Security News > 2020

The US government is tightening its rules around the registration of government web domains to stop fraudsters impersonating government sites, it emerged last week. A.gov domain is only supposed to be operated by US-based government entities, from federal agencies to local municipalities, meaning that, in the GSA's words, "It's official".

Cybercriminals compromise 0.5% of all Microsoft enterprise accounts every month because too few customers are using multi-factor authentication, the company has revealed. In a presentation uploaded to YouTube from the recent RSA Security Conference, director of Identity Security Alex Weinert said 1.2 million accounts were compromised in January 2020 alone.

At an event run by think tank The Institute for Government last month, he was asked about proposals that could allow the sharing of medical and social care data across government bodies under the Digital Economy Act 2017. The Public Service Delivery Review Board has suggested that it will ask government to extend the Digital Economy Act to include the sharing of medical data across government, something primary legislation currently prevents.

Want to maximize your digital transformation project success and impact? Start by ensuring that you correctly explain risk to stakeholders, as well as continually benchmark your organization's risk management maturity to identify the best, next steps forward, says Barbara Kay, senior director of product marketing for security and risk at ServiceNow. Analyzing digital transformation and risk via a maturity scale;.

From an ultrasonic attack on Siri and Google Assistant to the guy who hacked back at tech support scammers - and everything in between.

Far from being depressed, Wiley was expressing the forlorn hope that infosec as a field would be less dominated by malicious persons trying to make a fast buck by scamming honest folk and businesses out of their hard-earned money. As Check Point's incident response head honcho, Wiley has full visibility into what the infosec company's operations involve.

AMD processors from as early as 2011 to 2019 carry previously undisclosed vulnerabilities that open them to two new different side-channel attacks, according to a freshly published research. Known as "Take A Way," the new potential attack vectors leverage the L1 data cache way predictor in AMD's Bulldozer microarchitecture to leak sensitive data from the processors and compromise the security by recovering the secret key used during encryption.

AMD processors from as early as 2011 to 2019 carry previously undisclosed vulnerabilities that open them to two new different side-channel attacks, according to a freshly published research. Known as "Take A Way," the new potential attack vectors leverage the L1 data cache way predictor in AMD's Bulldozer microarchitecture to leak sensitive data from the processors and compromise the security by recovering the secret key used during encryption.

The situation is more complex than simply devoting a larger share of the budget and focus to fraud prevention and security: as companies find new ways to engage with their customers through new features and touchpoints, criminals find new vulnerabilities to exploit. Research and experience have showed that fraud mitigation and cutting-edge security strategies can go hand-in-hand with - and even drive - innovation, customer engagement and a great user experience.

Among the company's many impressive accomplishments is a 62% growth of its Azure cloud service. The leaderboard in the cloud wars saga has remained stagnant, with a few powerhouses dominating market share: US-based companies AWS, Azure and Google Cloud, as well as China's Alibaba.