Security News > 2020 > December

"The seemingly endless ocean of threats can paralyze those who make decisions for an organization. They sense an ominous feeling of blood in the water yet lack clarity about how to stop the sharks from feeding." Not unlike the fatigue being experienced due to COVID-19, users are flooded continuously with news about this or that data breach and how their sensitive information was stolen.

The US Cybersecurity Infrastructure and Security Agency has warned of critical vulnerabilities in a low-level TCP/IP software library developed by Treck that, if weaponized, could allow remote attackers to run arbitrary commands and mount denial-of-service attacks. The four flaws affect Treck TCP/IP stack version 6.0.1.67 and earlier and were reported to the company by Intel.

Puppy photos are undeniably irresistible but beware; researchers have uncovered a scheme selling fake German Shepherd puppies for Bitcoin, leaving buyers crushed and without a tiny fuzzy friend to cuddle on Christmas morning. The scammers have been operating since Nov. 2018, according to the Amomali report, but have ramped up their efforts in advance of the heavy online holiday shopping season.

Experts offer insights about the legal and financial hits, as well as the devastating loss of reputation, your business might suffer if it is the victim of a data breach. The consequences of a data breach involve a complex sequence of events specific to the victimized business and its responsibilities to regulators, governments, and customers.

A group of lawmakers in the United Kingdom are looking to take on powerful bot organizations openly scalping gaming consoles by proposing potential legislation that would both ban the resale of goods acquired using bots and ban the resale of tech products above the manufacturers' price. The United States has tried its hand at rules against bots with the FTC's 2016 "Better Online Ticket Sales Act," which was designed to regulate secondary market ticket sales as a response to bots being used to drive up ticket prices.

A UN rights expert on Tuesday urged outgoing US President Donald Trump to pardon Julian Assange, saying the WikiLeaks founder is not "An enemy of the American people". "In pardoning Mr Assange, Mr President, you would send a clear message of justice, truth and humanity to the American people and to the world," said Melzer, the UN special rapporteur on torture.

As you can see above, the scammers, who had access to the friend's account, cut straight to the chase: "I need help paying a bill." The situation here is plausible - anyone who has ever been forced to take out a short-term "Payday loan" will know that fees mount up quickly for missed payments - and many of us might decide that helping out a friend or family member is something we ought to do.

The pace at which new confidential computing solutions are penetrating enterprise security architectures and data protection strategies appears to be catching security leaders off balance. To protect sensitive data from malware and high privileged unauthorized users of the database server, traditional non-TEE data encryption processes protect the data by encrypting it on the client side.

U.S. President-Elect Joe Biden has criticized the Trump administration over the lack of response regarding the SolarWinds response and for failing to officially attribute the attacks. The SolarWinds hack is "a massive cybersecurity breach against US companies, many of them, as well as federal agencies" according to Biden.

Roanoke College has delayed their spring semester by almost a month after a cyberattack has impacted files and data access. Roanoke College is a private liberal arts college located in Salem, Virginia, with approximately 2,000 students.