Security News > 2020

The COVID-19 coronavirus outbreak will likely have an impact on early-stage venture investment in cybersecurity, but investors and industry professionals are optimistic. "Angels will likely tighten their purse strings to preserve personal assets while the economic impact of the current pandemic remains unknown. However, venture capital money is still available as are the quality founders seeking capital to build great companies. We expect to see the trend of fewer deals continue along with downward valuation pressure. Downturns in the economy can be very active times for select venture capital firms as they view this as a time to get better valued deals."

ReversingLabs has analyzed clues from attacks by the Kwampirs remote access trojan to help software companies defend their organizations against this malware. In addition to attacks against supply chain software providers, the FBI said the same malware was also used in attacks against healthcare, energy, and financial companies.

Apple has released an update to its Safari browser that blocks third-party cookies, following an announcement by Google that it would do the same for its Chrome browser. Through the release of Safari 13.1 on Tuesday, alongside some changes to Apple's Intelligent Tracking Prevention in iOS and iPadOS 13.4, the company now blocks all third-party cookies by default in its browser, according to a blog post by the engineer behind Apple's WebKit, John Wilander.

The cybersecurity firm told SecurityWeek that its Mandiant Intelligence team tracks nearly 100 tools that can be used to exploit vulnerabilities in ICS or interact with industrial equipment in an effort to support intrusions or attacks. Of the ICS hacking tools tracked by FireEye - the company calls them ICS cyber operation tools - 28% are designed for discovering ICS devices on a network and 24% for software exploitation.

Since February, the community has been working on the computationally heavy work of figuring out how the virus's proteins bind to cells. Infection in both COVID-19 and its close cousin, the SARS coronavirus, first happens in the lungs when a protein on the surface of the virus binds to a receptor protein on a lung cell.

The company now says its masked facial recognition program has reached 95 percent accuracy in lab tests, and even claims that it is more accurate in real life, where its cameras take multiple photos of a person if the first attempt to identify them fails. Counter-intuitively, training facial recognition algorithms to recognize masked faces involves throwing data away.

Despite often repeated advice of using unique passwords for online accounts - or at least the most critical ones - password reuse continues to be rampant. According to breach discovery firm SpyCloud, employees of the Fortune 1000 are just as bad about reusing passwords as the rest of us.

According to Reuters sources, the attack likely came from Darkhotel, a group that according to MITRE has been active since at least 2004. When you read about it, all the bad guy did was set up a phishing website that emulated the World Health Organization's internal mail server to harvest logins and passwords.

The office of New York Attorney General Letitia James sent letters - here's one sent to GoDaddy - to six of the internet's largest domain name registrars, asking them how they plan to protect New Yorkers and others across the country from these scams by making it tougher to register a domain that's likely to be selling snake oil, inflicting malware or setting up whatever other trap the crooks have been rushing to put into place. Human review of complaints from the public and law enforcement about fraudulent or illegal use of coronavirus domains, including creating special channels for such complaints.

A UK housing association blurted 3,500 people's sensitive personal data as part of a bungled "Please update your contact details" email exercise, The Register has been told. Watford Community Housing sent the email on the night of 23 March to people it thought were its tenants.