Security News > 2020

Following several recent reports of hackers gaining access to people's internet-connected Ring doorbell and security cameras, Amazon yesterday announced to make two-factor authentication security feature mandatory for all Ring users. Until now, enabling the two-factor authentication in Ring devices was optional, which definitely would have prevented most Ring hacks, but of course, many never bothered to enable it.

Cynet changes the rules of the game with a free threat assessment offering based on more than 72 hours of data collection, enabling organizations to benchmark their security posture against their industry vertical peers and take actions accordingly. Cynet Free Threat Assessment spotlights critical, exposed attack surfaces and provides actionable knowledge of attacks that are currently alive and active in the environment.

Globally, the coronavirus has infected more than 75,000 people and led to over 2,000 deaths. Business travelers should avoid panic, says pandemic expert Regina Phelps, who offers preventive health tips for those headed to international events such as the RSA 2020 conference.

An unnamed US gas pipeline operator has falled victim to ransomware, which managed to encrypt data both on its IT and operational technology networks and led to a shutdown of the affected natural gas compression facility, the Cybersecurity and Infrastructure Security Agency has revealed. "Although the direct operational impact of the cyberattack was limited to one control facility, geographically distinct compression facilities also had to halt operations because of pipeline transmission dependencies. This resulted in an operational shutdown of the entire pipeline asset lasting approximately two days."

Cybersecurity focused venture investor ForgePoint Capital has closed its second fund with $450 million in capital commitments, the firm said Wednesday. Formerly known as Trident Capital Cybersecurity, San Mateo, Calif.-based ForgePoint has more than 40 cybersecurity investments in its portfolio and $750 million under management.

A ransomware infection at a natural gas compression facility in the United States resulted in a two-day operational shutdown of an entire pipeline asset, the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency revealed on Tuesday. A compression facility helps transport natural gas from one location to another through a pipeline.

With the new Chromium version of Microsoft Edge comes new settings that allow you to better control your privacy and security. Microsoft released the new version of Edge on January 15, 2020, for Windows 10, Windows 8/8.1, and Windows 7, so you should already have it by now; if not, browse to Microsoft's website to download the new Microsoft Edge based on Chromium.

The attacks are emerging alongside the traditional e-mail based attacks that try to trick users into installing malware that can steal credentials or take control of systems. Attackers this year are focusing on smaller tax-preparation firms probably because "Smaller companies often have fewer resources and less expertise to prevent these attacks and detect them when they've happened," he wrote.

After coming across thousands of photos seeping out of an unsecured S3 storage bucket belonging to a photo app called PhotoSquared, security researchers at vpnMentor blurred a few. VpnMentor's Noam Rotem and Ran Locar note that PhotoSquared's failure to lock down its cloud storage has put customers at risk of identity theft, financial or credit card fraud, malware attacks, or phishing campaigns launched with the USPS or PhotoSquared postage data arming phishers with the PII they need to sound all that much more convincing.

The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency earlier today issued a warning to all industries operating critical infrastructures about a new ransomware threat that if left unaddressed could have severe consequences. The advisory comes in response to a cyberattack targeting an unnamed natural gas compression facility that employed spear-phishing to deliver ransomware to the company's internal network, encrypting critical data and knocking servers out of operation for almost two days.