Security News > 2020

The latest example of the latter are fake emails purportedly coming from the World Health Organisation, which is, ironically, engeaged in fighting an "Infodemic" of fake coronavirs-themed news online. It also shows a simple pop-up asking the potential victim to "Verify" their email by entering their email address and password.

Originally planned for Q4 2019, Microsoft has pushed the first part of this update out to March 2020. As explained in the advisory, the "Windows Updates in March 2020 add new audit events, additional logging, and a remapping of Group Policy values that will enable hardening LDAP Channel Binding and LDAP Signing."

DigiCert launches two new PKI tools to provide fast, flexible PKI deployment. These new offerings are built on the DigiCert ONE platform, which delivers end-to-end centralized user and device certificate management for a variety of deployment models and PKI use cases.

Google has posted the February security updates for Android, including for a potentially serious remote code execution flaw in Bluetooth. Designated CVE-2020-0022, the flaw was discovered and reported by researchers with German company ERNW who say a fix has been in the works since November.

Aside from being a prominent cybersecurity executive, speaker, cybersecurity and blockchain advisor, and having built two cybersecurity companies, Rubinoff also has an educational background in psychology. That's why Cyber Minds is very human-oriented, meaning she views cybersecurity through its interconnectivity with humans.

Although 96 percent of the 1,850 senior leaders within large organizations have a data sanitization policy in place, 31 percent have yet to communicate it across the business, according to a Blancco survey. Although 68 percent of respondents felt that ownership of data sanitization policies is clearly communicated within their organization, when asked who was responsible for their implementation, 18 percent of enterprises stated the DPO, 18 percent the Head of Operations, 17 percent the Head of IT Operations and 11 percent the CISO. This lack of clear ownership could suggest enterprises consider data sanitization to be a "'checkmark"' exercise that must be done to satisfy compliance or operational requirements and that they are not taking data risks seriously.

Palo Alto Networks released research showing how vulnerabilities in the development of cloud infrastructure are creating significant security risks. The Unit 42 Cloud Threat Report: Spring 2020 investigates why cloud misconfigurations happen so frequently.

The implementation of massive MIMO in 5G systems is changing, according to a Mobile Experts report. During initial 5G system roll-outs, the distinct preference was to achieve best coverage and data rate, leading to large deployment of 64T64R mMIMO antenna solutions.

LogicHub, the provider of the industry's most complete security automation solution, unveiled MDR+, its automation-driven Managed Detection and Response solution. LogicHub's MDR+ goes beyond traditional MDR solutions through monitoring an organization's environment 24×7 by integrating with every tool throughout the security stack, generating and automatically triaging alerts based on the MITRE ATT&CK framework, and enriching alerts with contextual information to automate decision making with extreme accuracy across historically disparate security operations.

Enea launched the Enea Unified Data Manager, a hardware-agnostic, cloud-native network function for 4G and 5G data management. The software performs the 3GPP functions of Unified Data Management in 5G networks and interoperates with any Home Subscriber Server in 4G. The solution is a critical component in multi-vendor and multi-generation network architectures.