Security News > 2020 > October

An analysis by PwC shows blockchain technology has the potential to boost global gross domestic product by $1.76 trillion over the next decade. That is the key finding of a report assessing how the technology is being currently used and exploring the impact blockchain could have on the global economy.

Twitter went offline for almost two hours on Thursday, in an outage that the social media platform - used by hundreds of millions worldwide - blamed on a technical glitch. On Thursday Twitter said that, under changes to its Hacked Materials Policy, it would "No longer remove hacked content unless it is directly shared by hackers or those acting in concert with them."

NCC Group has officially launched its new Remediate service, which provides immediate remedial action and long-term strategic support to strengthen organizations' security postures and reduce their cyber risk. The global cyber security and risk mitigation expert created Remediate to combine reactive support - including direct resolution of high-priority issues uncovered during testing and 24/7 incident response during a breach - with the proactive creation of long-term security roadmaps.

IDrive Online Backup has released EPYC, a secure video conferencing and AR powered video sharing application, empowering remote workforces to meet face-to-face and collaborate on projects as if they were meeting in person. By releasing EPYC, IDrive has helped solve this need by providing a video conferencing solution which allows organizations to conduct online meetings over the internet that are easy to host and join from anywhere.

Privacera announced the general availability of version 4.0 of the Privacera Platform, an enterprise data governance and security solution for machine learning and analytic workloads in the public cloud. Driven by increasing customer demand, Privacera 4.0's new features include: access workflows for faster on-boarding and customized data access; expanded discovery for seamless data tagging in complex infrastructures; and an encryption gateway for automated encryption and decryption abilities.

Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices. According to security engineer Andy Nguyen, the three flaws - collectively called BleedingTooth - reside in the open-source BlueZ protocol stack that offers support for many of the core Bluetooth layers and protocols for Linux-based systems such as laptops and IoT devices.

Entrust announced new enhancements to the Datacard MX Series Card Issuance systems: the Duplex Drop on Demand Printing module; and new Metal Card Input and Metal Card Output modules. "Central issuance providers need personalization systems that give them the flexibility to meet evolving customer requirements for best-in-class flat card or identity programs, while still maintaining consistent personalization capabilities and ease of maintenance," said Dan Good, vice president, credential issuance solutions at Entrust.

IBM announced it has built a disaster recovery site using IBM Cloud infrastructure, intended to help KAZ Minerals protect and maintain operations - even in case of a disaster. With natural disasters globally becoming more common and unpredictable, the company needed to update its business continuity planning, so it turned to IBM to develop a cloud-based disaster recovery site for its on-premises data center.

Microsoft on Tuesday issued fixes for 87 newly discovered security vulnerabilities as part of its October 2020 Patch Tuesday, including two critical remote code execution flaws in Windows TCP/IP stack and Microsoft Outlook. Another critical RCE vulnerability in Windows Hyper-V exists due to improper validation of input from an authenticated user on a guest operating system.

Two critical flaws in Magento - Adobe's e-commerce platform that is commonly targeted by attackers like the Magecart threat group - could enable arbitrary code execution on affected systems. Retail is set to boom in the coming months - between this week's Amazon Prime Day and November's Black Friday - which puts pressure on Adobe to rapidly patch up any holes in the popular Magento open-source platform, which powers many online shops.