Security News > 2020 > December

With just a few clicks in the Amazon DevOps Guru console, historical application and infrastructure metrics like latency, error rates, and request rates for all resources are automatically ingested and analyzed to establish normal operating bounds, and Amazon DevOps Guru then uses a pre-trained machine learning model to identify deviations from the established baseline. Together with Amazon CodeGuru - a developer tool powered by machine learning that provides intelligent recommendations for improving code quality and identifying an application's most expensive lines of code - Amazon DevOps Guru provides customers the automated benefits of machine learning for their operational data so that developers can more easily improve application availability and reliability.

Salesforce and Slack have entered into a definitive agreement under which Salesforce will acquire Slack. Under the terms of the agreement, Slack shareholders will receive $26.79 in cash and 0.0776 shares of Salesforce common stock for each Slack share, representing an enterprise value of approximately $27.7 billion based on the closing price of Salesforce's common stock on November 30, 2020.

While organizations have always been encouraged to evaluate their security posture, patch their VPNs, and prioritize Zero Trust architectures, the pandemic forced them to accelerate the adoption of these measures and evaluate their security posture more seriously. As security teams embrace new tools for security and operations to enable continuity efforts, it also generates new attack vectors.

We got questions on a wide range of cloud native security topics and through those and other talks at the conference, I've been able to identify some key concerns around container security and the wider cloud native ecosystem. From a security perspective this is very important point: It's not only Kubernetes security you need to consider when deploying cloud native technologies, but also the security of the surrounding tools.

Russian-backed hacking group Turla has used a previously undocumented malware toolset to deploy backdoors and steal sensitive documents in targeted cyber-espionage campaigns directed at high-profile targets such as the Ministry of Foreign Affairs of a European Union country. Turla's Crutch malware was designed to help harvest and exfiltrate sensitive documents and various other files of interest to Dropbox accounts controlled by the Russian hacking group.

Codenamed "Crutch" by ESET researchers, the malware has been attributed to Turla, a Russia-based advanced hacker group known for its extensive attacks against governments, embassies, and military organizations through various watering hole and spear-phishing campaigns. "These tools were designed to exfiltrate sensitive documents and other files to Dropbox accounts controlled by Turla operators," the cybersecurity firm said in an analysis shared with The Hacker News.

Google Project Zero white-hat hacker Ian Beer on Tuesday disclosed details of a now-patched critical "Wormable" iOS bug that could have made it possible for a remote attacker to gain complete control of any device in the vicinity over Wi-Fi. The exploit makes it possible to "View all the photos, read all the email, copy all the private messages and monitor everything which happens on [the device] in real-time," said Beer in a lengthy blog post detailing his six-month-long efforts into building a proof-of-concept single-handedly. "A remote attacker may be able to cause unexpected system termination or corrupt kernel memory," the iPhone maker noted in its advisory, adding the "Memory corruption issue was addressed with improved input validation."

IEEE released the results of a survey of CIOs and CTOs in the U.S., U.K., China, India and Brazil regarding the most important technologies for 2021 overall, the impact of the COVID-19 pandemic on the speed of their technology adoption and the industries expected to be most impacted by technology in the year ahead. 2021 most important technologies and challenges. Which will be the most important technologies in 2021? Among total respondents, 32% say AI and machine learning, followed by 5G and IoT. Manufacturing, healthcare, financial services and education are the industries that most believe will be impacted by technology in 2021, according to CIOs and CTOS surveyed.

Internet users in the United States vastly underestimate how often their home networks are targeted by cyber threats. Xfinity xFi users have on average 12 devices per home and added two devices over the past year, while high-end users have as many as 33 devices and added five since last year.

According to ABI Research, the demand for private network deployments will be driven primarily by heavy industry verticals. Industrial manufacturing, energy production alone will generate private network revenues of $32.38 billion by 2030, representing half of the $64 Billion overall private network revenues.