Security News > 2020

A leading digital authority and consulting company, has achieved the Data Analytics Specialization in the Google Cloud Premier Partner Program. This Partner Specialization affirms that SoftServe has demonstrated success turning large amounts of data into insights using Google Cloud Platform technology.

Their article, Digital risk: Transforming risk management for the 2020s, focuses on how digitization can "Create real business value by improving efficiency and the quality of risk decisions." Furthermore, "a digitized risk function also provides better monitoring and control and more effective regulatory compliance." Scott Matteson: Can you provide me with some insights into how the day-to-day activities of risk managers can do better? Matt Kunkel: Some day-to-day activities of risk managers that can always be improved is tracking, aggregating, mitigating, educating and reporting on the different risk vectors in an organization.

Learn how to secure Firefox tabs from mischief with the Don't Touch My Tabs add-on.

UPDATE. Both the Google Chrome and Mozilla Firefox teams are cracking down on web browser extensions that steal user data and execute remote code, among other bad actions. In this case, Google said that after becoming aware of a widespread pattern of pernicious behavior on the part of a large number of Chrome extensions, it has disabled extensions that contain a monetary component - those that are paid for, offer in-browser transactions and those that offer subscription services.

Under HIPAA, covered entities are required to report breaches impacting protected health information within 60 days of discovering the breach. In its breach notification statement, PIH Health says that on June 18, 2019, it learned that certain PIH Health employee email accounts had potentially been accessed without authorization as a result of a targeted phishing campaign.

On Saturday, Google temporarily disabled the ability to publish paid Chrome apps, extensions, and themes in the Chrome Web Store due to a surge in fraud. "Earlier this month the Chrome Web Store team detected a significant increase in the number of fraudulent transactions involving paid Chrome extensions that aim to exploit users," said Simeon Vincent, developer advocate for Chrome Extensions, in a post to the Chromium Extensions forum.

A mid-January spam campaign by criminals behind the popular Necurs botnet shows a dramatic drop in skill and savvy by perpetrators. "Things are changing and with major banking Trojan botnets moving away from Necurs and to distribution through inter-gang collaborations, Necurs has been left behind to distribute amateur spam campaigns in high volumes," IBM X-Force researchers said in a Monday post.

Rui Pinto, the Portuguese self-taught hacker already tied to the "Football Leaks", has now come forward as the source of the spectacular "Luanda Leaks" revelations. Pinto said he leaked the "Luanda Leaks" files - drawn from 715,000 documents - out of civic duty, asking for nothing in return.

Citrix has released the full set of patches for the recently disclosed security flaw tracked as CVE-2019-19781, but attacks on vulnerable systems are ramping up. Impacting Citrix Application Delivery Controller and Gateway, the vulnerability was disclosed in December 2019, and the first attacks targeting it followed only weeks later, shortly after PoC exploits were released.

U.S. Senator Ron Wyden, D-Ore., has called on the National Security Agency to take steps to make sure the personal devices of high-ranking Trump administration officials are secure following a report last week that Amazon CEO Jeff Bezos' smartphone had been compromised. Wyden wrote to NSA Director Paul M. Nakasone on Friday, asking if the agency was sure that the Saudi government had not used the crown prince's WhatsApp account to hack the devices of senior government officials, such as White House Senior Adviser Jared Kushner, who have reportedly had contact with Bin Salman on the Facebook-owned messaging app.