Security News > 2020 > July

72% of remote workers say they are more conscious of their organization's cybersecurity policies since lockdown began, but many are breaking the rules anyway due to limited understanding or resource constraints, Trend Micro reveals. The study is distilled from interviews with 13,200 remote workers across 27 countries on their attitudes towards corporate cybersecurity and IT policies.

Six months after software developer Jeff Johnson told Apple about a privacy bypass vulnerability opening up protected files in macOS Mojave, macOS Catalina, and the upcoming macOS Big Sur, the bug remains unfixed - so he's going public. This latest bug can be exploited by a maliciously crafted app to bypass a privacy system known as Transparency, Consent, and Control that was introduced in OS X Mavericks and got strengthened in subsequent releases through technologies like System Integrity Protection in El Capitan.

Cybersecurity researchers this week discovered a new type of ransomware targeting macOS users that spreads via pirated apps. According to several independent reports from K7 Lab malware researcher Dinesh Devadoss, Patrick Wardle, and Malwarebytes, the ransomware variant - dubbed "EvilQuest" - is packaged along with legitimate apps, which upon installation, disguises itself as Apple's CrashReporter or Google Software Update.

D-Link announced its new PoE surveillance switch series, which includes the 9-Port PoE Unmanaged Surveillance Switch and the 18-Port PoE Unmanaged Surveillance Switch. Supporting long range PoE delivery, DSS-100E switches are a cost-effective solution that provide a versatile and reliable surveillance network.

AT&T has been sued for a second time over allegations its staff gave thieves control of a specific individual's cellphone number to steal a large chunk of cryptocurrency. Seth Shapiro's $1.9m claim follows in the footsteps of Michael Terpin, who sued the gigantic US cellular network in 2018 for more or less the same thing: staff ported a subscriber's phone number to a hacker's SIM - a so-called SIM swap scam - allowing the miscreant to steal what Terpin claims in his case was $24m in cryptocurrency.

SafeGuard Cyber announced the release of new capabilities within its flagship collaboration, chat, and social media security platform. SafeGuard 7.6 now performs threat analysis on managed social and digital accounts to detect and remediate malware, including zero day exploits and associated messaging, file attachments, and links that are shared on these channels.

SevOne announced the launch of Data Insight 3.0, an integrated component of the SevOne Network Data Platform. This release of Data Insight 3.0 and availability of solutions for SD-WAN, Wi-Fi, and SDN completes the product transformation from a network monitoring appliance to an integrated network data platform to ensure continuous network performance.

Zyxel Networks announced the release of the latest update to its Nebula Cloud Networking Solution. The upgrade, which is available now as a free firmware release for Zyxel Nebula managed access points, switches and security gateways, incorporates key features that enhance WiFi security and enable vertical partners to incorporate the delivery of new value-add services.

During the audit, Kudelski was given access to the source code of Boxcryptor for Windows and to the internal documentation. The goal of the audit was to give all interested parties an indirect insight into the software so that they can be sure that no backdoors or security holes are found in the code.

Everbridge announced that Siemens will adopt the Everbridge CEM Platform to help protect Siemens' workforce and operations against critical events of all kinds, from the COVID-19 pandemic and political unrest to sudden economic changes and more. "We are very excited about our shared vision of combining Everbridge's top-of-class Critical Event Management portfolio with our own capabilities in the field of data analytics, machine learning and artificial intelligence into one end-to-end platform to keep people safe and operations running," said Marco Mille, Chief Security Officer, Siemens.