Security News > 2020

Researchers at the University of York have shown that some commercial password managers may not be a watertight way to ensure cybersecurity. After creating a malicious app to impersonate a legitimate Google app, they were able to fool two out of five of the password managers they tested into giving away a password.

A faction under the Magecart umbrella, Magecart Group 8, targeted the website of the blender manufacturer, NutriBullet, in an attempt to steal the payment-card data of its online customers. Yonathan Klijnsma, threat researcher with RiskIQ, said in a Wednesday post that a JavaScript web skimmer code was first inserted on the website of the blender retailer on Feb. 20, specifically targeting the website's checkout page, where customers input their payment information.

Pervasive surveillance through digital technologies is the business model of Facebook and Google. Speaking elsewhere, Netanyhau said the digital tools are those used by Israeli security agency Shin Bet to observe terrorists.

The traditional network security model, in which traffic is routed through the data center for inspection and policy enforcement, is for all intents and purposes obsolete. The writing is on the wall: security needs to move from the data center to the edge of the network.

Patients might end up bearing the brunt of successful cyber attacks but, Covid-19 or no Covid-19, the danger for healthcare organizations has effectively remained the same - only the stakes got higher. It is crucial for healthcare organizations and agencies not to ignore cybersecurity and data protection at this moment.

Trend Micro has patched several serious vulnerabilities in its Worry-Free Business Security, Apex One and OfficeScan products, including a couple of flaws that have been exploited in the wild. The exploited vulnerabilities were identified by Trend Micro's own researchers, but no information has been released about the attacks.

Over 60% of the Fortune 1000 had at least one public breach over the last decade, according to a Cyentia Institute research. On an annual basis, it is estimated one in four Fortune 1000 firms will suffer a cyber loss event.

One-third of financial services organizations lack a clear plan or the resources to address privacy risks related to customer data in the next 12 months, according to a report by Accenture. It focuses on how companies should rethink how they use, store and protect customer data as recently implemented regulations, including the General Data Protection Regulation and the California Consumer Privacy Act, give consumers explicit privacy rights.

Contrast Security, the next-generation software security platform, announced Route Intelligence, a major new capability for application security. When compared to traditional application security approaches, Route Intelligence saves security teams and application development teams massive amounts of time while reducing costs-namely, development teams know exactly what parts of each application have been tested for critical security flaws.

Pradeo supports companies by offering its mobile security services for free. The publisher of mobile security solutions is committed to going beyond borders and opens the use of its solutions to all companies around the world who request them.