Positive Technologies has published its “5G standalone core security assessment”. The report discusses vulnerabilities and threats for subscribers and mobile network operators, which stem from the use of new standalone 5G network cores. The vulnerabilities in protocols HTTP/2 and PFCP, used by standalone 5G networks, include the theft of subscriber profile data, impersonation attacks and faking subscriber authentication.

Today’s customers rarely bat an eye when they receive a security alert from a company with which they do business. That’s because large tech companies have baked identity confirmation and notifications of suspicious activities into their everyday user experiences.

Though many healthcare organizations still consider it optional, two-factor authentication - also known as Multi-Factor Authentication (MFA) - is an indispensable part of a secure environment, and key to protecting your medical data.

Digital Shadows released research on the most popular items for sale on the dark web this holiday season – this one is shaping up to be different than any before with many consumers turning to online shopping instead of brick and mortar.

Lookout, Inc. announced the discovery of Goontact, a new spyware targeting iOS and Android users in multiple Asian countries. Uncovered by the Lookout Threat Intelligence team, Goontact targets users of illicit sites and steals personal information stored on their mobile devices. Evidence shows these sextortion scams are affecting Chinese-, Japanese- and Korean-speaking people. Goontact may also be operating in Thailand and Vietnam. Lookout discovered evidence the campaign may have been active since 2018 and is still active today. 

The coronavirus pandemic has sparked a new round of digital transformation. But in many cases, the rapid pace of digital acceleration has enlarged the digital footprint of both businesses and consumers beyond the capacity of our cybersecurity infrastructure to keep up. The scary reality is that the business impact of COVID-19 may be creating the perfect storm for a cybercrime pandemic; digital citizens will have to act aggressively to secure their data before it’s too late.

Mobile devices are part and parcel of today’s increasingly distributed workforce. Laptops, smartphones, and tablets are provisioned by enterprises to increase employee productivity, while providing flexibility to work remotely. But when the pandemic struck, security teams across industries were challenged by the unprecedented speed and scale of the shift. This disruption created great strain for IT security teams. Pair that with the increase in employee BYOD devices, already-overworked IT teams raced to ensure only authorized devices could connect to corporate assets. 

Apple has officially rolled out the new privacy labels on its App Store, which allows users to understand the type of data collected by each app.

COVID-19 has caused havoc on the schools across the U.S. In the spring, school districts did whatever they could to provide the tools to students to get through the end of the school year. As schools are starting up around the country this month and next month, the challenge school IT departments are having is how to secure all of the devices distributed to students. Here, we talk to Jake Kouns, CEO and CISO for Risk Based Security, where he leads the company’s technology strategy and is responsible for product vision and leadership in the security industry.

Dashlane announced the findings of its new Workplace Security Survey which looked at employee sentiment and habits around workplace security practices—and who the responsibilities should fall on. As many companies continue to grapple with a remote workforce, overall employee security measures become more critical, especially as many are relying on personal devices and networks for work. The online survey, conducted by The Harris Poll on behalf of Dashlane among over 1,200 employed U.S. Americans, sheds light on how employees view and manage company security—and reveals they aren’t necessarily taking the security of their work accounts as seriously as they should.