Security News > 2020

Dutch police on Friday arrested a 19-year-old man from Breda suspected of launching a distributed denial of service attack on a government website. Given the current coronavirus crisis, when emergency ordinances and regulations are made accessible through this site, the Dutch police notes, keeping it accessible is vital.

The United States Securities and Exchange Commission last week announced that it reached a settlement with two of the traders charged last year over their roles in a scheme that involved hacking the organization's EDGAR electronic filing system. The SEC revealed in September 2017 that a breach of its EDGAR system detected in 2016 had allowed hackers to obtain non-public information that was used by some traders to make a profit.

With people working from home and connected to business applications running in the cloud, the notion of an office building representing the company network has vanished overnight. If that's the case, why would it matter whether that laptop is being connected to video conferencing in the company's conference room or a video conference being held from home? There is no more of a guarantee that the laptop in the company conference room is connected to the company's network than the one connected at home.

The overnight move to a "Virtual workplace" has increased cybersecurity concerns for small business owners, but many still have not implemented remote working policies to address cybersecurity threats, according to a survey by the Cyber Readiness Institute. Only 22% provided additional cybersecurity training prior to enabling remote working and just 33% provided "Any cybersecurity training."

Google and Apple unveiled a joint initiative Friday to develop a coronavirus smartphone "Contact tracing" tool that could potentially alert people when they have crossed paths with an infected person. "All of us at Apple and Google believe there has never been a more important moment to work together to solve one of the world's most pressing problems," the companies said in a joint statement.

As cloud platforms become more prevalent, IT and DevOps teams face additional concerns and uncertainties related to securing their cloud instances. 230 million misconfigurations are identified on average each day, proving this risk is prevalent and widespread. "Cloud-based operations have become the rule rather than the exception, and cybercriminals have adapted to capitalize on misconfigured or mismanaged cloud environments," said Greg Young, vice president of cybersecurity for Trend Micro.

With the acquisition, Zscaler will provide its customers industry-leading data protection coverage in the Zscaler Cloud Security Platform. "Cloudneeti augments Zscaler's data protection capabilities and will dramatically improve organizations' cloud security by discovering and eliminating some of the most common causes of data breaches and compliance violations," said Jay Chaudhry, Chairman and CEO of Zscaler.

TLS 1.3: Slow adoption of stronger web encryption is empowering the bad guysTLS provides secure communication between web browsers, end-user facing applications and servers by encrypting the transmitted information, preventing eavesdropping or tampering attacks. Actively exploited MS Exchange flaw present on 80% of exposed serversAttackers aiming to exploit CVE-2020-0688, a critical Microsoft Exchange flaw patched by Microsoft in February 2020, don't have to look hard to find a server they can attack.

The San Francisco International Airport disclosed this week two of its websites had been hacked and lead to the disclosure of some users' login credentials at both sites. "The attackers inserted malicious computer code on these websites to steal some users' login credentials," according to a message posted to both site's homepages by the SFO's Airport Information Technology and Telecommunications director.

Despite the companies' insistence that privacy will be "Of utmost importance," some in the security space remain wary of data privacy concerns around the newly announced technology. Many such coronavirus tracking apps are already available, such as COVID Symptom Tracker and Private Kit SafePaths.