Security News > 2020 > September

A pair of healthcare-related data breaches at high-profile government agencies has impacted tens of thousands of people. "Because this is just one of multiple breaches effecting veteran data, the VA needs to ensure they are taking every security step necessary to not only protect financial data, but also the sensitive personal and healthcare data for the veterans it serves."

Dunkin' Donuts today settled a lawsuit in which it was accused of hushing up the fact hackers siphoned its customers' personal information from its systems in 2015. "Long before the New York Attorney General filed suit in this matter, Dunkin' had voluntarily implemented or enhanced the security measures identified in today's settlement," Dunkin' said in a statement to The Register.

QR codes - the "QR" is short for "Quick response" - allows a user to scan a special code with their phone's camera, to automatically perform an action. Sixty-four percent of respondents said that QR codes make life easier in a no-touch world.

IBM has issued fixes for vulnerabilities in Spectrum Protect Plus, Big Blue's security tool found under the umbrella of its Spectrum data storage software branding. IBM Spectrum Protect Plus is a data-protection solution that provides near-instant recovery, replication, reuse and self-service for virtual machines.

The United States on Tuesday announced charges against two men from Iran and Palestine accused of defacing websites in response to the killing of Qasem Soleimani. The two are said to have defaced tens of websites hosted in the United States as part of a retaliation campaign over the killing of Soleimani.

A campaign group is suing Google for up to £2.5bn over claims that YouTube breaks EU data protection laws by harvesting information about children under 13 - and is hoping to turn it into a UK class-action-style case. In a particulars of claim filed at London's High Court and seen by The Register, McCann said Google "Failed to obtain valid parental consent for the processing of personal data of children under 13 years of age, as required by law".

School is being conducted, cybercriminals are naturally taking notice of the season, which is why there's been an increase in attacks against academic facilities as of late. A Tuesday blog post published by cyber threat intelligence provider Check Point Research looks at the rise in such attacks across the US, Europe, and Asia, and offers advice on how schools can better protect themselves.

Microsoft on Tuesday announced the release of Project OneFuzz, an open source fuzzing framework for Azure that the tech giant has been using internally for the past year to find and patch bugs. Project OneFuzz, which Microsoft describes as an extensible fuzz testing framework, is designed to address some of the challenges typically associated with fuzzing, enabling developers to conduct this type of testing themselves and allowing security engineers to focus on other important tasks.

There are plenty of diverse options out there in antivirus protection, so here are 10 antivirus software products aimed at protecting systems that cover all walks of technological life. Norton Antivirus is probably the most well-known product among this antivirus roundup.

Proof-of-concept exploit code has been released for a Windows flaw, which could allow attackers to infiltrate enterprises by gaining administrative privileges, giving them access to companies' Active Directory domain controllers. "This attack has a huge impact: It basically allows any attacker on the local network to completely compromise the Windows domain," said researchers with Secura, in a Friday whitepaper.