Security News > 2020

Cloud computing and networking are two of the most significant areas of growth in the IT business. If you want to work in either niche, the Essential Cloud & Networking Certification Training Bundle offers 93 hours of essential knowledge.

Adobe today released out-of-band software updates for After Effects and Media Encoder applications that patch a total of two new critical vulnerabilities. The bug in Adobe After Effects, an application for creating motion graphics and special effects used in the video, was discovered by security researcher Matt Powell and reported to Adobe via Trend Micro Zero Day Initiative project.

On Tuesday, Ring president Leila Rouhi said in a blog post that starting immediately, the once-optional authentication is going to be mandatory for all users when they log in to their Ring accounts. That's what makes 2FA a good backup: even if your login gets stolen, and even if you've reused those credentials, a hacker still has to have access to your second factor - for example, your phone or your email, where you receive a one-time code to plug in as additional authentication - in order to log in to your account.

The Russian government, via mouthpiece RIA Novosti, has claimed Korean tech giant Samsung will comply with a controversial Russian law passed in November that forces smartphones and computers to come pre-installed with domestic-made shovelware. "Samsung Electronics will be ready to meet the requirements of the Russian legislation provided by the regulator and adapt the company's activities in accordance with the adopted regulations," the state-owned wire service quoted a "Representative" as telling it.

According to SophosLabs, nearly one-third of malware and unwanted applications enter the enterprise network through TLS-encrypted flows. Nearly a quarter of malware now communicates over HTTPS connections, making it more difficult for businesses to spot active infections within their networks, especially because - a recent survey has revealed - only 3.5% of organizations are actually decrypting their network traffic to properly inspect it.

"Every request to access a resource starts from a position of zero trust. Access decisions are then made and enforced based on a set of trust metrics selected by the organization. These trust metrics could relate to the user, their access device, the resource to be accessed, or a combination thereof." What other business justification could CISOs spell out? One of the benefits is micro-segmentation, which is both a cause and a pre-requisite of zero trust architectures - depending on the organization's starting point.

According to data from Akamai, up to 75% of all credential abuse attacks against the financial services industry targeted APIs directly. According to the report's findings, from December 2017 through November 2019, 85,422,079,109 credential abuse attacks were observed.

Nearly 33.4 billion records were exposed in breaches due to cloud misconfigurations in 2018 and 2019, amounting to nearly $5 trillion in costs to enterprises globally, according to DivvyCloud research. Year over year from 2018 to 2019, the number of records exposed by cloud misconfigurations rose by 80%, as did the total cost to companies associated with those lost records.

US President Donald Trump promised to pardon WikiLeaks founder Julian Assange if he denied Russia leaked emails of his 2016 election rival's campaign, a London court was told on Wednesday. The White House quickly issued a denial that Trump had dangled a pardon in exchange for help in the Russia controversy, which has cast a shadow over his first term in office.

Most businesses don't realize customers mistrust how their data is used, but customers haven't switched businesses because they feel they don't have a choice, revealed a new report from PwC, Consumer Intelligence Series: Trusted Tech Report. Consumers, the report said, have a reasonable expectation for privacy with the data they provide the private sector; 84% of consumers will take their business elsewhere if they don't trust how a company is handling their data, and 85% said they wish there more companies they could trust with their data.