Security News > 2020

While Microsoft issued patches for the infamous BlueKeep vulnerability almost a year ago, researchers warn that almost half of connected medical devices in hospitals run on outdated Windows versions that are still vulnerable to the remote desktop protocol flaw. Even worse, the number of connected medical devices running Windows that are vulnerable to BlueKeep is considerably higher - around 45 percent, they said.

As in years past, the event will kick off on Monday, with keynote speeches debuting Tuesday, featuring some of the biggest names in cybersecurity addressing today's hottest topics, technologies, conundrums and aspirations. Tuesday, Feb. 25 Reality Check: The Story of Cybersecurity : The conference keynotes launch with mystery acts, featuring musicians and typically a guest actor - Helen Mirren in 2019, John Lithgow in 2017 - followed by RSA President Rohit Ghai taking to the stage to officially launch the show.

The warning from WHO confirms earlier reports from security firms such as Sophos that scammers were attempting to use images, graphics, and realistic-looking domains as part of various phishing and others malicious campaigns. On Tuesday, security firm Check Point published a report about a spike in the number of domains being registered related to coronavirus.

America's Homeland Security this week disclosed it recently responded to a ransomware infection at an unnamed natural gas plant. It did spread from an office computer through the plant's IT network to the operational network of PCs that monitor the plant, overwriting documents and other data as it went.

A ransomware attack on a U.S. natural gas compression facility led to a two-day shutdown of operations, according to an alert from the Cybersecurity and Infrastructure Security Agency. From there, attackers planted what the agency called "Commodity ransomware" within both networks that encrypted data throughout the facility.

British customers of High Street banking brand Natwest are being advised not to use the domain natwest.co.uk - by none other than Natwest itself. Consumers are increasingly becoming aware of threats to their online banking security through malware and malicious apps designed to steal credentials.

Despite the growth of 5G and 4G, older network technologies beset with certain security flaws will be around for many more years, says enterprise security provider Positive Technologies. For its "SS7 network security analysis" report, Positive Technologies analyzed the networks of 28 telecom providers across Europe, Asia, Africa, and South America, between 2018 and 2019.

Endpoint security firm SentinelOne on Wednesday announced that it has raised $200 million in a Series E funding round, at a valuation of more than $1.1 billion, which gives the company "Unicorn" status. The latest funding round, which brings the total raised by SentinelOne to $430 million, was led by Insight Partners, with participation from Tiger Global Management, Qualcomm Ventures LLC, Vista Public Strategies of Vista Equity Partners, Third Point Ventures and previous investors.

The breaches, which had been unreported, only came to light in January when Conservative MP Dean Allison demanded that the country's federal government produce a report for the Canadian House of Commons, according to the CBC. The 800-page report contained details about agency breaches in 2018 and 2019. In the report, the government admitted that agencies responsible for national defense, healthcare, tax revenue, postal service and immigration all sustained data breaches or accidentally exposed citizen data.

The SMS messages purport to be from local U.S. numbers and impersonate banks, warning users of locked bank accounts. The messages urge victims to click on a link, which redirects them to a domain that's known to distribute Emotet.