Security News > 2020

APIs are exposing a lot of business logic to exploitation, says Shreyans Mehta, co-founder and CTO at Cequence Security, who offers insights on enhancing API security. "There is a lack of visibility in the way the APIs are being exposed." Mehta says.

The attacks on Ukraine over the last five years are a test case for how a country's infrastructure can be disrupted and paralyzed, and how companies' OT networks can be severely impacted. While OT networks were not the primary target, just the accidental spill-over of NotPetya from IT to OT networks, was a wake-up call.

More than half of city and state employees in the United States are more concerned about cyberattacks than they are of other threats, a new study discovered.

That's a very 1990s approach! Why not put your money into a digital piggy bank, instead? Better yet, why not choose a piggy bank that deliberately starts out in debt?

Tuesday's presidential primaries across 14 states mark the first major security test since the 2018 midterm elections, with state and local election officials saying they are prepared to deal with everything from equipment problems to false information about the coronavirus. Election officials have been warning the public not to expect complete unofficial results on Tuesday night, and that results could fluctuate as ballots come in and are counted over several days.

The U.S. Department of Justice's Cybersecurity Unit has released guidelines for organizations that want to gather cyber threat intelligence from dark web forums/markets but, at the same time, want to stay on the right side of the law. The document focuses on "Information security practitioners' cyber threat intelligence-gathering efforts that involve online forums in which computer crimes are discussed and planned and stolen data is bought and sold. It also contemplates situations in which private actors attempt to purchase malware, security vulnerabilities, or their own stolen data-or stolen data belonging to others with the data owners' authorization-in Dark Markets."

Threat actors linked to China increasingly targeted the telecommunications sector in 2019, according to endpoint security firm CrowdStrike. In the case of the telecom sector, many of the attacks were attributed to China-linked hacker groups, including the ones tracked as Wicked Panda, Emissary Panda, and Lotus Panda.

Foreign actors continue to attempt to interfere with the election process, multiple United States departments and agencies warned in a joint statement released ahead of Tuesday's presidential primaries. "We remain alert and ready to respond to any efforts to disrupt the 2020 elections. We continue to make it clear to foreign actors that any effort to undermine our democratic processes will be met with sharp consequences," the statement reads.

How is it that our brains - the original face recognition program - can recognize somebody we know, even when they're far away? As in, how do we recognize those we know in spite of their faces appearing to flatten out the further they are from us? Even as our friends' faces get optically distorted by being closer or further away, our brains employ a mechanism called perceptual constancy that optically "Corrects" face shape At least, it does when we're already familiar with how far apart our friends' features are.

GoodRx - a mobile app that saves US consumers money on prescription drugs - has apologized and sworn to do better after a Consumer Reports investigation found that it was sharing people's data with 20 other internet-based companies. On Friday, GoodRx said in a blog post that it has "Never and will never sell our users' personal health information." Having said that, the Consumer Reports story led the company to re-examine its policies when it comes to sharing data with third parties.