Security News > 2020 > October

Security operations company Arctic Wolf on Thursday announced the closing of a $200 million Series E funding round that values it at $1.3 billion. Following the new funding round, Arctic Wolf plans to move headquarters to Eden Prairie, Minnesota, where it already has over 200 employees.

Samsung phones will soon come with automatic spam call blocking. The feature, which is part of Samsung Smart Call, will debut on the Galaxy Note20 and will roll out to all new devices released after 2020.

Storage solutions provider QNAP this week published an advisory to warn customers that certain versions of QTS, the operating system for its network-attached storage devices, are affected by the Zerologon vulnerability. "If exploited, this elevation of privilege vulnerability allows remote attackers to bypass security measures via a compromised QTS device on the network. The NAS may be exposed to this vulnerability if users have configured the device as a domain controller in Control Panel > Network & File Services > Win/Mac/NFS > Microsoft Networking," the company explains.

Microsoft has added a new Windows 10 group policy that allows users to bypass safeguard holds placed on devices due to conflicts with hardware or software. A safeguard hold is when Microsoft prevents devices from being offered a new Windows 10 feature update if there are known compatibility issues with hardware, software, or settings.

Adequate endpoint security should be the first area of focus, ensuring that every device has protection in place. According to a recent report commissioned by Juniper Networks, more than 80 percent of security teams need better visibility.

The German government Wednesday agreed to allow secret services to listen in on conversations via encrypted messaging services such as Messenger or Whatsapp as a means of tackling terrorism. Cabinet adopted a bill to that effect, drawn up after a series of far right attacks in the country, and the proposed legislation now goes forward for parliamentary assent.

After many websites simply blocked access unless you accepted their cookies, we received clarity on cookies from the European Data Protection Board. Severe fines levied for General Data Protection Regulation non-compliance showed organizations that the regulation is far from toothless and that data protection authorities are not easing up just because there is an ongoing global pandemic.

Attacks growing increasingly sophisticated and destructive. As eCrime groups grow more powerful, these attacks have grown increasingly sophisticated and destructive - respondents reported that 82 percent of attacks now involve instances of counter incident response, and 55 percent involve island hopping, where an attacker infiltrates an organization's network to launch attacks on others within the supply chain.

Some of the world's most skilled nation-state cyber adversaries and notorious ransomware gangs are deploying an arsenal of new open-sourced tools, actively exploiting corporate email systems and using online extortion to scare victims into paying ransoms, according to a report from Accenture. The report examines the tactics, techniques and procedures employed by some of the most sophisticated cyber adversaries and explores how cyber incidents could evolve over the next year.

Oracle on Tuesday released its Critical Patch Update for October 2020, which includes 402 new security patches released across the company's product portfolio. The advisory for the latest CPU includes information on the patches released after the previous CPU, but the patches are typically cumulative, Oracle notes.