Security News > 2020 > October

The two conferences targeted include the Munich Security Conference, slated for Feb. 19 to 21, 2021 and the Think 20 Summit in Saudi Arabia, taking place Oct. 31 to Nov. 1 2020. Microsoft linked the attack, which targeted more than 100 conference attendees, to Phosphorus, which it said is operating from Iran.

Russian-speaking hacking group Turla has hacked into the systems of an undisclosed European government organization according to a new Accenture Cyber Threat Intelligence report. Government entities are advised by ACTI to check network logs for indicators of compromise included at the end of the report and to build detections capable of blocking future Turla attacks.

The NSA has long sought agreements with technology companies under which they would build special access for the spy agency into their products, according to disclosures by former NSA contractor Edward Snowden and reporting by Reuters and others. These so-called back doors enable the NSA and other agencies to scan large amounts of traffic without a warrant.

Payment and data security solutions provider Bluefin on Wednesday announced it has raised $25 million in growth financing. The company's portfolio includes PCI-validated point-to-point encryption products, along with tokenization and iFrame solutions.

Hackers could remotely open garage doors and gates by exploiting vulnerabilities found in a gateway device made by Hörmann, researchers warned on Wednesday. In order to restore the system, a manual reset of the device is required, but the device is typically behind the door, which in case of an attack cannot be opened by the victim.

Thanks to the quick transition to remote work due to the current global pandemic - coupled with cybercriminals' penchant for taking advantage of fear, uncertainty, and doubt - security researchers have seen a surge in cybersecurity issues. The largest spike in email attacks was April 2, which saw 330 separate COVID-19 email campaigns.

When Thales asked 509 executives about the biggest barriers to data security for the European version of its 2020 Data Threat Report, four in ten of them cited complexity. It's ideal for storing data in a publicly available environment such as a cloud application while keeping sensitive data safe in an on-premises environment under your direct physical control.

Microsoft has released a spreadsheet containing the full list of URLs that Microsoft Defender ATP must reach to function correctly. When Microsoft Defender ATP is installed on endpoints, its sensor will detect malicious threats and behaviors and send them via HTTP to the Microsoft Defender ATP cloud service.

As the number one threat vector for most organizations, email continues to be widely used by cybercriminals to penetrate organizations in support of a wide variety of cyberattacks. Unlike other attack vectors, email enables cybercriminals to directly leverage humans in an effort to bypass security controls and facilitate attacks.

While 2020 has brought many challenges, perhaps the most critical from a social perspective is how we have intertwined mobile devices into our daily lives. We've seen a similar tactic used in an ongoing mobile phishing campaign that sends a message purporting to be a missed package delivery with a link to a fake claim page that is a mobile phishing attack.