Security News > 2020

Why so few machine learning court cases? Experts point to the fact that staple cybersecurity regulations such as the Computer Fruad and Abuse Act and Electronic Communications Privacy Act don't specifically spell out how to handle machine learning attacks. This type of attack can open up machine learning systems to anything from data manipulation, logic corruption or even backdoor attacks.

Zyxel's network storage boxes, business VPN gateways, firewalls, and, er, security scanners can be remotely hijacked by any miscreant, due to a devastating security hole in the firmware. If a miscreant can't directly connect to a vulnerable Zyxel device, "There are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable device," noted Carnegie Mellon's CERT Coordination Center in its advisory on the matter.

Zyxel's network storage boxes, business VPN gateways, firewalls, and, er, security scanners can be remotely hijacked by any miscreant, due to a devastating security hole in the firmware. If a miscreant can't directly connect to a vulnerable Zyxel device, "There are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable device," noted Carnegie Mellon's CERT Coordination Center in its advisory on the matter.

SCYTHE launched SCYTHE Marketplace, which enables trusted third-party developers to create new capabilities for the company's attack emulation platform. The platform offers public cloud security and compliance monitoring capabilities, to help detect configuration vulnerabilities, understand the business impact of critical risks, and address challenges associated with public cloud adoption.

In today's digital world, fighting fraud requires a dynamic approach that connects multiple layers of security and leverages a coordinated set of AI-based solutions to continuously stay on top of the newest fraud schemes while preserving a seamless consumer experience. How a Connected Intelligence approach to security can link different points of consumer interaction - from login to checkout and beyond;.

San Francisco is the site of the RSA 2020 conference, which took place despite cancellations from IBM, Verizon and AT&T. As San Francisco declared a state of emergency and the federal government warned Americans that novel coronavirus will spread within the US, RSA 2020 still soldiered on at the Moscone Center. On the first day of the security event, organizers sent a message through the conference app, encouraging attendees to knock elbows instead of shake hands.

Targeted ransomware attacks against enterprises and government agencies are likely to surge in the coming months as ransomware-as-a-service continues to evolve into a lucrative model for cybercriminals, security experts interviewed at RSA 2020 warn. RaaS groups such as Sodinokibi and Grandcrab have used this model to launch targeted attacks.

Capps came to Mastercard in 2017 when the company acquired NuData Security, which provides behavioral biometrics tools to help prevent financial fraud. The agency urged enterprises to use more sophisticated techniques, such as biometrics or behavioral authentication, which includes using geolocation data or IP addresses, to help verify a users' identities.

Santa Clara, Calif-based McAfee has entered into a definitive agreement to acquire Baltimore, MD-based Light Point Security. Financial details have not been disclosed, but on completion of the acquisition, the Light Point staff will join McAfee, while the Light Point technology will be integrated into the McAfee Secure Web Gateway.

The speed and complexity of software development is rapidly increasing. Development teams have little to no time to ensure these applications are secure, even while the biggest and most severe data breaches that have affected both the public and private sectors all operate at the application layer.