Security News > 2020 > September

Microsoft announced on Tuesday at its Ignite 2020 conference that it has extended its threat protection portfolio and it has unified some of its cybersecurity solutions. Microsoft Defender includes Microsoft 365 Defender, formerly Microsoft Threat Protection, and Azure Defender, which includes the cloud workload protections in the Azure Security Center.

To fix the problem, the latest update catalogs are now directly downloaded from the Citrix update servers, and the service "Cross-references the hashes with the file that is requested for install from the UpdateFilePath attribute," wrote researchers at Pen Test Partners, in a Monday posting. "If the update file is signed, valid and the hash of the update file matches one of the files within the manifest, the update file is executed to perform the upgrade," they explained.

A roundtable discussion among Cisco chief information security officer advisers Wendy Nather, Richard Archdeacon, and J. Wolfgang Goerlich outlined how the enterprise cybersecurity world is changing, and what CISOs need to do to ensure the "New normal" is a secure one. Archdeacon said that users have to be made the front line of security in this situation, which means implementing security systems that don't rely on enterprise security products connecting directly to remote user's PCs. Multifactor authentication, DNS security, VPNs, and other familiar security products that put the security onus on users will be necessary for now.

Microsoft has updated its Security Update Guide, which is used by tens of millions of cybersecurity professionals the second Tuesday of every month, also known as Patch Tuesday. The update is "To help protect our customers regardless of what Microsoft products or services they use in their environment," according to a Microsoft Security Response Center blog post on Tuesday.

Mozilla patched high-severity vulnerabilities with the release of Firefox 81 and Firefox ESR 78.3, including several that could be exploited to run arbitrary code. Firefox ESR is a Firefox version that's based on an official release for desktop, for use by organizations who need extended support for mass deployments.

The alleged breach was first flagged by the #oRemyy account on Twitter, and was quickly amplified by others, who claimed that accounts were being taken over and credentials changed, so that the legitimate users couldn't recover them. "Yeah it's legit guys. Change your Activision account passwords immediately. Apparently over 500,000 accounts have been breached already and it's still ongoing," one user going by "Okami" tweeted.

A global police sting has netted 179 vendors selling illegal goods online and seized millions in currency, drugs and guns, heralding an end to the "Golden age" of dark web markets, Europol said Tuesday. Led by the German federal criminal police "This takedown provided investigators with... data and materials to identify suspects behind dark web accounts used for illegal activity", Europol said.

Six percent of all Google Cloud buckets are misconfigured and left open to the public internet, for anyone to access their contents. In a survey of 2,064 Google Cloud buckets by Comparitech, 131 of them were found to be vulnerable to unauthorized access by users who could list, download and/or upload files.

Hacker-powered bug hunting platform HackerOne on Tuesday announced that it paid more than $44.75 million in bounty rewards over the past 12 months, with the total payouts to date surpassing $107 million. Signups went up 59% as result of the global coronavirus crisis, while the number of submitted bug reports went up 28%. In the months immediately following the start of the COVID-19 pandemic, organizations paid 29% more bounties, with the total paid in bounties going up 87% compared to last year.

Kognos emerged from stealth mode on Tuesday with an extended detection and response platform that the company says leverages artificial intelligence to enable organizations to more efficiently detect, investigate and respond to attacks. Kognos' platform, named Autonomous XDR Investigator, is described as a relationship-centric XDR platform that should significantly simplify investigations into attacker behavior and operations.