Security News > 2020 > December

Jake Moore, ESET Security Specialist, commented, "We have all learned that working remotely can benefit organizations; however, I don't think that we will continue to work remotely five days a week. More employees around the world will naturally and effortlessly migrate to what works for them and their businesses. As more and more of our working and home lives become digitized, cybersecurity will remain the lynchpin of business safety. Cyberattacks are a persistent threat to organizations, and businesses must build resilient teams and IT systems to avoid the financial and reputational consequences of such an attack." "Tony Anscombe, Chief Security Evangelist, ESET, commented,"Companies are becoming smarter, deploying technologies that thwart attacks and creating resilient backup and restore processes, so the bad actors need a 'Plan B' to be able to monetize their effort and build resilience into the attack, rather than being reliant on a single form of threat.

A zero-click remote code execution bug in Microsoft Teams desktop apps could have allowed an adversary to execute arbitrary code by merely sending a specially-crafted chat message and compromise a target's system. Microsoft did not assign a CVE to this vulnerability, stating "It's currently Microsoft's policy to not issue CVEs on products that automatically updates without user's interaction."

Most professionals say their organizations are concerned about cybersecurity risks related to 5G adoption, according to a Deloitte poll. "Of course, with all the technological advancement 5G enables, the cyber threat landscape and attack surface areas expand considerably. Working proactively to mitigate cybersecurity risks posed by 5G adoption is the hallmark of a well-designed program."

There seems to be a new ransomware story every day - a new ransomware attack, a new ransomware technique, criminals not providing encryption keys after receiving ransom payments, private data being publicly released by ransomware attackers-it never ends. A recent whitepaper about new ways XDR platform protects from ransomware notes that small to medium-sized enterprises are particularly vulnerable to ransomware attacks.

Florida's state police on Monday morning raided the home of coronavirus tracker Rebekah Jones, seizing her electronics as part of a computer hacking investigation. Jones then set up her own COVID-19 dashboard, which frequently reported a higher number of cases than the Department of Health's site.

Cloudflare released Data Localization Suite to give businesses across the globe tools to address their data locality, privacy, and compliance needs. With Data Localization Suite, businesses can use Cloudflare's global cloud network to control where their data goes and who has access to it - no matter what countries they operate in, their industry, or their specific data protection obligations.

Thales announced a new collaboration with Google Cloud that will accelerate the ability of enterprises to safely migrate sensitive data between public cloud, hybrid and private IT infrastructures. Building on a multi-year history of innovation around a variety of cloud security initiatives, Thales and Google Cloud will now empower customers to leverage the full potential of Google Cloud technology for sensitive workloads while gaining the external key management needed to control and secure data across hybrid cloud IT environments.

Expanse has officially made its Expander solution available in the AWS Marketplace, allowing customers to manage their attack surface with full visibility into cloud facing assets. "Expanse's cumulative customer base represents more than 10% of the total Internet, giving unparalleled visibility into how cloud instances in the enterprise change in real-time," said Tom Barsi, VP of Business Development at Expanse.

The NSA reckons Russian government hackers are actively abusing a critical security hole in VMWare's software to infiltrate victims' networks. "Russian state-sponsored malicious cyber actors are exploiting a vulnerability in VMware Access and VMware Identity Manager products, allowing the actors access to protected data and abusing federated authentication," a cybersecurity notice [PDF] published on Monday warns.

Active attacks against a flaw in VMware's Workspace One Access continue, three days after the vendor patched the vulnerability and urged customers to fix the bug. Those VMware products are two of 12 impacted by a command-injection vulnerability, tracked as CVE-2020-4006, and patched on Friday.