Security News > 2020 > December

The curse of knowing a bit about IT: 'Could you just...?' and 'No I haven't changed anything'
2020-12-30 09:30

12BoC On the sixth day of Christmas, the bork gods sent to me: Fix the printer, nerds, Scottish parking whi-i-i-i-nge, one dead DB, petty angry user, flightless Windows signage, and a server they said had ceased to be. Today's story comes from Register reader "Remy" and describes a situation all too familiar.

2021 will overburden already stressed infosec teams
2020-12-30 06:00

While in 2020 organizations were focused on adapting existing technology to borderless and disconnected environments, we will see a massive shift to cloud-native solutions in 2021. In addition to new attacks on container-based environments, 2021 will bring the heightened threat of ransomware and new solutions to combat disinformation.

Server market revenue reached $22.6 billion in 3Q20
2020-12-30 05:00

Vendor revenue in the worldwide server market grew 2.2% year over year to $22.6 billion during the third quarter of 2020, according to IDC. Worldwide server shipments declined 0.2% year over year to nearly 3.1 million units in 3Q20. Volume server revenue was up 5.8% to $19.0 billion, while midrange server revenue declined 13.9% to $2.6 billion, and high-end servers declined by 12.6% to $937 million. "Global demand for enterprise servers was a bit muted during the third quarter of 2020 although we did see areas of strong demand," said Paul Maguranis, senior research analyst, Infrastructure Platforms and Technologies at IDC. "From a regional perspective, server revenue within China grew 14.2% year over year. And worldwide revenues for servers running AMD CPUs were up 112.4% year over year while ARM-based servers grew revenues 430.5% year over year, albeit on a very small base of revenue."

Happy 11th Birthday, KrebsOnSecurity!
2020-12-30 01:24

Today marks the 11th anniversary of KrebsOnSecurity! Thank you, Dear Readers, for your continued encouragement and support! Almost 150 stories here this past year generated nearly 9,000 responses from readers.

Lawsuit Claims Flawed Facial Recognition Led to Man’s Wrongful Arrest
2020-12-29 21:27

Black man sues police, saying he was falsely ID'd by facial recognition, joining other Black Americans falling victim to the technology's racial bias. Racial bias against non-white skin in facial recognition landed Nijeer Parks ten days in jail in 2019 after the technology falsely identified him as a shoplifting suspect, a new lawsuit says.

Apple Loses Copyright Suit Against Security Startup
2020-12-29 20:19

A federal judge Tuesday dismissed Apple's copyright infringement lawsuit against cybersecurity startup Corellium in a case which could have implications for researchers who find software bugs and vulnerabilities. Judge Rodney Smith said Apple failed to show a legal basis for protecting its entire iOS operating system from security researchers.

How to Build a Better Cyber Intelligence Team
2020-12-29 20:04

The enterprise ends up with a team of SOC analysts and incident responders with CTI titles who do not produce intelligence because they are not intelligence professionals. Despite their best efforts to address the intelligence requirements of a customer that never knew how to capture them, vendors often take the rest of the blame for the failure to build an effective cyber intelligence program.

Wasabi cloud storage service knocked offline for hosting malware
2020-12-29 18:28

Cloud storage provider Wasabi suffered an outage after a domain used for storage endpoints was suspended for hosting malware. Wasabi is a cloud storage provider that competes with solutions like Amazon S3 by offering significantly cheaper services, not charging egress or API fees, and promising a 99.999999999% data durability.

6 Questions Attackers Ask Before Choosing an Asset to Exploit
2020-12-29 16:30

Attackers don't have time to look at every asset in depth - the number of which can run in the tens of thousands for a large enterprise. The attacker's perspective on how an attacker evaluates assets to go after and exploit on an attack surface begins by answering six questions.

Japanese Aerospace Firm Kawasaki Warns of Data Breach
2020-12-29 15:11

Japanese aerospace company Kawasaki Heavy Industries on Monday warned of a security incident that may have led to unauthorized access of customer data. According to the company's data breach notification, it first discovered unauthorized parties accessing a server in Japan, from an overseas office in Thailand, on June 11, 2020.