Security News > 2020 > October

Researchers at Pen Test Partners recently uncovered concerning security issues with a connected male chastity device and are calling on the entire connected sex toy industry - known as "Teledildonics" - to make security a priority. The Qiui Cellmate chastity cage has a Bluetooth lock that could easily be hacked by almost anyone, researchers said - leaving the wearer stuck in the device.

In Microsoft Edge preview builds, Microsoft has introduced a new tool called "Web Capture" that will allow you to capture screenshots of the webpages and create web notes. With Web Capture feature, you can take screenshots to copy or share.

We're back! Series 3 of the Naked Security Podcast will be out this week. I'm back on the show, joined for Series 3 by my colleagues Kimberly Truong and Doug Aamoth.

Cloudflare now allows paid customers to create notifications that warn them when their sites are under a DDoS attack. Cloudflare has always offered DDoS protection as one of its core offerings, but unless a site owner or administrator were actively using their site or using monitoring tools, they would not know that their service was under attack until it was too late.

A little more than a quarter of companies worldwide are fully compliant with the exacting PCI DSS online payment security standard, according to US telco Verizon. The company's 2020 Payment Security Report found that only 27 per cent of organisations worldwide were in line with the full ambit of the PCI DSS for handling payment card data in online purchases.

The approach is reminiscent of core Magecart group attacks, but in this case, the attack was the work of the Fullz House group, according to Malwarebytes, which is a Magecart splinter group that's mainly known for its phishing prowess. The group has been analyzed in the past, and gets its name from the use of carding sites to resell "Fullz," an underground slang term meaning a full set of an individual's personally identifying information plus financial data.

Arctic Wolf explains how to increase your security effectiveness. In its "2020 Security Operations Report," Arctic Wolf described several cyber threats and vulnerabilities that have challenged security defenses.

Mozilla published a support document with a quick fix for a widely reported known issue causing Twitter not to load on the Firefox web browser. According to a bug Mozilla has been tracking and working on fixing for the last 20 days, some users might see blank pages or errors when trying to visit the social network's website, with some reports also saying that the issue also affects mobile users.

Microsoft is warning that an Iranian nation-state actor is now actively exploiting the Zerologon vulnerability, adding fuel to the fire as the severe flaw continues to plague businesses. Exploiting the bug allows an unauthenticated attacker, with network access to a domain controller, to completely compromise all Active Directory identity services, according to Microsoft.

BlackBerry CEO John Chen and the research director from Gartner's endpoint and operations security group delivered speeches at the opening keynote. Ahead of the event, BlackBerry announced new security products and services including Cyber Suite and BlackBerry Persona Desktop.