Security News > 2020 > September

A woman in Germany died after a ransomware infection prevented her hospital from giving her emergency treatment. The unnamed patient died en route to a hospital in another city after she was unable to get treatment in Düsseldorf due to the malware affecting computer systems.

Looking for gaps in security should be the first step in any budget analysis. Although the data appears conflicting, the Identity Theft Research Center research that informed the July 14th article specifically notes, "This is not expected to be a long-term trend as threat actors are likely to return to more traditional attack patterns to replace and update identity information needed to commit future identity and financial crimes." In short, rapidly closing security gaps as part of a 2021 cybersecurity budget plan needs to include the fast wins that SaaS-delivered solutions provide.

The research found that comparatively, across the Incident Management Spectrum, only the most advanced organizations have isolated keys to success across business and incident management functions. To assess the efficacy of incident management in organizations, the State of Automation in Incident Management analyzed components of a comprehensive incident management practice and how organizations detect, resolve and learn about incidents.

Google is providing a new "Risky files" scanning feature to Chrome users enrolled in its Advanced Protection Program. Chrome started warning APP users when a downloaded file may be malicious last year, but now it will also give them the ability to send risky files for additional scanning by Google Safe Browsing's full suite of malware detection technology before opening them.

A Case Western Reserve University computer and data sciences researcher is working to shore up privacy protections for people whose genomic information is stored in a vast global collection of vital, personal data. Erman Ayday pursued novel methods for identifying and analyzing privacy vulnerabilities in the genomic data sharing network known commonly as "The Beacons."

Apple has patched nearly a dozen vulnerabilities and it has introduced new privacy features with the release of iOS 14 and iPadOS 14 this week. The issues could result in applications causing a system crash or writing kernel memory, identifying other installed applications, leaking user information, or accessing restricted files; may allow attackers to download malicious content, execute arbitrary code, or view notification contents from the lockscreen; may lead to arbitrary code execution or a cross-site scripting attack; may allow a user to read kernel memory; or could result in the screen lock not engaging after the specified time period.

Confidence levels in securing the election are low, and declining, according to an ISACA survey of more than 3,000 IT governance, risk, security and audit professionals in the US. While federal, state and local governments continue to harden election infrastructure technical controls and security procedures, 56 percent of respondents are less confident in election security since the pandemic started-signaling the need for greater education of the electorate and training of election personnel to drive awareness and trust. Respondents say they believe that funding, legislation, technical controls and election infrastructure are all inadequate, including 63 percent who are not confident in the resilience of election infrastructure, and 57 percent who believe that funding is not sufficient to prevent hacking of elections.

Of the respondents who do not feel their current infrastructure is capable of supporting 5G, none have deployed 5G, 19% are piloting, 43% are planning to pilot, and 52% are not planning or evaluating whether to pilot 5G. Costs reported as top barriers to 5G implementation. According to the report, ongoing and initial costs are reported as top barriers for federal agencies wishing to implement 5G - 44% believe initial/up-front costs will be the biggest barrier and 49% are concerned about ongoing costs.

The US Department of Justice on Tuesday indicted two hackers for their alleged involvement in defacing several websites in the country following the assassination of Iranian major general Qasem Soleimani earlier this January. "The hackers victimized innocent third parties in a campaign to retaliate for the military action that killed Soleimani, a man behind countless acts of terror against Americans and others that the Iranian regime opposed," said Assistant Attorney General for National Security John C. Demers in a statement.

Docker Enterprise Container Cloud offers enterprises unprecedented speed to ship code faster on public clouds and on premise infrastructure. "Docker Enterprise Container Cloud and Lens will enable businesses to streamline delivery of hundreds of daily deployments across thousands of apps, overcoming the complexity of Kubernetes development at enterprise scale," said Mirantis customer Don Bauer, Docker Captain and VP Technology Services / DevOps Manager.