Security News > 2020

These pre-installed apps can have privileged custom permissions that let them operate outside the Android security model. This means permissions can be defined by the app - including access to the microphone, camera and location - without triggering the standard Android security prompts.

COPPA - the Children's Online Privacy Protection Act, which is the toughest federal protection for children's online data in the land - isn't tough enough, according to two US House Representatives who've introduced a bill that would update the law and beef it up. It's basically COPPA - which protects the data of kids 13 and younger - extended to the age of 16, and given a dose of the right to be forgotten.

The total number of 5G connections will reach 1.5 billion globally by 2025, rising from only 5 million in 2019, according to Juniper Research. The research found that pricing strategies from operators in the US and South Korea have aimed to rapidly migrate users to 5G networks by offering low cost connectivity.

The UK Information Commissioner's Office has kicked £280m in data breach fines against British Airways and US hotel chain Marriott into the long grass. As spotted by City law firm Mishcon de Reya, the ICO has extended the time before it will fine the two companies what it claimed would be a total of £282m, split between BA's £183m and Marriott's £99m. In a statement the UK's data protection regulator said: "Under Schedule 16 of the Data Protection Act 2018, BA and the ICO have agreed to an extension of the regulatory process until 31 March 2020. As the regulatory process is ongoing we will not be commenting any further at this time."

A man accused of hacking UK National Lottery accounts via credential stuffing attacks has been sentenced to nine months in prison, the UK's National Crime Agency reported on Friday. According to the NCA, Batson used a tool called Sentry MBA to launch credential stuffing attacks on accounts belonging to National Lottery customers.

Combined with the fact that we are seeing increasingly sophisticated methods to exploit hardware by chaining them together with software vulnerabilities, it's evident that the industry needs a better and more in-depth understanding of the common hardware security vulnerabilities taxonomy, including information on how these vulnerabilities get introduced into products, how they can be exploited, their associated risks, as well as best practices to prevent and identify them early on in the product development lifecycle. Today, a key resource for tracking software vulnerabilities exists in MITRE's Common Weakness Enumeration system, which is also complemented by the Common Vulnerability and Exposures system.

How can organizations reap the rewards of APIs while ensuring consumer data is secure? 2019 was the worst year ever for data breaches and, what's more, today's consumers are increasingly savvy about their data.

Late last month Citrix disclosed a critical security hole in its Application Delivery Controller and Unified Gateway offerings. Up to 80,000 systems were thought to be at risk, with some 25,000 instances found online over the weekend.

Semtech, a leading supplier of high performance analog and mixed signal semiconductors and advanced algorithms, recently launched the AVX chipset for multimedia connectivity over both copper category cabling and optical fiber. The AVX200T flagship part offers unprecedented levels of performance for AV extension applications, such as standalone point-to-point cable extenders, matrix switches and KVM extension.

The Cloud Security Alliance, the world's leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, announced it is changing the way the cloud and cybersecurity industry meets with the launch of SECtember, a signature event focused on educating the industry on key issues and trends faced in cloud and cybersecurity. "In 2009, CSA began defining cloud security before most organizations were in the cloud. In 2020, cloud computing is now the primary mode of computing around the world and is also the foundation for cybersecurity writ large and the means by which we secure all forms of computing, such as the Internet of Things."