Thursday, October 1, 2020
SecurityWeek

Anthem to Pay Nearly $40M Settlement Over 2015 Cyberattack

Health insurer Anthem has agreed to another multimillion-dollar settlement over a cyberattack on its technology that exposed the personal information of nearly 79 million people. read more
SecurityWeek

Twitter Removes Iran-Linked Accounts Aimed at Disrupting U.S. Presidential Debate

Twitter on Wednesday announced that it removed 130 accounts originating from Iran that were aimed at disrupting the first 2020 U.S. presidential debate. The accounts, the social media platform reveals, were removed after the Federal Bureau of Investigation (FBI) alerted...
SecurityWeek

Microsoft Publishes Guide to Securing Systems Vulnerable to Zerologon Attacks

Microsoft has published a support article to provide guidance on what organizations need to do to ensure that they are not exposed to attacks targeting the Zerologon vulnerability. read more
SecurityWeek

Secretive Big Data Firm Palantir Makes Low-Key Stocks Debut

Data analytics firm Palantir, which has drawn fire over its law enforcement and national security work, made a low-key debut Wednesday on Wall Street at a hefty valuation of more than $20 billion. read more
SecurityWeek

GitHub Announces General Availability of Code Scanning Feature

GitHub on Wednesday announced that its code scanning feature, which is designed to enable developers to easily identify vulnerabilities in their products before they reach production, is generally available. read more
SecurityWeek

Takeaways From the Shopify Hack

On September 22nd, Canadian-based e-commerce company, Shopify, disclosed a security incident involving the breach of data belonging to almost 200 merchants (and their customers). According to the company’s investigation, two rogue members of their support team were engaged in...
SecurityWeek

How Security Programs Are Changing After COVID-19: Maximizing Resiliency

When Security is Seen as a Business Enabler We All Win  read more
SecurityWeek

Secure Access Provider Axis Security Raises $32 Million

Enterprise application access provider Axis Security this week announced that it has raised $32 million in Series B funding, which brings the total raised by the company to $49 million. read more
SecurityWeek

US Judge Dismisses New Mexico Privacy Claims Against Google

A U.S. district judge has dismissed New Mexico’s privacy claims against Google over privacy concerns, but New Mexico’s top prosecutor vowed Monday to continue the legal fight to protect child privacy rights. read more
SecurityWeek

Cisco Patches Actively Exploited Flaws in Carrier-Grade Routers

Cisco this week released patches for two high-severity vulnerabilities in IOS XR software that have been actively exploited in attacks for over a month. read more
SecurityWeek

Rinki Sethi Named CISO of Twitter

Twitter’s search for a new chief information security officer (CISO) has come to an end. The social media giant announced this week that Rinki Sethi has been appointed to the role. read more
SecurityWeek

Russian Sentenced to Prison for Hacking LinkedIn, Dropbox

A Russian national was sentenced to 88 months in prison in the United States for hacking LinkedIn, Dropbox, and Formspring in 2012. read more
SecurityWeek

Attacks on Flight Tracking Services Possibly Linked to Armenia-Azerbaijan Conflict

Distributed denial-of-service (DDoS) attacks launched in recent days against popular flight tracking services may be linked to the conflict between Armenia and Azerbaijan. read more
SecurityWeek

FireEye Proposes Converged Enterprise and ICS ATT&CK Matrix

FireEye's Mandiant Threat Intelligence and MITRE have collaborated on developing a new visualization able to combine the two separate Enterprise ATT&CK and ICS ATT&CK threat knowledgebases into a single holistic view combining both IT and OT attack behaviors. read more
SecurityWeek

VMware Unveils New Cloud Workload Security Solution

VMware on Tuesday announced Carbon Black Cloud Workload, a new security solution designed to help organizations protect workloads running in private, virtualized and hybrid cloud environments. read more
SecurityWeek

China-Linked ‘BlackTech’ Hackers Start Targeting U.S.

The China-linked BlackTech cyber-spies have adopted new malicious tools in recent attacks, and they have started targeting the United States, Symantec security researchers revealed on Tuesday. read more
SecurityWeek

Ivanti Acquires MobileIron, Pulse Secure

IT asset and service management solutions provider Ivanti on Monday announced the acquisition of MobileIron and Pulse Secure. read more
SecurityWeek

FBI, CISA Warn of Disinformation Campaigns Regarding Hacked Voting Systems

Threat actors are expected to spread false information regarding hacked voter information and voting systems, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) say in an alert. read more
SecurityWeek

McAfee Files for IPO

A registration statement filed by McAfee on Monday with the U.S. Securities and Exchange Commission (SEC) shows that the company is planning on returning to public markets. read more
SecurityWeek

New FinSpy Spyware Variants Identified, Dissected

Human rights organization Amnesty International has identified new macOS and Linux-targeting variants of the infamous FinFisher-made spyware family FinSpy. read more

When Coffee Machines Demand Ransom, You Know IoT Is Screwed

A researcher reverse engineered an internet-connected coffee maker to see what kinds of hacks he could do with it. The answer: quite a lot.
Tripwire

Russian Gets 7 Years in Prison for Linkedin, Dropbox & Formspring Hacks

A Russian man received a seven-year prison sentence for having hacked into computers belonging to LinkedIn, Dropbox and Formspring. On September 30, Honorable William H. Alsup, U.S. District Judge for the Northern District of California, sentenced Yevgeniy Alexandrovich Nikulin,...
Bruce Schneier

Detecting Deep Fakes with a Heartbeat

Researchers can detect deep fakes because they don’t convincingly mimic human blood circulation in the face: In particular, video of a person’s face contains subtle shifts in color that result from pulses in blood circulation. You might imagine that these...
SecurityWeek

Anthem to Pay Nearly $40M Settlement Over 2015 Cyberattack

Health insurer Anthem has agreed to another multimillion-dollar settlement over a cyberattack on its technology that exposed the personal information of nearly 79 million people. read more

#BeCyberSmart – why friends don’t let friends get scammed

Friends don't let friends get scammed. Because cybercrime hurts us all.