Security News > 2020 > October

Key findings include a 450% increase in employees circumventing security controls to intentionally mask online activities and 230% increase in behaviors that indicate intent to steal data. Companies reported remote workers most commonly attempted to intentionally bypass the corporate VPN to mask their online activities.

A Zerto survey reveals a major disconnect in data protection strategies across enterprises with 75% believing container-based applications can be backed up the same way as individual applications are backed up. "The research findings underline the need for organizations to adopt container-native data protection technologies that are integrated into the application deployment lifecycle from the inception, so applications are born protected and remain that way. This equates to less work for developers and consistency in protection of containerized applications, which will need to adhere to business requirements."

Australia's Department of Foreign Affairs and Trade has just exposed personal details of over 1,000 citizens in an email. Australia has all-but-closed its borders during the COVID-19 pandemic, rationing the number of citizens who can fly into the country each day.

20% of security professionals described their organizations' DevSecOps practices as "Mature", while 62% said they are improving practices and 18% as "Immature", a WhiteSource report finds. The survey gathered responses from over 560 developers and application security professionals in North America and Western Europe about the state of DevSecOps implementation in their organizations.

A hacking group known for its attacks in the Middle East, at least since 2017, has recently been found impersonating legitimate messaging apps such as Telegram and Threema to infect Android devices with a new, previously undocumented malware. "Compared to the versions documented in 2017, Android/SpyC23.A has extended spying functionality, including reading notifications from messaging apps, call recording and screen recording, and new stealth features, such as dismissing notifications from built-in Android security apps," cybersecurity firm ESET said in a Wednesday analysis.

There are growing privacy concerns among Americans due to COVID-19 with nearly 70 percent citing they would likely sever healthcare provider ties if they found that their personal health data was unprotected, a CynergisTek survey reveals. "As healthcare systems and corporations continue to grapple with data challenges associated with COVID-19 - whether that's more sophisticated, targeted cyber-attacks or the new requirements around interoperability and data sharing, concerns around personal data and consumer awareness of privacy rights will only continue to grow," said Caleb Barlow, president and CEO of CynergisTek.

A Russian hacker who was found guilty of hacking LinkedIn, Dropbox, and Formspring over eight years ago has finally been sentenced to 88 months in United States prison, that's more than seven years by a federal court in San Francisco this week. Yevgeniy Aleksandrovich Nikulin, 32, of Moscow hacked into servers belonging to three American social media firms, including LinkedIn, Dropbox, and now-defunct social-networking firm Formspring, and stole data on over 200 million users.

Researchers from CSIRO's Data61 and the Monash Blockchain Technology Centre have developed the world's most efficient blockchain protocol that is both secure against quantum computers and protects the privacy of its users and their transactions. The protocol - a set of rules governing how a blockchain network operates - is called MatRiCT. Cryptocurrencies vulnerable to attacks by quantum computers.

LexisNexis Risk Solutions announced the availability of the LexisNexis ID Compass Platform for Insurance. A multi-layered identity access management solution, the platform combines physical and digital intelligence to help insurance carriers respond to identity risk and reduce friction for consumers seeking insurance quotes and other transactions.

BullGuard announced its new 2021 suite of antimalware solutions featuring dynamic machine learning capabilities and multi-layered protection. The BullGuard 2021 security suite empowers consumers to confidently perform sensitive online transactions in absolute safety and rest assured knowing cyber threats are stopped dead in their tracks.