Security News > 2020

Google's March 2020 security updates for Android include fixes for over 70 vulnerabilities, including a critical flaw in media framework. The critical bug was patched as part of the 2020-03-01 security patch level, which addresses a total of 11 vulnerabilities in framework, media framework, and system.

Google this week announced the launch of FuzzBench, a free and open source service for evaluating fuzzers. The new open source, free service aims to solve these issues by providing a framework for evaluating fuzzers in a reproducible way.

These increased capabilities are part of the reason why Hunt said in June 2019 he was listing the service for sale - In a posting at the time, he said the sheer amount of breached data that needed to be loaded into database has increased beyond the capability of one person. Nicknaming the acquisition project "Project Svalbard" Hunt worked with consultancy KPMG to identify potential buyers and eventually narrowed the number down to 43 candidates who "Best aligned to the goals" outlined for HIBP. Hunt wanted buyers that had "Right level of responsibility" over the type of data HIBP deals with, and that would push the service in the direction Hunt wanted it to go.

Legal services company Epiq has taken its systems offline globally after being hit by a piece of ransomware. "As part of our comprehensive response plan, we immediately took our systems offline globally to contain the threat and began working with a third-party forensic firm to conduct an independent investigation," Epiq said in a statement.

Data security provider Lepide has released a report detailing what is said is an alarming trend in data security: Most enterprises are unaware of what state it's in. As you may guess, with that much data being created outdated, or "Stale," data can become a problem, and it is for 91% of organizations that have over 1,000 pieces of stale data in their systems.

Cybercriminals are now partnering with drug cartels across Latin America to attack financial institutions and governments, leveraging a wide variety of scams and malware to make millions, according to a new report from cybersecurity firm IntSights. Mexican law enforcement arrested Héctor Ortiz Solares-known as "El H-1" or "Bandido Boss"-in 2019 after he spent years recruiting top-tier hackers who built malware for his gang, named "Bandidos Revolution Team." The malware was designed to infect ATM machines and attack Latin American banks.

The incident is a reminder that browser extensions - however useful or fun they may seem when you install them - typically have a great deal of power and can effectively read and/or write all data in your browsing sessions. The health insurance site was compromised after an employee at the company edited content on the site while using a Web browser equipped with a once-benign but now-compromised extension which quietly injected code into the page.

Britain's National Cyber Security Centre wants owners of baby monitors and smart CCTV cameras to take some basic security precautions. Keep your camera secure by regularly updating security software.

For security reasons, you might need to create a Linux user without the ability to log in. Jack Wallen shows you how.