Security News > 2020 > December

Offensive Security announced a new bounty program for user generated content. Members of the infosecurity community can now receive cash bounties for submitting vulnerable virtual machines to Offensive Security that are eligible to be incorporated into the Proving Grounds training labs.

Sectigo has released multiple advancements to the company's award-winning IoT Security & Identity Management Platform, making integration and management of secured connected devices even easier for OEMs and enterprises. The Sectigo IoT Security Platform delivers end-to-end security services for every class of connected device, from manufacture through its lifecycle, enabling OEMs to build secure devices that are compliant with security standards and new IoT security regulations.

IBM Security launched a new service that allows companies to experiment with fully homomorphic encryption - an emerging technology designed to allow data to remain encrypted even while being processed or analyzed in cloud or third-party environments. The new IBM Security Homomorphic Encryption Services provide companies with education, expert support, and a testing environment for clients to develop prototype applications that can take advantage of FHE. With the growth of hybrid cloud, sensitive data will be even more broadly stored, shared and analyzed across platforms and parties, exposing it to varying security controls and risks.

Proact launches new updates to its flexible managed cloud service, Proact Hybrid, ideally suited for organizations that seek the benefits of an integrated cloud platform but still need to adhere to strict requirements on data sovereignty and data location. These opportunities also come with new types of challenges and threats involving data security, data sovereignty, data location and data accessibility.

HITRUST announced a major feature enhancement to its information risk management platform, HITRUST MyCSF, that significantly streamlines how organizations capture and present regulatory compliance evidence. Both the new Compliance and Reporting Pack feature for HITRUST MyCSF and the new Regulatory Assistance Center initially focus on the Health Insurance Portability and Accountability Act, expanding into other regulations in the future.

Inseego introduced four new 5G fixed wireless solutions designed to meet the needs of users in almost any location, from underserved rural areas to dense urban environments, from residential settings to business premises. Named the Wavemaker series, this is one of the industry's broadest line-ups of 5G fixed wireless products.

America's nuclear weapons agency was hacked by the suspected Russian spies who backdoored SolarWinds' IT monitoring software and compromised several US government bodies, and Microsoft was caught up in the same cyber-storm, too, it was reported Thursday. The Windows giant uses SolarWinds' network management suite Orion, downloads of which were secretly trojanized earlier this year so that when installed within certain targets - such as the US government departments of State, Treasury, Homeland Security, and Commerce - the malicious code's masterminds could slip into their victims' networks, execute commands, read emails, steal data, and so on.

The new-patented recovery technology of on-site recovery and 24/7 no-man monitoring feature come together by InnoOSR and following feature enhancement. Now Innodisk's exclusive InnoAGE series are able to meet full recovery scenarios.

The new nOps API integration provides a seamless experience for AWS Partners to execute these AWS Well-Architected Framework Reviews. With the new integration, nOps partners can easily share information created by nOps during an AWS Well-Architected Framework Review with the AWS Well-Architected Tool for AWS program reporting requirements.

This scam goes even further - whether as a distraction to buy a bit of time before victims realise they've been taken in and rush to change their Messenger passwords, or simply to give the crooks a second bite at the cherry, we don't know. After entering your password, there's a short delay, as you might expect whan logging in to any online service, after which the crooks seem to pick from a range of other scams and redirect you to one of them randomly.