Security News > 2020 > October

The report, which was completed prior to COVID-19, also exposes that more focus is needed around information security in the home, where C-suites and SBOs feel the risk of a data breach is higher. Businesses still consume vast amounts of paper, dispelling the myth of offices going digital and signaling a need for oversight of physical information and data security.

The results show the presence of high-risk vulnerabilities at most companies. The research shows high-risk vulnerabilities at 84% of companies across finance, manufacturing, IT, retail, government, telecoms and advertising.

An active botnet comprising hundreds of thousands of hijacked systems spread across 30 countries is exploiting "Dozens of known vulnerabilities" to target widely-used content management systems. The cybersecurity firm's six-month-long investigation into the botnet reveals a complex operation managed by one command-and-control server and more than 60 surrogate servers that communicate with the bots to send new targets, allowing it to expand the size of the botnet via brute force attacks and installation of backdoors.

Both models enable product security definition collaboration between OEM, silicon vendors and programming partners to easily define, provision and deploy robust IoT device security using Data I/O's SentriX security deployment platform. "OEMs of all sizes need a simple, cost-effective and integrated method to deploy IoT security," said Michael Tidwell, vice president of marketing and business development of Data I/O Corporation.

SpyCloud launched SpyCloud VIP Guardian to extend the power of workplace fraud and account takeover prevention to the personal accounts of critical employees, board members and investors. While enterprises can monitor corporate accounts and credentials for breach exposure, personal accounts tend to fall outside of their protection.

REvil ransomware developers say that they made more than $100 million in one year by extorting large businesses across the world from various sectors. Like almost all ransomware gangs today, REvil runs a ransomware-as-a-service operation.

Rambus announced the availability of a high-performance IPsec Packet Engine with integrated DPDK and companion key negotiation toolkit capable of securing 5G network traffic at data rates from 1 to 10 Gbps. A complete IPsec solution, the packet engine can be easily integrated into SoCs for a broad range of 5G devices from base stations and cloud, to gateways and end devices. Offloading cryptographic operations to a dedicated IPsec Packet Engine streamlines processing and enables network traffic to be moved securely at line rate.

Calix announced the GigaSpire BLAST u6x to offer communication service providers a premises system that will enable unmatched operational simplicity and efficiency while delivering the ultimate Wi-Fi 6 experience. Because the BLAST u6x leverages the EXOS platform, it will be fully integrated with Calix Marketing Cloud, the CommandIQTM subscriber application, and all Revenue EDGE Suites.

Siren announced the release of Siren 11.0. The latest version of Siren is a major step forward in enabling investigative teams to quickly conduct advanced Signal Intelligence, Cyber Intelligence, and Open Source Intelligence investigations.

Applications Software Technology announced the version 3.0 release of AST's automated Testing-as-a-Service, powered by the unique and proprietary AST Autonomous Cloud Tester tool. The latest series of enhancements enables organizations to further accelerate their release, patch, and upgrade test cycles across the full breadth of Oracle Cloud applications.