Security News > 2020 > November

Bug bounty hunters have hacked routers, network-attached storage devices and smart TVs at the Zero Day Initiative's Pwn2Own Tokyo 2020 hacking competition. Due to the COVID-19 pandemic, the competition has been turned into a virtual event and Pwn2Own Tokyo is actually coordinated by Trend Micro's ZDI from Toronto, Canada, with participants demonstrating their exploits remotely.

The cybersecurity industry no longer has an image problem, but many things are still stopping individuals from considering a career in cybersecurity: a high cost of entry, the inability to code and the perception of the field as too intimidating. has recently asked 2,500 people across the US and the UK who don't currently work in cybersecurity roles and have never worked in the field about how they view cybersecurity workers, whether they would consider entering the field, and what's stopping them from doing it.

In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. In it, he noted [PDF] that in three years, the optimal cost per component on a chip had dropped by a factor of 10, while the optimal number had increased by the same factor, from 10 to 100.

Businesses tend to be as vulnerable as the weakest security settings they have enabled for their SaaS applications. Although SaaS platforms have dozens or even hundreds of built-in security configuration controls, it is the responsibility of the client to set them correctly.

HackNotice announced today their new analysis and visualization suite, Risk Explorer. With HackNotice Risk Explorer, everyone is able to visualize, analyze, and filter their risk, understanding which events impact them the most, relationships between their digital identities and exposures, and see their exposed information in easy to understand ways.

The network is essential to application experience, serving as the ultimate source of truth for troubleshooting application disruptions and detecting sophisticated cyber-attacks. The integration with Flowmon's comprehensive network performance monitoring and diagnostics and NDR solution stack will extend overall application experience control for network and security teams by increasing observability and creating a bridge between applications and the network.

Most Fortune 1000 compliance and security teams have the ability to access employee accounts on their enterprise communications platform to monitor activity and investigate bad actors. Unfortunately for enterprise security and compliance teams in most companies, unsanctioned communications platforms like WhatsApp are being used outside to conduct sensitive business in contravention of corporate policies.

80% of companies say that an increased cybersecurity risk caused by human factors has posed a challenge during the COVID-19 pandemic, particularly in times of heightened stress. Human error has been the biggest cybersecurity challenge during the COVID-19 pandemic, according to CISOs.

The body of a man found shot inside a burned out vehicle in Canada three years ago has been identified as that of Davis Wolfgang Hawke, a prolific spammer and neo-Nazi who led a failed anti-government march on Washington, D.C. in 1999, according to news reports. A key subject of the book Spam Kings by Brian McWilliams, Hawke was a Jewish-born American who'd legally changed his name from Andrew Britt Greenbaum.

Overall investments in digital resiliency have increased steadily throughout the year as businesses prioritize or accelerate adoption of cloud, collaborative, and digital transformation projects, IDC reveals. "Digital resiliency refers to an organization's ability to rapidly adapt to business disruptions by leveraging digital capabilities to not only restore business operations, but also capitalize on the changed conditions," said Stephen Minton, VP in IDC's Customer Insights & Analysis group.