Security News > 2020 > December

Report finds that over half the malware attacks in Q3 could bypass signature-based malware protection. WatchGuard's latest Internet Security Report finds that cybercriminals shifted their focus to network attacks and sending malware over encrypted channels during the third quarter.

The Linux Foundation's Open Source Security Foundation and the Laboratory for Innovation Science at Harvard announced the release of a report which details the findings of a contributor survey administered by the organizations and focused on how contributors engage with open source software. Census II identified the most commonly used free and open source software components in production applications, while the survey and report shares findings directly from nearly 1,200 respondents working on them and other FOSS software.

A highly focused approach to digital transformation is challenging the traditional top-down, all-or-nothing strategy, according to a report from Plutoshift. The report details a more targeted, incremental approach to digital transformation called ​operation-specific digital transformation.

Physical threats are rising and increasingly unmanageable, putting unprecedented financial, reputational and liability pressures on business leadership and security teams, according to a study by the Ontic Center for Protective Intelligence. As physical security operations budgets are expected to increase in 2021, driven and accelerated by COVID-19, the study showcases the collective perspectives of chief security officers, chief legal officers, chief compliance officers and physical security decision-makers - on their physical security operations, what keeps them up at night, challenges and opportunities they foresee in 2021, and the pressing need for physical security modernization through technology.

Prominent U.S. cybersecurity firm FireEye said Tuesday that foreign government hackers with "World-class capabilities" broke into its network and stole offensive tools it uses to probe the defenses of its thousands of customers, who include federal, state and local governments and top global corporations. Neither Mandia nor a FireEye spokeswoman said when the company detected the hack or who might be responsible.

Calligo launched the only Machine Learning Service to simultaneously address the key obstacles to SME and enterprise adoption of machine learning: cost, data quality, complexity, security, accuracy and data privacy. "Too many businesses have been hesitant to take advantage of machine learning because of the cost and lack of internal expertise required to interpret and use data -and especially to do so safely."

Avnet expanded its product line for rapid Internet of Things development with the launch of the AVT9152 module, designed for a range of embedded applications requiring cellular connectivity yet demanding low power consumption and minimal component size. "Our new module takes advantage of some of the industry's best SiP and SoC technology from Nordic Semiconductor to strike that balance for engineers. The AVT9152 is ideal for IoT applications when low power and small size are at a premium and is the latest addition to Avnet's robust technology ecosystem."

Veeam Software announced the general availability of new Veeam Backup for AWS v3 - a fully automated and native backup and disaster recovery solution built on Amazon Web Services, designed to effortlessly provide additional protection and management capabilities for Amazon Elastic Cloud Compute and Amazon Relational Database Service. Veeam Backup for AWS, a standalone AWS backup and recovery solution for protecting data on AWS. Veeam Backup & Replication, unifying AWS backup and recovery with other cloud, virtual or physical data and unlimited data portability to, from and across clouds.

Cybersecurity corp FireEye has confessed its most secure servers have been compromised, almost certainly by state-backed hackers who then made away with its proprietary hacking tools. "Recently, we were attacked by a highly sophisticated threat actor, one whose discipline, operational security, and techniques lead us to believe it was a state-sponsored attack," a memo by its CEO Kevin Mandia on Tuesday read. The tools stolen are used by FireEye to test their customers' networks to find potential security holes, making it doubly embarrassing for the tech giant because, presumably, it uses its own tools to make sure its networks are secure.

NETGEAR announced the availability of four new PoE+ Gigabit Ethernet Plus switches. To address this need for an affordable all-in-one solution, NETGEAR is introducing four new Gigabit Ethernet Plus switches with PoE+ power and essential management capabilities.