Security News > 2020 > October

The article goes on to talk about replacement surveillance systems from the Canadian company Octasic. Octasic's Nyxcell V800 can target most modern phones while maintaining the ability to capture older GSM devices.

News of an unusual data breach at a psychotherapy center in Finland broke over the weekend, after affected patients began receiving emails telling them to pay up or risk their personal and health data being publicly released. What is known about the data breach at the psychotherapy center?

The purpose of threat intelligence is to collect data from a variety of sources outside of the organization's perimeters and generate intelligence on what is happening "Out there", enriching the organization's security operations. Threat intelligence provides visibility that extends beyond the organization's perimeters - and this visibility is based on the vendor's coverage on intelligence sources.

The United States Department of the Treasury's Office of Foreign Assets Control has announced sanctions against a Russian government institute connected to the destructive Triton malware. Initially identified in 2017 on the systems of a Saudi Arabian oil and gas company and also referred to as Trisis and HatMan, Triton is known for the targeting of Schneider Electric's Triconex Safety Instrumented System controllers.

French enterprise IT services company Sopra Steria confirmed today that they were hit with a Ryuk ransomware attack. Sopra Steria is a European information technology company with 46,000 employees in 25 countries worldwide.

Over the six-month period from March to August 2020, over 925,000 malicious emails managed to bypass Office 365 defenses and well-known secure email gateways, an Area 1 Security study reveals. Attackers increasingly use highly sophisticated, targeted campaigns like business email compromise​ to evade traditional email defenses, which are based on already-known threats.

The telecommunications and media sector is the most frequent victim of DNS attacks, according to EfficientIP. DNS attacks on service providers. As well as a high attack frequency, telecommunications providers also tended to experience costlier attacks with over 8% of organizations stating that they had suffered damage costs of over $5 million as a result of a DNS attack.

Secure access is the top cybersecurity challenge faced by the largest proportion of organizations when supporting remote workers. One in two respondents said endpoints, including corporate laptops and personal devices, are a challenge to protect in a remote environment.

Despite highly publicized risks of data-sharing and AI, from facial recognition to political deepfakes, leadership at many organizations seems to be vastly underestimating the ethical challenges of the technology, NTT DATA Services reveals. Just 12% of executives and 15% of employees say they believe AI will collect consumer data in unethical ways, and only 13% of executives and 19% of employees say AI will discriminate against minority groups.

Microsoft, in collaboration with MITRE, IBM, NVIDIA, and Bosch, has released a new open framework that aims to help security analysts detect, respond to, and remediate adversarial attacks against machine learning systems. Just as artificial intelligence and ML are being deployed in a wide variety of novel applications, threat actors can not only abuse the technology to power their malware but can also leverage it to fool machine learning models with poisoned datasets, thereby causing beneficial systems to make incorrect decisions, and pose a threat to stability and safety of AI applications.