Security News > 2020

At CES 2020, Patriot One Technologies explained its PATSCAN platform, which can detect hidden weapons and more without the perpetrator even knowing they've been scanned. So we have algorithms that have been trained to recognize weapons from the signatures we get through tartaric biomagnetic resonance, through cognitive microwave radar, or through video object recognition.

Is it possible that a nation-state actor such as Iran could create a cybersecurity incident that compromises the U.S. power grid? Bernie Cowens, who until recently was CISO at the nation's largest electric utility, says that's unlikely because the power grid is more cybersecure than you might think. "It's important to understand that the sky is not necessarily falling with regard to the power grid," says Cowens, who recently left his role as vice president and CISO of Pacific Gas and Electric in California.

Another group now focusing on the North American electricity generation sector is Magnallium, which since 2013 has been tied to attacks against energy and aerospace firms, Dragos says. "It's easy to get the impression that people who operate the grid and are responsible for it are asleep at the wheel somehow, and there could be nothing further from the truth," Cowens, who's now the CSO of startup Utility Technology Solutions, tells Information Security Media Group.

Last year, Microsoft did roll out phishing detection to Microsoft Forms, an online product that lets people create surveys, quizzes, and polls. "Contrary to Avanan's marketing claims, Microsoft does not automatically trust any domain, including the Office and Sway domains. All links are analyzed, assessed and compared to known attack vectors, including local domains. Additionally, Microsoft performs a complete assessment of Sway content, including the scanning of links on the pages."

Special Services Group, a company that sells surveillance tools to the FBI, DEA, ICE, and other US government agencies, has had its secret sales brochure published. Motherboard received the brochure as part of a FOIA request to the Irvine Police Department in California.

A Londoner who hacked the National Lottery using Sentry MBA and made off with just £5 will spend up to nine months in prison for his crimes. Anwar Batson, 29, of Lancaster Road in London's Notting Hill, was part of a group of miscreants who hacked into the National Lottery website in 2016.

The latest edition of the ISMG Security Report discusses "Orwellian" surveillance activity in 2020 via the ToTok app. Also featured: the controversy over enabling law enforcement to circumvent...

Trend Micro's Zero Day Initiative on Thursday announced the targets and prizes for the 2020 Pwn2Own competition, which is set to take place on March 18-20 in Vancouver at the CanSecWest conference. Pwn2Own 2019 introduced the automotive category and participants were invited to hack a Tesla Model 3.

A known APT group with ties to the Iran-linked APT33, dubbed Magnallium, has expanded its targeting from the global oil-and-gas industry to specifically include electric companies in North America. Dragos initially identified Magnallium's expansion into targeting North American electric entities because of activity from a group called Parisite that cropped up in its telemetry.

The latest edition of the ISMG Security Report discusses "Orwellian" surveillance activity in 2020 via the ToTok app. Also featured: the controversy over enabling law enforcement to circumvent...