Security News > 2020

Both Microsoft and Google have postponed a change that would have forced better application security by shutting down an insecure access protocol called Basic Authentication. Specified in RFC 2617, Basic Authentication is a method of logging applications into online services using a simple username and password combination sent in an HTTP header.

Computer manufacturing giant Dell has released a new security tool for its commercial customers that aims to protect their computers from stealthy and sophisticated cyberattacks involving the compromise of the BIOS. Dubbed 'SafeBIOS Events & Indicators of Attack', the new endpoint security software is a behavior-based threat detection system that alerts users when BIOS settings of their computers undergo some unusual changes. Changes to the system BIOS settings could allow malicious software to run during the boot process,.

What am I trying to get at? The new zero trust security model is promising as it looks to include many aspects of the security ecosystem. Visibility: zero trust enables you to manage, optimize and innovate the value chain, meaning you can see what you need to manage.

Zoom's security catch-up sprint has seen it announce its users will soon be able to choose where their traffic goes. The new feature will help users in places like Taiwan, where the government banned Zoom after learning traffic could go through its frenemies in Beijing.

Synthetic data is helping highly regulated companies safely use customer data to increase efficiencies or reduce operational costs, without falling under scope of stringent regulations. The GDPR does not expressly reference synthetic data, but it expressly says that it does not apply to anonymous information: according to UCL, "Information which does not relate to an identified or identifiable natural person or to personal data rendered anonymous in such a manner that the data subject is not or no longer identifiable." Synthetic data is considered personal data which has been rendered anonymous and therefore falls outside the material scope of the GDPR. Essentially, these important global regulatory mandates do not apply to collection, storage and use of synthesized data.

As most companies make the rapid shift to work-from-home to stem the spread of COVID-19, a significant percentage of IT and cloud professionals are concerned about maintaining the security of their cloud environments during the transition, according to a survey conducted by Fugue. Preventing cloud misconfiguration remains a significant challenge for cloud engineering and security teams.

There's a worrisome increase in call traffic from bad actors looking to cash in on new vulnerabilities created by the global COVID-19 pandemic, according to research from Next Caller. After just 3 weeks, high-risk calls are up 28% on average, outpacing the growth rate of overall call traffic - suggesting that as concerned customers call in waves, hundreds of thousands of potentially fraudulent attacks pummel contact centers in their wake.

Whether you're studying for the CISSP, CCSP, SSCP or another industry leading² certification,² is here to help you stay on track to certification with our Official Online Instructor-Led training, now at a new lower price. Perfect for distance learning, this hands-on training format offers the structure of real-time class in a virtual setting, with the option to access course recordings.

The Coronavirus quarantine introduces an extreme challenge for IT and Security teams to maintain secure environments during the mass transition of employees working remotely and the surge in cyberattacks targeting its inherent security weaknesses. In a webinar for security service providers taking place on April 22nd, a leading MSSP will share how they conquer and overcome the coronavirus quarantine challenges to grow their customer base.

In an effort to fend off the coronavirus while getting economies restarted, the world has hit on the same idea: a smartphone app that alerts people if they have been close to someone who has the virus. Not all these apps work in the same way however and with experts saying that to be effective they would have to be used by at least 60 per cent of the population, it is critical that whatever approach is taken is acceptable to a vast majority of the population.