Security News > 2020
Almost 65% of the nearly 300 international cybersecurity professionals canvased by Gurucul at RSA Conference 2020 said they access documents that have nothing to do with their jobs. "Detecting impermissible access to resources by authorized users, whether it is malicious or not, is virtually impossible with traditional monitoring tools. That's why many organizations are turning to security and risk analytics that look at both employee and entity behaviors to identify anomalies indicative of insider threats."
On the first day of the Pwn2Own 2020 hacking competition, participants earned a total of $180,000 for demonstrating exploits targeting Windows 10, Ubuntu Desktop and macOS. Pwn2Own typically takes place at the CanSecWest cybersecurity conference in Vancouver, Canada, and participants have to attend in person. On the first day of Pwn2Own 2020, a team from the Georgia Tech Systems Software & Security Lab successfully executed code on macOS through Safari.
"This research demonstrates that despite heightened compliance focus, businesses struggle to manage foundational security like PKI and the tools and processes that maintain it. This is concerning, especially as the number of digital certificates and keys within enterprise continues to multiply," said Chris Hickman, CSO at Keyfactor. "A lack of program ownership, combined with the constant care and feeding that digital identities need, has introduced new risk, creating an exposure epidemic. Unless leaders invest in in-house processes and outsourced resources to manage PKI, enterprise will risk failed audits, fines and worse, a security breach."
Hong Kong has made it mandatory for all new arrivals to wear an "Electronic wristband" that links to a smartphone to provide location-tracking services, so that authorities can be sure they're observing COVID-19 quarantine requirements. Here's the fun part in the press release: "The staff at the communication centres set up by the Office of the Government Chief Information Officer will check the location of people under quarantine from time to time and make surprise video calls to ensure that they are staying at their dwelling places."
Hong Kong has made it mandatory for all new arrivals to wear an "Electronic wristband" that links to a smartphone to provide location-tracking services, so that authorities can be sure they're observing COVID-19 quarantine requirements. Here's the fun part in the press release: "The staff at the communication centres set up by the Office of the Government Chief Information Officer will check the location of people under quarantine from time to time and make surprise video calls to ensure that they are staying at their dwelling places."
Security Compass, a software security company that provides organizations with technology to balance secure software development with speed of software delivery, announced that it has added content to SD Elements that enables organizations operating in California to maintain or achieve compliance under the California Consumer Privacy Act. Security Compass customers have immediate access to new content within the SD Elements platform, which was built for automating balanced development.
HYAS, a leader in threat intelligence and attribution, announced HYAS Insight, a threat intelligence and attribution solution that improves visibility and productivity for analysts, researchers and investigators while vastly increasing the accuracy of their findings. HYAS Insight lets analysts connect specific attack instances and campaigns to billions of historical and real-time indicators of compromise faster than ever before, bringing invaluable new intelligence and visibility to security efforts.
Seagate Technology, a world leader in data solutions, announced the latest in high-performance solutions for multi-user NAS environments, adding to their award-winning IronWolf SSD product line. Seagate's IronWolf 510 is an M.2 NVMe SSD with caching speeds of up to 3GBps for NVMe-compatible systems and is ideal for creative pros and business NAS needing 24×7 multi-user storage that is cache enabled.
Peng earlier confessed that SD cards loaded with information stolen from an unspecified US company were left for him to collect at hotels by a contact only known as Ed. Peng would also hide tens of thousands of dollars in hotel rooms for Ed to collect as payment. Prosecution paperwork [PDF] stated that, from 2015 through 2019, Peng agreed to, under orders from the Chinese Ministry of State Security, collect SD cards filled with stolen corporate information, and fly to China to drop them off to government snoops.
The investment round will bring CoreStack's total funding to $13 million and will help the company aggressively expand its sales and marketing efforts as well as accelerate product development. The Series A financing follows a record year of growth for CoreStack which saw a rapidly expanding roster of enterprise clients across U.S., Europe and India, key executive appointments, and significant market traction with enterprises adopting CoreStack as Governance landing zone for large scale cloud adoption.