Security News > 2020

There are over a hundred potential ways hackers can ruin your life by having access to your WiFi network that's also connected to your computers, smartphones, and other smart devices. In the latest research shared with The Hacker News, Check Point experts today revealed a new high-severity vulnerability affecting Philips Hue Smart Light Bulbs that can be exploited over-the-air from over 100 meters away to gain entry into a targeted WiFi network.

Xton Technologies, a provider of privileged access management solutions, announced that Xton Access Manager now includes advanced proxy support for RDP, SSH and web proxies allowing customers to create secure, high trust remote sessions with full session recording and keystroke monitoring using native desktop or mobile applications. "Unique to XTAM is our ability to securely lock credentials on the server-side without ever releasing them to the client computer even in an encrypted form. This provides administrators with secure and efficient access to the systems they need to do their jobs while satisfying audit and senior management requirements for just in time secure access and controls."

NETSCOUT, a leading provider of service assurance, security, and business analytics, announced the availability of its 7000 series nGenius Packet Flow Switches, nGenius Decryption Appliance, NETSCOUT External PowerSafe Tap and PFS Monitor, which enable unified security and visibility to address the growing need for simplified data center security management. "As bad actors hijack weaker encryption or piggyback on legitimate SSL sessions, NetOps and SecOps teams need greater visibility into events happening across different systems and domains," stated Richard Kenedi, president, Core Markets Business Unit, NETSCOUT. "These products enable streamline monitoring and reduce risk through greater visibility across the network."

STEALTHbits, a cybersecurity software company focused on protecting an organization's sensitive data and the credentials attackers use to steal that data, announced a free program designed to help organizations mitigate the risks of operational outage associated with Microsoft's pending update to Active Directory slated for March 2020. Microsoft is recommending organizations enable the LDAP channel binding and LDAP signing features they will enforce by default in March before the update is provided, as a means by which to identify systems, applications, and other devices that will be incompatible with the more secure configuration.

Forter, the leader in e-commerce fraud prevention, announced availability of the Forter Loyalty Program Protection solution to protect high value rewards programs from fraud and abuse, enabling merchants to offer enhanced programs with the best possible customer experience. Nearly 50% report insufficient resources, and that loyalty program account fraud prevention is considered a low organizational priority.

Avaya Holdings, a global leader in solutions to enhance and simplify communications and collaboration, and RingCentral, a leading provider of global enterprise cloud communications, collaboration and contact center solutions, introduced Avaya Cloud Office by RingCentral. Together, Avaya and RingCentral are redefining business communications by offering a solution delivering a seamless communication and collaboration through multiple channels.

TRIMEDX is pleased to announce a comprehensive cybersecurity training program specifically designed to address the ever-growing threat of cyberattacks on connected medical devices. TRIMEDX will partner with CyberVista, a cybersecurity education and workforce development company, in launching its CE CYBER Academy: a next-generation training and certification program that will enhance TRIMEDX's 3,100+ nationwide associates with vital skills that many health systems struggle to source in the face of unprecedented demand for cybersecurity expertise.

A bug in Google's Photo software caused potentially 100,000 or more netizens to have their personal videos exposed to complete strangers last Thanksgiving. The Chocolate Factory this week began notifying punters that a bug in its data-archiving tool Takeout was to blame for some accounts having their private videos shared with total strangers.

Miller Kaplan, a top-100 certified public accounting firm, is pleased to announce that effective January 1, 2020, the firm has acquired Citadel Information Group - a Los Angeles-based company dedicated to providing information security management services to businesses and the nonprofit community. Founded in 2002 by Stan Stahl, Ph.D., and Kimberly Pease, CISSP, and expanded in 2014 to add information security expert, David Lam, CISSP, CPP, Citadel's mission has been to provide a wide range of information security management services including vulnerability assessments, staff awareness training, security management of the IT network, incident response and business continuity planning, and Virtual-CISO, among others.

Google is potentially facing a massive privacy and GDPR row over Chrome sending per-installation ID numbers to the mothership. "This Chrome-Variations header will not contain any personally identifiable information, and will only describe the state of the installation of Chrome itself, including active variations, as well as server-side experiments that may affect the installation," Google explains in a paper describing Chrome capabilities.