Security News
Mercedes-Benz USA said last week that sensitive personal information pertaining to its customers was inadvertently exposed by a vendor. This information includes self-reported credit scores, along with a small number of credit card details, dates of birth, driver license numbers, and social security numbers.
The FBI on Saturday withdrew a subpoena issued to USA Today's parent company Gannett in April to find out who read an online news story published in February about a shootout that led to the deaths of two FBI agents and the wounding of three others. The article described how an FBI operation went awry a day earlier when two agents were shot and killed and three other agents were wounded while serving a warrant in a child exploitation investigation.
JBS USA, the US subsidiary of the world's largest meat processing company, said Monday that some operations were shut down following a cyberattack that affected its North American and Australian IT network. Headquartered in Greeley, Colorado, JBS USA is a global food company wholly owned by Brazil-based JBS S.A., the largest meat processing firm in the world.
The Republic of Korea took two bold steps into the future on Tuesday, by announcing that the last of its 2G networks will go offline in June and that it will initiate large-scale adoption of communications protected by quantum encryption. The quantum tests will build on demos conducted in 2020, but this time South Korea's government hopes to involve multiple industries and to educate them on the benefits of the tech and how to adopt it.
The first "Quad summit" of leaders from Australia, India, Japan, and the USA has announced the group will create a "Critical and Emerging Technology Working Group". The joint "Spirit of the Quad" statment said the group will: "Respond to the economic and health impacts of COVID-19, combat climate change, and address shared challenges, including in cyber space, critical technologies, counterterrorism, quality infrastructure investment, and humanitarian-assistance and disaster-relief as well as maritime domains."
On US presidential election day, 3 November, the nation's Federal Bureau of Investigation acted to seize 27 domains it says Iran used to conduct disinformation campaigns. FBI Special Agent in Charge Craig D Fair said the domains were used by Iran's Islamic Revolutionary Guard Corps "In attempt to manipulate public opinion in other countries, including the United States."
The USA and India have struck a new defence pact that will see the two nations share high-quality spatial data and satellite images. Doing so means that India can, in theory, be more precise should it act in neighbouring trouble spots.
US secretary of state Mike Pompeo has announced a "Clean Network plan" he says offers a "Comprehensive approach to guarding our citizens' privacy and our companies' most sensitive information from aggressive intrusions by malign actors, such as the Chinese Communist Party." Clean Carrier: To ensure untrusted People's Republic of China carriers are not connected with US telecommunications networks.
Critical flaws in the popular Meetup platform were revealed Monday as part of research unleashed at this week's Black Hat USA 2020. Erez Yalon, the director of security research with Checkmarx, discussed why these critical vulnerabilities are a "Holy grail" for attackers, and explained how the bugs are indicative of overall application security trends that will be discussed this week at Black Hat USA 2020.
At this year's Black Hat USA 2020 computer security conference, some of the top trends expected to surface include ransomware, election security and how to protect a remote workforce. Young continued, "At Black Hat 2020 I expect we'll hear most about XDR as threats have learned to not set off the known obvious alarms and blocking and are more stealthy as they move between traditional security silos. Related to that will be protecting a remote workforce, and the Mitre ATT&CK framework and more complex threat-hunting. Although the talks won't likely be labeled as such, cyber resilience will be a consistent thread reflecting the transformation that businesses and governments of all sizes had to undergo during the first half of this year."