than whether the candidate is competent at coding. The interviews may also be used to exclude groups or favor specific job candidates.