Security News > 2020 > October

Starting in about 2000 or 2001, cybercrooks figured out not only how to spread mayhem with malware, but also how to make money illegally, too. Simply put: a cybersecurity injury to you can quickly turn into a cybersecurity injury to everyone else.

Twitter on Wednesday announced that it removed 130 accounts originating from Iran that were aimed at disrupting the first 2020 U.S. presidential debate. The social platform also explains that it was able to quickly identify the accounts and remove them.

Britain's Information Commissioner's Office has confirmed it is investigating grumbles about heavy-handed marketing emails and texts promoting the NHS COVID-19 contact-tracing app in England. Between 26 and 27 September, NHS Test and Trace messaged anyone resident in the country who was over the age of 16 and had previously provided their contact details to a GP. Those contacted had not specifically opted in to receive marketing communications regarding the NHS COVID-19 app.

Britain's Information Commissioner's Office has confirmed it is investigating grumbles about heavy-handed marketing emails and texts promoting the NHS COVID-19 contact-tracing app in England. Between 26 and 27 September, NHS Test and Trace messaged anyone resident in the country who was over the age of 16 and had previously provided their contact details to a GP. Those contacted had not specifically opted in to receive marketing communications regarding the NHS COVID-19 app.

Microsoft has published a support article to provide guidance on what organizations need to do to ensure that they are not exposed to attacks targeting the Zerologon vulnerability. Addressed on August 2020 Patch Tuesday, the flaw was identified in the Microsoft Windows Netlogon Remote Protocol and can be abused by remote attackers to compromise Active Directory domain controllers and gain administrator access.

Amazon Timestream addresses these challenges by giving customers a purpose-built, serverless time series database for collecting, storing, and processing time series data. Amazon Timestream integrates with popular data collection, visualization, and machine learning tools that customers use today, including services like AWS IoT Core, Amazon Kinesis and Amazon MSK, Amazon QuickSight, and Amazon SageMaker, as well as open source, third-party tools like Grafana and Telegraf.

A new variant of the InterPlanetary Storm malware has been discovered, which comes with fresh detection-evasion tactics and now targets Mac and Android devices. Researchers say, the malware is building a botnet with a current estimated 13,500 infected machines across 84 countries worldwide - and that number continues to grow.

Konstantin Vishnyak, 42, was cleared by Southwark Crown Court in London, England, of destroying documents relevant to a now-discontinued investigation into insider trading. It was reported that Vishnyak, formerly of VTB Capital, deleted the app and messages from his iPhone - one of two handsets he gave to police - not out of fear of an investigation into insider trading, but rather in an effort to conceal his friendship with Andrei Lugovoi, the Russian politician wanted in connection with the polonium poisoning of Alexander Litvinenko in 2006.

If there's no larger, cohesive conversation, then various development and operational teams could be taking conflicting approaches to mitigating API security risks. To improve an organization's API security posture, it's critical that outstanding questions are asked and answered immediately so that gaps in security are reduced and closed.

The deputy chief executive of Singapore's Cyber Security Agency, Brigadier General Gaurav Keerthi, says the island nation now considers providing a secure environment to citizens and businesses the equivalent of providing fresh water and sewerage services, and will next week improve digital hygiene with a voluntary "Cybersecurity Labelling Scheme" that will rate consumer broadband gateways. Speaking at the Black Hat Asia conference in Singapore today, Keerthi explained that it's his job to defend Singapore from cyber-threats.