Security News

There is a new report on police decryption capabilities: specifically, mobile device forensic tools. This report documents the widespread adoption of MDFTs by law enforcement in the United States.

Cisco has released two studies examining how workers feel about the current state of play when it comes to remote work security and data privacy, finding that thousands around the world are increasingly concerned about how their employers are handling the massive societal changes that have occurred over the last six months. "Cisco's latest privacy research highlights that people care deeply about protecting their data, and many have stopped doing business with companies due to data privacy concerns," said Brad Arkin, senior vice president and chief security and trust officer at Cisco.

An online platform designed to help IoT vendors receive, assess, manage and mitigate vulnerability reports has been launched by the IoT Security Foundation. VulnerableThings.com aims to simplify the reporting and management of vulnerabilities whilst helping IoT vendors comply with new consumer IoT security standards and regulations.

Clop and the group's signature malware has struck again - this time hitting a giant target in the form of German software conglomerate Software AG. The company isn't paying a mammoth $23 million ransom, and over the weekend it confirmed that the crooks were releasing company data, according to reports. The company released a statement on October 5 publicly announcing the attack, adding, "While services to its customers, including its cloud-based services, remain unaffected, as a result, Software AG has shut down the internal systems in a controlled manner in accordance with the company's internal security regulations," the statement read. But that assessment turned out to be prematurely rosy.

A new report Friday says the coordinated attack was part of an operation carried out by the U.S. military's Cyber Command. On October 2, KrebsOnSecurity reported that twice in the preceding ten days, an unknown entity that had inside access to the Trickbot botnet sent all infected systems a command telling them to disconnect themselves from the Internet servers the Trickbot overlords used to control compromised Microsoft Windows computers.

Adobe is suffering a 'major' outage that prevents users from logging in to Creative Cloud or accessing their subscribed applications or stored data. Since approximately 9:30 a.m EST, Adobe Creative Cloud users have reported difficulty logging into the service or accessing saved images and data.

Microsoft awarded over $370,000 in bounties to security researchers for 16 bounty eligible reports of vulnerabilities submitted through the Azure Sphere Security Research Challenge IoT-focused research program. Azure Sphere Security Research Challenge is a 3-month expansion to the Azure Security Lab bounty program Microsoft announced last year at Black Hat 2019.

APIsec provides a 100% automated and continuous API security testing platform that eliminates the need for expensive, infrequent, manual pen-testing. "Our customers love the comprehensive security test coverage APIsec provides out of the box, and they wanted to stop hiring expensive, time-consuming outside firms for penetration testing reports," said Intesar Shannan Mohammed, CTO of APIsec.

Seventy percent of major organizations were strategizing to pour more money into cybersecurity efforts as a result of the coronavirus pandemic, according to a report in May. Gartner has predicted that, despite COVID-19, total global spending on cybersecurity will hit $123.8 billion in 2020. A new report-CompTIA's State of Cybersecurity 2020-took the temperature of how the enterprise has responded to security during COVID-19, surveying 425 US businesses.

On Tuesday, Microsoft released its annual Digital Defense Report providing a glimpse of the trends shaping the cybersecurity landscape during the last year. The Digital Defense Report analyzes cybersecurity threats from the second half of 2019 through the first half of 2020.