Security News > 2020

Britain on Tuesday greenlighted a limited role for Chinese telecoms giant Huawei in the country's 5G network, but underscored that "High risk vendors" would be excluded from "Sensitive" core infrastructure. London's decision, following a meeting of the National Security Council chaired by Prime Minister Boris Johnson, came shortly after Brussels said it would allow Huawei a limited 5G role in the European Union.

Cisco on Tuesday announced the launch of a security solution for the Industrial Internet of Things that is designed to help organizations identify threats across their IT and OT environments. The networking giant's new IoT solution, which includes Cisco Cyber Vision and Cisco Edge Intelligence software-based services, provides enhanced visibility, analytics, automation, and security.

Google reportedly has a database called Sensorvault in which it stores location data for millions of devices going back almost a decade. The article is about geofence warrants, where the police go to companies like Google and ask for information about every device in a particular geographic area at a particular time.

Intel on Monday informed customers that researchers have identified yet another speculative execution attack method that can be launched against systems that use its processors. The disclosure of the Meltdown and Spectre vulnerabilities back in January 2018 paved the way for the discovery of several speculative execution side-channel attack methods impacting modern processors.

Video-conferencing outfit Zoom had a vulnerability in its URL scheme that miscreants could exploit to eavesdrop on private meetings. The firm reckoned that around 4 per cent of randomly generated meeting IDs led to genuine Zoom meetings.

Attackers using Ryuk and Sodinokibi - aka REvil - are increasingly "Focusing their attacks on large companies where they can attempt to extort the organization for a seven-figure payout," it says, noting that the average Ryuk ransom payment last quarter was $780,000. One commonality across all types of tools is that attackers overwhelmingly continue to demand ransom payments in bitcoins.

Researchers are warning that while LoRaWAN itself is perfectly secure, poor device security and user mistakes in configuration and implementation can still lead to hacks and widespread operational disruption. The application-layer security is responsible for confidentiality, with end-to-end encryption between the device and the application server, preventing third parties from accessing the application data being transmitted.

Most things aren't made from a single material, and in the case of printed guns, that means printed plastic parts that are joined with essential metal components. In other words, 3D printed parts don't need to be the end product: they can, rather, assist in the fabrication of the end product - for example, besides the plastic bits of a printed gun, 3D printing can also assist in rifling the metal barrels.

NEW ORLEANS - Enterprise video conferencing firm Zoom has issued a bevy of security fixes after researchers said the company's platform used weak authentication that made it possible for adversaries to join active meetings. The issue stems from Zoom's conference meetings not requiring a "Meeting password" by default, which is a password assigned to Zoom attendees for what is calls a meeting room.

New York facial recognition startup Clearview AI - which has amassed a huge database of more than three billion images scraped from employment sites, news sites, educational sites, and social networks including Facebook, YouTube, Twitter, Instagram and Venmo - is being sued in a potential class action lawsuit that claims the company gobbled up photos out of "Pure greed" to sell to law enforcement. The suit against Clearview was just one chunk of shrapnel that flew after the New York Times published an exposé about how Clearview has been quietly selling access to faceprints and facial recognition software to law enforcement agencies across the US, claiming that it can identify a person based on a single photo, revealing their real name and far more.