Google Temporarily Suspends Developers’ Ability To Publish or Update Their Extensions On Chrome Web Store After Detecting ‘At Scale’ Fraudulent Transactions

An anonymous reader writes: The Google security team has indefinitely suspended the publishing or updating of any commercial Chrome extensions on the official Chrome Web Store following a spike in the number of paid extensions engaging in fraudulent transactions. Google said the wave of fraudulent transactions began earlier this month. Google engineers described the fraudulent transactions as happening “at scale.”

“This is a temporary measure meant to stem this influx as we look for long-term solutions to address the broader pattern of abuse,” said Simeon Vincent, Developer Advocate for Chrome Extensions at Google. The ban on publishing or updating impacts all paid extensions. This includes Chrome extensions that require paying a fee before installing, extensions that work based on monthly subscriptions, or Chrome extensions that use one-time in-app purchases to get access to various features. Existing commercial extensions are still available for download via the official Chrome Web Store, however, extension developers can’t push new updates.

A massive 50% of critical flaws in enterprise environments due to outdated or unsupported components, more than doubling last year

Bulletproof has released its Annual Cybersecurity Industry Report that shows that half of the most pervasive of critical flaws – which offer hackers an easy route into an organisation – are down to outdated components, such as unpatched or unsupported software. However, this number has jumped significantly from 22%  over the previous year, indicating a widespread negligence when it comes to organisations’ cybersecurity practices.

Data privacy is about more than compliance—it’s about being a good world citizen

Happy Data Privacy Day! Begun in 2007 in the European Union (E.U.) and adopted by the U.S. in 2008, Data Privacy Day is an international effort to encourage better protection of data and respect for privacy. It’s a timely topic given the recent enactment of the California Consumer Privacy Act (CCPA). Citizens and governments have grown concerned about the amount of information that organizations collect, what they are doing with the data, and ever-increasing security breaches. And frankly, they’re right. It’s time to improve how organizations manage data and protect privacy.

Payment Cards Exposed in Wawa Breach Offered for Sale on Dark Web

Digital criminals posted customers’ payment card details exposed in the 2019 Wawa data breach for sale on a dark web marketplace.In December 2019, the Joker’s Stash first announced what it called the “BIGBADABOOM-III” breach.Advertisements posted by the dark web marketplace announced that the breach included over 30 million payment card details exposed in a nationwide security incident that allegedly affected over 40 states. They said that the breach also contained an additional one million payment card records from Europe, Asia and elsewhere.

Gatewatcher and Nozomi Networks Team to Deliver Advanced OT and IoT Cybersecurity Solutions for Global industry

PARIS, 28 January 2020 — The French leading security software company Gatewatcher and Nozomi Networks, the leader in OT and IoT security, today announced they have partnered to meet rising demands for integrated cybersecurity in mixed IT, OT and IoT environments. Gatewatcher and Nozomi Networks will work together to help industrial organizations and critical national infrastructure deploy the best possible protection against cyber threats in mixed network environments. The partnership brings deep expertise in IT and OT to address the unique needs of energy, automotive, oil and gas, mining, manufacturing, defense and industrial IoT infrastructures like healthcare, transportation, smart cities and smart buildings,