Security News > 2020 > July

The 10th annual² Security Congress will take place as a virtual conference in recognition of the health concerns and many corporate travel restrictions this year associated with the COVID-19 pandemic. Recognizing that many training budgets have been reallocated due to the economic impact of COVID-19,² Security Congress 2020 is offering a heavily discounted Early Bird pricing to² members and associates of just $295 for an All-Access pass.

Most businesses tell us that they think email encryption is a priority that's part of their digital transformation and cloud migration. Deploying encryption isn't just about flicking an on switch for some technology and you're done.

Microsoft yesterday quietly released out-of-band software updates to patch two high-risk security vulnerabilities affecting hundreds of millions of Windows 10 and Server editions' users. The two newly disclosed security vulnerabilities, assigned CVE-2020-1425 and CVE-2020-1457, are both remote code execution bugs that could allow an attacker to execute arbitrary code and control the compromised Windows computer.

To select an appropriate SIEM solution for your business, you need to think about a variety of factors. Many organizations are now migrating their SIEM to the cloud, which allows analysts to harness greater compute power, sift through, interpret and operationalize SIEM data.

39% of organizations either have no ransomware emergency plan in place or are not aware if one exists. This is despite more ransomware attacks being recorded in the past 12 months than ever before, Ontrack reveals.

Security bods are sounding the alarm following the discovery of a rare brand-new strain of Mac ransomware. The team at infosec outfit Malwarebytes told The Register on Tuesday the malware is the first new piece of macOS ransomware it has detected in the past four years.

There's a significant uptick in the number of unique clients who have reported brute-force attack attempts, ESET reveals. Trend of RDP attack attempts against unique clients detected by ESET. The trend has been observed since the onset of the global pandemic.

An Elasticsearch database pertaining to e-learning platform OneClass was found to expose data on over one million students and lecturers, vpnMentor reveals. Collected prior to 2019, the data included personally identifiable information and educational data.

Recent attacks associated with the threat actor known as StrongPity appear to focus on the Kurdish community in Turkey and Syria, Bitdefender security researchers say. Despite the publishing of several reports detailing its activities, the threat actor remains active and continues to target victims in various regions, including Colombia, India, Canada and Vietnam, Cisco Talos reveals.

A survey of more than 382 strategic initiative leaders quantified the cost of missing risks in strategic initiatives. Initiatives where unexpected risks are not surfaced and mitigated in a timely fashion are delayed by an average of five weeks per year.