Security News > 2020 > October

According to new data released by Cybersecurity Insiders, 72% of organizations experienced an increase in endpoint and IoT security incidents in the last year, while 56% anticipate their organization will likely be compromised due to an endpoint or IoT-originated attack with the next 12 months. The research found that 41% will implement or advance on-premise device security enforcement, 35% will advance their remote access devices posture checking, and 22% will advance their IoT device identification and monitoring capabilities.

Microsoft is warning that cybercriminals have started to incorporate exploit code for the ZeroLogon vulnerability in their attacks. Over the years, the actor has been in attacks delivering a wide variety of malware, from backdoors to ransomware.

Information security policies that are not grounded in the realities of an employee's work responsibilities and priorities expose organizations to higher risk for data breaches, according to a research from Binghamton University, State University of New York. The study's findings, that subcultures within an organization influence whether employees violate ISP or not, have led researchers to recommend an overhaul of the design and implementation of ISP, and to work with employees to find ways to seamlessly fit ISP compliance into their day-to-day tasks.

According to a Deloitte survey of 1,000 U.S. corporate M&A executives and private equity firm professionals, 61% of survey respondents expect U.S. M&A activity to return to pre-COVID-19 levels within the next 12 months. Private equity investors plan to remain more focused on traditional acquisitions, while simultaneously pushing pursuit of M&A alternatives - including private investment in public equity deals, minority stakes, club deals and alliances.

A team of five security researchers analyzed several Apple online services for three months and found as many as 55 vulnerabilities, 11 of which are critical in severity. The flaws - including 29 high severity, 13 medium severity, and 2 low severity vulnerabilities - could have allowed an attacker to "Fully compromise both customer and employee applications, launch a worm capable of automatically taking over a victim's iCloud account, retrieve source code for internal Apple projects, fully compromise an industrial control warehouse software used by Apple, and take over the sessions of Apple employees with the capability of accessing management tools and sensitive resources."

Okta further extended its Okta Devices Platform Service capabilities to developers through the Okta Devices SDK. Using the Okta Devices SDK, developers can enable passwordless authentication through branded push notifications with biometric capabilities, minimizing friction for end-users and increasing security posture. "This dynamic landscape has placed an extra emphasis on today's modern businesses to be relevant across every device. The Devices SDK takes the customizability and security of the Okta Identity Cloud and puts it in the hands of developers everywhere."

IBM announced it will accelerate its hybrid cloud growth strategy to drive digital transformations for its clients. "IBM will focus on its open hybrid cloud platform and AI capabilities. NewCo will have greater agility to design, run and modernize the infrastructure of the world's most important organizations. Both companies will be on an improved growth trajectory with greater ability to partner and capture new opportunities - creating value for clients and shareholders."

HID Global announced that its next-generation Seos credential technology will enable Nymi Band 3.0 users to seamlessly open doors and authenticate to systems, devices and machines. In addition to physical and logical access use cases, Seos technology enables the Nymi Band 3.0 to be used for applications ranging from secure intelligent print collection and social distancing and contract tracing to contractor and visitor management, canteen and vending machine payment, and secure remote working.

Corero Network Security announces that it has released a major update to its SmartWall Threat Defense System. Corero's SmartWall Threat Defense System already delivers line-rate performance for the fastest, always-on, real-time DDoS protection but these new enhancements propel the solution to industry leading levels of accuracy and effectiveness for automatic DDoS detection and mitigation.

Providing enterprises with a live window into the current state of their business by concurrently processing and analyzing streaming and contextual data, Swim Continuum 4.0 offers a comprehensive view of all aspects of operating and managing continuous intelligence applications at scale through a single pane of glass experience. With its latest release, Swim Continuum adds deep, browser-based insights into the resiliency and performance of Swim deployments.