Security News > 2020

As the U.S. ramps up pressure on its allies to ban equipment from Chinese manufacturer Huawei from their 5G networks, U.S. officials now say they have evidence that the firm has created a backdoor that allows it to access mobile phone networks around the world, according to the Wall Street Journal. "We have evidence that Huawei has the capability secretly to access sensitive and personal information in systems it maintains and sells around the world," says Robert O'Brien, national security adviser, according to the Journal report.

A new federal bureaucracy, the Data Protection Agency, has been proposed to completely revamp how the U.S. government regulates data collection and misuse by big tech companies. While privacy experts call the agency a "Good first step," they remain skeptical about how effective it would be once enforced.

Cybercrime led to $3.5 billion in losses in the U.S. last year, with a sharp uptick in business email compromise scams - which accounted for nearly half those losses, according to a newly released FBI Internet Crime Report, which is based on complaints the FBI received. The FBI received nearly 24,000 complaints about BEC scams last year, with a total loss of $1.7 billion and an average loss of about $72,000, according to the report.

A Google Project Zero researcher claims that some of the security features added by Samsung to the Android kernel don't provide meaningful protection and they actually increase the attack surface. Project Zero researcher Jann Horn has analyzed the Android kernel shipped by Samsung with its Galaxy A50 phones and found that some security features added by the tech giant actually make security worse.

Cyber-threat intelligence company Sixgill this week announced the closing of a $15 million funding round. The new funding, Sixgill says, will be invested in expanding its global operations and strengthening core products to support its growing portfolio.

The firm's third State of Cyber Resilience survey defines leaders as high performers in at least three of four categories: stopping cyber attacks, finding breaches faster, fixing breaches faster, and reducing breach impact. "The most surprising finding for us was just how much better the leaders in cyber resilience are doing versus the rest of the pack," observed Ryan LaSalle, North America lead for Accenture Security.

Over just the last three years, Chinese cyber criminals have gone from relatively solitary players to adopting the same tactics favored by organized crime syndicates in Russia and other nations with lax cyber crime laws and enforcement. "According to 2018 Internet Development Statistics, China's cybercriminal underground was worth more than US $15 billion, nearly twice the size of its information security industry. The same Chinese-language source also shows that China's cybercrime is growing at a rate of more than 30 percent a year. An estimated 400,000 people work in underground cybercriminal networks."

A vast majority of security vendors cannot meet customer requirements for high performance and low-cost security for branch offices that can protect and inspect high-volume encrypted data at scale. As with the development of physical security ASICs, building an effective virtualized security appliance requires advanced optimization skills that few vendors possess.

The United States is one of the few democracies without some formal data protection agency, and we need one. Senator Gillibrand just proposed creating one....

A phishing scam has swindled a Puerto Rico government agency out of more than $2.6 million, according to reports. According to reports, the email-based phishing scam hit Puerto Rico's Industrial Development Company, which is a government-owned corporation aimed at driving economic development to the island along with local and foreign investors.