All the latest blog posts from the most relevant cyber security companies in the business.

The Riviera Beach City Council voted unanimously this week to pay the hackers’ demands, believing the Palm Beach suburb had no choice if it wanted to retrieve its records, which the hackers encrypted. The council already voted to spend almost $1 million on new computers and hardware after hackers captured the city’s system three weeks…

The capability is enabled by the recently introduced 2-Step Verification (2SV) method that allows users to protect accounts with a security key built into their Android phones. Previously, the technology could be used to verify sign-ins to Google and Google Cloud services on Bluetooth-enabled devices running Chrome OS, macOS, and Windows 10, and can now…

John Suffolk told a committee hearing that Huawei has sought guidance from its attorneys to see if a Chinese law on domestic companies’ cooperation with the government on security matters could force it to conduct foreign intelligence work. The legislation has been cited by US President Donald Trump’s administration in its attempts to force governments…

A Commerce Department filing said the delay does not change the ban imposed by President Donald Trump on national security grounds, an action with major implications for US and Chinese technology firms. Instead, it grants a temporary license that will allow Huawei to continue doing business with American firms. “The Temporary General License grants operators…

The probe, reported by De Volkskrant newspaper, comes as a series of western countries weigh the risks of allowing the Chinese telecoms giant to become involved in the new 5G mobile phone infrastructure. Volkskrant said the AIVD refused to confirm the report. AIVD spokesman Hilbert Bredemeijer declined to comment, saying the spy agency “does not…

The Federal Communications Commission said that because of China Mobile USA’s ownership and control by the Chinese government, allowing it into the US market “would raise substantial and serious national security and law enforcement risks.” The decision brings the Chinese telecoms giant’s eight-year effort to crack the US market to an end, but was not…

The new solutions include ElectionGuard, a free open-source software development kit (SDK) developed in collaboration with Galois, and Microsoft 365 for Campaigns, a new service that brings high-end security capabilities to political campaigns. The new service, Microsoft says, can keep political campaigns safe from phishing attacks, provides easy to deploy advanced security features, and comes…

In March, Poland-based Security Explorations reported identifying nearly 20 vulnerabilities in the latest version of Oracle Java Card (version 3.1), including weaknesses that can be exploited to compromise the security of chips using this technology. The firm has continued analyzing the software and it now claims to have found 34 issues. Java Card technology is…

Recently, the infamous Triton (also known as Trisis) malware framework made news again after researchers from FireEye found evidence of the same attacker lurking in other critical infrastructure. In 2017, Triton was behind an attack that shut down Schneider Electric’s Triconex safety instrumentation system (SIS) at a petrochemical plant in Saudi Arabia — the malware…

A grand jury in New York has subpoenaed information from at least two major smartphone makers about such arrangements with Facebook, according to the Times. Regulators, investigators and elected officials around the world have already been digging into the data sharing practices of Facebook which has more than two billion users. The social network’s handling…