Security News > 2020 > October

CPRA, the Californian GDPR? Set to appear on the November 2020 ballot, the CPRA, also known as CCPA 2.0 or Prop 24, builds on what is already the most comprehensive data protection law in the US. In essence, the CPRA will bring data protection in California nearer to the current European legal standard, the General Data Protection Regulation. Besides enhancing consumer rights, the CPRA also creates new provisions for employee data as it relates to their employers, as well as data that businesses collect from B2B business partners.

ITC Secure announced the launch of a new Managed Detection and Response service, providing businesses with a complete security solution with 24/7 access to a team of highly-skilled security experts who proactively hunt, detect and contain cyber threats. "As enterprises realise it's not a question of if but when a cyber attack will take place, many businesses are re-evaluating their security operations and turning to MDR solutions to secure their sensitive data assets and gain the visibility and support needed to defend against ever-evolving threats," said Arno Robbertse, Chief Executive, ITC Secure.

McAfee announced the expansion of its MVISION portfolio with three all-in-one software-as-a-service solution offerings - McAfee Device-to-Cloud suites. All three suites include McAfee MVISION Insights, the industry's first proactive and actionable threat posture capability that prioritizes risk, predicts the success of countermeasures and prescribes remedial actions.

Rockwell Automation released the PlantPAx 5.0 distributed control system. This latest DCS version from Rockwell Automation helps industrial producers positively impact the lifecycle of their plant operations with plant-wide and scalable systems to drive digital transformation and operational excellence.

If you're wondering which bugs in particular miscreants are exploiting to break into, or attempt to break into, US government networks, wonder no more. "CISA is aware of multiple cases where the Fortinet FortiOS SSL VPN vulnerability CVE-2018-13379 has been exploited to gain access to networks," explained Homeland Security's Cybersecurity and Infrastructure Security Agency in its advisory.

Amazon Prime Day kicks off tomorrow, October 13th, at midnight PST, but it's possible to grab some early deals on Alexa and Ring devices, as well as other electronics. Below we have compiled a list of the best early-bird deals currently running for Amazon Prime Day 2020.

These were servers that Microsoft had tied back to the operation of a large, long-lived and destructive zombie network known as Trickbot. Sadly, we've had to write about Trickbot many times over the years, as the criminals behind the operation have spammed out wave after wave of deviously constructed emails under a wide variety of guises, all with the ultimate goal of infecting as many victims as possible with zombie malware.

Deepwatch, a Washington, DC-based managed security services provider, announced on Monday that it has closed a $53 million Series B investment round led by Goldman Sachs. Founded in 2015, deepwatch currently has more than 200 employees and serves a client base ranging from small businesses to Fortune 500 and Global 2000 companies.

Here's the latest Naked Security Live video - enjoy (and please share with your friends)!

An order granted by the US District Court for Eastern Virginia authorised Microsoft and chums to "Disable the IP addresses, render the content stored on the command and control servers inaccessible, suspend all services to the botnet operators, and block any effort by the Trickbot operators to purchase or lease additional servers." Jean-Ian Boutin, head of threat research, said: "Over the years we've tracked it, Trickbot compromises have been reported in a steady manner, making it one of the largest and longest-lived botnets out there. Trickbot is one of the most prevalent banking malware families, and this malware strain represents a threat for internet users globally."