Security News > 2020 > December

Without proper planning, organizations adopting security automation tools can fall victim to common missteps that quickly lead to less efficiency and a weaker security posture. Start by examining the processes and procedures your organization's security team already has in place and identify the tasks that consume the majority of team member's time.

How can your app hook into a geocoding service that offers forward and reverse geocoding and an auto-completion facility? Geocoding turns a location name or address into geocoordinates.

This increase in cloud adoption may leave business data insecure, Trend Micro reveals. While cloud infrastructure is secure, customers are responsible for securing their own data - which is the basis of the Shared Responsibility Model for cloud.

More than 45 million medical images - including X-rays and CT scans - are left exposed on unprotected servers, a CybelAngel report reveals. The analysts found that openly available medical images, including up to 200 lines of metadata per record which included PII and PHI, could be accessed without the need for a username or password.

The report provides input to the European Commission's review of the NIS Directive on the 16th of December, four years after the Directive entered into force and two years after the transposition into national law. Challenges remain after the implementation of the Directive - the lack of clarity of the NIS Directive expectations after transposition into national law was a common issue.

ICREA research professor Jordi Cabot and researcher Abel Gómez, two members of the Systems, Software and Models Research Lab at the Universitat Oberta de Catalunya Internet Interdisciplinary Institute, in collaboration with the IKERLAN technology research centre, have designed an innovative new tool for automating and streamlining the creation of systems that employ asynchronous event-driven communication, one of the most widely used computer architectures in this sector. Abel Gómez said: "Much of the work that goes into implementing a program for an IoT device involves creating messages in the format that subscribers to the channel expect and also"translating" messages from other devices in order to process the information.

Microsoft has released a new version of Microsoft Authenticator that now acts as a password manager for Android and iOS. With this new feature, you can now autofill credentials into websites and apps that were saved via Authenticator or Microsoft Edge's built-in password manager to your Microsoft account. Once enabled on Microsoft Authenticator and you log in to an app or website, you will be prompted to autofill your saved password, as shown below.

Trend Micro announced the world's first cloud-native, fully serverless file storage security tool for organizations building applications in the cloud. Trend Micro Cloud One - File Storage Security is designed to mitigate threats across the cloud environment and support strict compliance requirements.

Manufacturers can now embed certificates on chipsets prior to and during manufacturing, or directly to an edge device, for complete end-to-end device security. IoT Device Manager is built on DigiCert ONE, which enables rapid, automated PKI deployment as a customer-managed, on-premises or cloud solution, or managed by DigiCert for any environment.

42Crunch announced the release of new IDE OpenAPI editing plugins for both ​Eclipse​ and ​JetBrains family​ of IDEs including IntelliJ and PyCharm. 42Crunch's free OpenAPI security audit plugins simplify REST API development by delivering features such as OpenAPI navigation, code snippets, intellisense, and HTML preview.