Security News > 2020 > July

The Android-powered Google Pixel line of phones received a very important updated feature dedicated to user's personal safety. Recent updates to Android 10 on the Google Pixel line of smartphones have brought a number of really interesting features to the platform; one such feature is the Personal Safety app.

Details on a macOS privacy protections bypass method were published this week, more than six months after Apple was informed of the issue, but failed to deliver a fix. Dubbed TCC, the privacy protections system was introduced in macOS Mojave to ensure that certain files on the system are kept out of reach of unauthorized applications.

Researchers have uncovered a surveillance campaign, dating back to at least 2013, which has used a slew of Android surveillanceware tools to spy on the Uyghur ethnic minority group. Researchers say, the surveillance apps in the campaign were likely distributed through a combination of targeted phishing and fake third-party app stores - however, they fortunately haven't been discovered on official app marketplaces, like Google Play.

Cybercriminals claim they have hacked the systems of U.S. printing giant Xerox and they are threatening to leak files stolen from the company unless they get paid. The threat actor operating the ransomware known as Maze has published several screenshots on its website in an effort to demonstrate that it has gained access to Xerox systems.

Together with Nate Kim and Trey Herr, I have written a paper on IoT supply chain security. The basic problem we try to solve is: How do you enforce IoT security regulations when most of the stuff is made in other countries? And our solution is: enforce the regulations on the domestic company that's selling the stuff to consumers.

The new results which were taken after COVID-19 took hold, show that 88% of those surveyed cite the pandemic as a reason to migrate security to the cloud. Security is still a concern, when it comes to cloud-based security platforms.

Despite more awareness of the security risks of working from home, employees are still showing a lax attitude when putting it into practice, according to new findings. Security firm Trend Micro surveyed more than 13,000 remote workers across 27 countries for its latest Head in the Clouds survey, which sought to understand individuals' attitudes towards risk in terms of cybersecurity.

A report released on Tuesday by security company GreatHorn illustrates the ebb and flow of these attacks and offers advice on how organizations can fight them. For its report, GreatHorn tracked the volume of COVID-19-related email phishing attacks from January, when the virus began to surface, until June, when many countries and companies slowly started to resume operations.

Power companies need help from the US government, cybersecurity experts, and supply chain partners to defend against the increasing security risks to public power grids. Dragos hosted a conversation on Tuesday with the World Economic Forum's Head of Centre for Cybersecurity, William Dixon, and four experts on security and the power industry.

China on Wednesday demanded Washington stop "Oppressing Chinese companies" after U.S. regulators declared telecom equipment suppliers Huawei and ZTE to be national security threats. "We once again urge the United States to stop abusing the concept of national security, deliberately discrediting China and unreasonably oppressing Chinese companies," said the spokesman, Zhao Lijian.