Security News > 2020 > August

In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. Based on not much more but these few data points and his knowledge of silicon chip development - he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley - he said that for the next decade, component counts by area could double every year.

Software-as-a-Service security platform provider ReliaQuest announced on Tuesday that it has raised more than $300 million in a growth funding round led by global investment company KKR. Ten Eleven Ventures and Brian Murphy, ReliaQuest's founder and CEO, also took part in the funding round. ReliaQuest has developed GreyMatter, a cloud-native SaaS platform that is designed to help enterprises gain more visibility into their on-premises and cloud environments by collecting and analyzing data from their existing cyber solutions.

The burgeoning smart home device market has given rise to digital intrusion and potential energy market manipulation on a massive scale. By 2025, it's been estimated that there will be 481 million smart homes worldwide, according to a Statista's 2020 Digital Market Outlook.

A researcher has disclosed the details of an unpatched vulnerability in Apple's Safari web browser that can be exploited to steal files from a targeted user's system. The vulnerability is related to the Web Share API, which allows users to share links from Safari through third-party apps.

With the 2020 U.S. Presidential Election coming up in just two months, cybersecurity concerns are taking center stage for average citizens and politicians. "Due to the spread of COVID-19, we are seeing a number of election environments shift online, to varying degrees, with political parties conducting virtual fundraisers, campaigns moving town halls to online platforms and election officials using online forms to facilitate voting by mail," said Jocelyn Woolbright, a researcher with Cloudflare, who added that cybercriminals are increasingly targeting these resources.

The U.S. military's top cyber official is defending the government's shift toward a more aggressive strategy in cyberspace, saying the mission has evolved over the last decade from "a reactive and defensive posture" to keep pace with sophisticated threats. Gen. Paul Nakasone, the commander of U.S. Cyber Command and the director of the National Security Agency, says in a piece being published Tuesday by the magazine Foreign Affairs that the military's cyber fighters are increasingly prepared to engage in combat with online adversaries rather than wait to repair networks after they've been penetrated.

We examine the threat to individuals' privacy based on the feasibility of reidentifying users through distinctive profiles of their browsing history visible to websites and third parties. The original work demonstrated that browsing profiles are highly distinctive and stable.

A hack-for-hire group has been targeting organizations in the financial sector since 2012, for cyber-espionage purposes, Kaspersky's security researchers reveal. Tracking the hacking group since 2018, Kaspersky was able to link its activity to the Powersing, Evilnum and Janicab malware families, thus suggesting that the threat actor might have been active since at least 2012, yet it continues to develop its toolset.

Although the names of the compromised apps using the SDK have not been disclosed, the code was uncovered in the iOS version of the Mintegral SDK, with the first version of the malicious SDK dating back to July 17, 2019. Hijack User Ad Clicks Stating that the SDK contains several anti-debug protection intending to hide the actual behavior of the application, Snyk uncovered evidence that Mintegral SDK not only intercepts all the ad clicks within an app but also use this information to fraudulently attribute the click to its ad network even in cases where a competing ad network has served the ad. It's worth noting that apps that feature in-app ads include SDKs from multiple ad networks with ad mediators' help.

With over 1,000 premium courses from top instructors, StackSkills Unlimited provides endless learning opportunities. Learning about the cloud is also an excellent way to future-proof your résumé and impress technical recruiters.