Security News > 2020

An information disclosure vulnerability affecting Microsoft Access can cause sensitive data from system memory to be unintentionally saved in database files, email security company Mimecast revealed on Tuesday. The vulnerability, dubbed "MDB Leaker" by Mimecast, is related to "The improper management of system memory by an application." It can cause the content of uninitialized memory elements to be saved into Microsoft Access MDB files.

In early December, Tampa FL-based security services firm ReliaQuest, released a separate report discussing the effect of this tendency to purchase individual stand-alone tools to solve newly discovered issues. Problems include more tools than company capacity to productively use them, and a burden of maintenance forcing security teams to spend more time managing the tools than defending against threats.

The Federal Bureau of Investigation is once again asking Apple to help unlock the iPhone of a potential terrorist. The statement does not indicate whether Apple will in fact assist in unlocking the phones, which the FBI said are being held in the crime lab at Quantico, Va. Deja-Vu Privacy Implications.

In an unexpected industry twist, consulting giant Accenture on Tuesday announced that it has agreed to acquire Symantec's Cyber Security Services business from Broadcom for an undisclosed sum. The acquisition significantly expands Accenture Security's managed security services offerings and capabilities, and will add more than 300 employees around the world to the group.

ISARA is among several Canadian technology innovators selected by the APMA - Canada's national automotive association representing OEM producers of parts, equipment, tools, supplies, advanced technology, and services for the worldwide automotive industry - for inclusion in the demonstration car at APMA's booth within the Smart Cities showcase. "As cars become ever smarter and more connected, data security is an integral component of driver safety," said ISARA CEO and Co-founder Scott Totzke.

Google on Monday published the first Android security bulletin for 2020, with patches for 40 vulnerabilities, including a critical flaw in the Media framework. The Android Security Bulletin for January 2020 was split into two parts: the first addresses 7 vulnerabilities in Framework, Media framework, and System, while the second includes fixes for 33 security flaws in Kernel, Qualcomm, and Qualcomm closed-source components.

Despite the difficulties of identifying deepfakes, social media sites are recognizing the need to crack down on the manipulated, misleading videos. Facebook is banning deepfake videos, which stem from a technique of human-image synthesis based on artificial intelligence to create fake content.

Facebook, Samsung and Ring have unveiled new or improved privacy and security tools at the 2020 CES consumer electronics show taking place this week in Las Vegas. Facebook announced a revamped version of Privacy Checkup, a tool launched in 2014 in an effort to make it easier for users to manage the information they share on the social media network.

German cycle-maker Canyon Bicycles GmbH has confirmed it was the victim of a security break-in over the holiday period that has all the hallmarks of a ransomware attack with parts of the infrastructure padlocked by the perpetrators. "The attack shows massive criminal intent," said Canyon founder and CEO Roman Arnold.

Google has temporarily disconnected Xiaomi's IP cameras from its Home Hub service after a user reported that he was seeing images from other people's devices. Reddit user u/Dio-V found that Xiaomi's Mijia 1080p IP camera was sending still images from other peoples' homes when he accessed it via his Google Home Hub.