A China-linked threat actor tracked as APT41 has targeted many organizations around the world by exploiting vulnerabilities in Citrix, Cisco and Zoho ManageEngine products, FireEye reported on Wednesday. read more Advertise on IT Security News. Read the complete article:…
Category: SecurityWeek RSS Feed
Public ICS Hacking Tools Make It Easier to Launch Attacks: FireEye
Publicly available hacking tools, many of which have been developed for research and testing purposes, lower the bar for threat actors looking to target industrial control systems (ICS) and operational technology (OT) networks, FireEye warned this week. read more …
Impact of Coronavirus Outbreak on Early Stage Venture Investment in Cybersecurity
The COVID-19 coronavirus outbreak will likely have an impact on early-stage venture investment in cybersecurity, but investors and industry professionals are optimistic. read more Advertise on IT Security News. Read the complete article: Impact of Coronavirus Outbreak on Early…
GE Says Some Employees Hit by Data Breach at Canon
General Electric (GE) revealed last week that the personal information of some employees may have been compromised as a result of a data breach suffered by Canon Business Process Services. read more Advertise on IT Security News. Read the…
Videolabs Patches Code Execution, DoS Vulnerabilities in libmicrodns Library
Vulnerabilities that Videolabs recently addressed in its libmicrodns library could lead to denial of service (DoS) and arbitrary code execution, Cisco Talos’ security researchers warn. read more Advertise on IT Security News. Read the complete article: Videolabs Patches Code…
VMware Again Fails to Patch Privilege Escalation Vulnerability in Fusion
VMware has released an update for the macOS version of Fusion to fix a privilege escalation vulnerability for which it initially released an incomplete patch. However, one of the researchers who found it says the patch is “still bad.” read…
Microsoft, PayPal Invest in Anti-Fraud Startup Arkose Labs
Arkose Labs Raises $22 Million in Series B Funding read more Advertise on IT Security News. Read the complete article: Microsoft, PayPal Invest in Anti-Fraud Startup Arkose Labs
Critical Flaw in Adobe Creative Cloud App Allows Hackers to Delete Files
A critical vulnerability patched on Tuesday by Adobe in its Creative Cloud desktop application can be exploited by hackers to delete arbitrary files. read more Advertise on IT Security News. Read the complete article: Critical Flaw in Adobe Creative…
ZenKey: How Major Mobile Carriers Are Teaming Up to Eliminate Passwords
ZenKey Links Mobile Phones Directly to Carrier APIs and Avoids Users Having to Use Passwords After Authenticating a Phone read more Advertise on IT Security News. Read the complete article: ZenKey: How Major Mobile Carriers Are Teaming Up to…
How to Address the Surging Need for Secure Remote Access to OT Networks
Strategies for Evaluating Secure Remote Access Solutions for OT/ICS Networks read more Advertise on IT Security News. Read the complete article: How to Address the Surging Need for Secure Remote Access to OT Networks
WPvivid Backup Plugin Flaw Leads to WordPress Database Leak
A vulnerability addressed recently in the WPvivid Backup Plugin could be exploited to obtain all files of a WordPress website, web security company WebARX reveals. read more Advertise on IT Security News. Read the complete article: WPvivid Backup Plugin…
Authorities Warn of Escalating COVID-19-Themed Cyberattacks
Authorities in the United States and Europe have issued warnings of increased malicious cyber-activity related to the ongoing COVID-19 (coronavirus) pandemic. In an alert on Friday, the Federal Bureau of Investigation said that scammers are leveraging the current crisis to…
Hackers Target Two Unpatched Flaws in Windows Adobe Type Manager Library
Microsoft informed customers on Monday that it’s working on patches for two Windows zero-day vulnerabilities that can be exploited for remote code execution. According to Microsoft, the vulnerabilities exist due to the way the Windows Adobe Type Manager library handles…
Abuse.ch Launches Free Malware Repository
A newly launched service from abuse.ch aims to make it easy for the community to share known malware samples and access additional intelligence on them. read more Advertise on IT Security News. Read the complete article: Abuse.ch Launches Free…
Coronavirus Confinement Challenges Intelligence Services
The home confinement of hundreds of millions of people worldwide to halt coronavirus contagion has presented intelligence services with a challenge: monitoring an explosion in internet traffic, above board and not, even as their own capacity is reduced. read more…
Hackers Target Two Unpatched Flaws in Windows Adobe Type Manager Library
Microsoft informed customers on Monday that it’s working on patches for two Windows zero-day vulnerabilities that can be exploited for remote code execution. According to Microsoft, the vulnerabilities exist due to the way the Windows Adobe Type Manager library handles…
Abuse.ch Launches Free Malware Repository
A newly launched service from abuse.ch aims to make it easy for the community to share known malware samples and access additional intelligence on them. read more Advertise on IT Security News. Read the complete article: Abuse.ch Launches Free…
Hackers Target Two Unpatched Flaws in Windows Adobe Type Manager Library
Microsoft informed customers on Monday that it’s working on patches for two Windows zero-day vulnerabilities that can be exploited for remote code execution. According to Microsoft, the vulnerabilities exist due to the way the Windows Adobe Type Manager library handles…
Coronavirus Confinement Challenges Intelligence Services
The home confinement of hundreds of millions of people worldwide to halt coronavirus contagion has presented intelligence services with a challenge: monitoring an explosion in internet traffic, above board and not, even as their own capacity is reduced. read more…
Abuse.ch Launches Free Malware Repository
A newly launched service from abuse.ch aims to make it easy for the community to share known malware samples and access additional intelligence on them. read more Advertise on IT Security News. Read the complete article: Abuse.ch Launches Free…
Coronavirus Confinement Challenges Intelligence Services
The home confinement of hundreds of millions of people worldwide to halt coronavirus contagion has presented intelligence services with a challenge: monitoring an explosion in internet traffic, above board and not, even as their own capacity is reduced. read more…
Vulnerability Exposed Tesla Central Touchscreen to DoS Attacks
read more Advertise on IT Security News. Read the complete article: Vulnerability Exposed Tesla Central Touchscreen to DoS Attacks
Vulnerability Exposed Tesla Central Touchscreen to DoS Attacks
read more Advertise on IT Security News. Read the complete article: Vulnerability Exposed Tesla Central Touchscreen to DoS Attacks
University of Utah Health Discloses Data Breach
University of Utah Health revealed last week that it discovered unauthorized access to some employee email accounts, along with a malware infection on one of its workstations. read more Advertise on IT Security News. Read the complete article: University…
Flaw in Password Managers Allowed Apps to Steal Credentials
One of the vulnerabilities that researchers from the University of York discovered in widely-used password managers could have resulted in malicious apps stealing users’ credentials. read more Advertise on IT Security News. Read the complete article: Flaw in Password…
Zero-Day Vulnerabilities in LILIN DVRs Exploited by Several Botnets
Cybercrime groups have been exploiting vulnerabilities in digital video recorders (DVRs) made by Taiwan-based surveillance solutions provider LILIN to increase the size of their botnets. read more Advertise on IT Security News. Read the complete article: Zero-Day Vulnerabilities in…
New Mexico Agencies on Edge Amid Rising Ransomware Attacks
New Mexico school districts, universities, and government agencies have collectively spent millions of dollars to regain control of their computer systems after employees unknowingly opened emails containing an encrypted code that effectively shut them out of their systems. read more…
Mozilla to Remove Support for FTP in Firefox
Mozilla is getting ready to remove support for the File Transfer Protocol (FTP) from the Firefox web browser due to security concerns. read more Advertise on IT Security News. Read the complete article: Mozilla to Remove Support for FTP…
Unprotected Database Exposed 5 Billion Previously Leaked Records
An Elasticsearch instance containing over 5 billion records of data leaked in previous cybersecurity incidents was found exposed to anyone with an Internet connection, Security Discovery reports. read more Advertise on IT Security News. Read the complete article: Unprotected…
Hackers Target UK Fintech Company Finastra
UK-based financial technology company Finastra is investigating a cybersecurity incident that may involve a piece of ransomware infecting some of its systems. Finastra has over 10,000 employees and it delivers financial software to more than 9,000 customers across 130 countries,…
New Mirai Variant Delivered to Zyxel NAS Devices Via Recently Patched Flaw
A new variant of the notorious Mirai malware has been delivered by cybercriminals to network-attached storage (NAS) devices made by Zyxel through the exploitation of a recently patched vulnerability. read more Advertise on IT Security News. Read the complete…
UK Printing Company Exposed Military Documents
Cybersecurity researchers say UK-based document printing and binding company Doxzoo exposed hundreds of gigabytes of information, including documents related to the US and British military, by leaving an AWS S3 bucket unprotected. read more Advertise on IT Security News.…
Russian Cyberspies Hacked High-Profile Email Accounts for Phishing
The Russia-linked cyber-espionage group known as Pawn Storm has been leveraging hijacked email accounts to send phishing emails to potential victims, Trend Micro’s security researchers reveal. read more Advertise on IT Security News. Read the complete article: Russian Cyberspies…
Russia-Linked Cybercriminals Use Legitimate Tools in Attacks on German Firms
In a campaign targeting German companies, the infamous Russia-linked threat actor known as TA505 has been using legitimate tools in addition to malware, Prevailion reports. read more Advertise on IT Security News. Read the complete article: Russia-Linked Cybercriminals Use…
Oracle VirtualBox, Adobe Reader, Windows Hacked at Pwn2Own 2020
On the second day of the Pwn2Own 2020 hacking competition, participants earned a total of $90,000 for exploits targeting Oracle VirtualBox, Adobe Reader and Windows. read more Advertise on IT Security News. Read the complete article: Oracle VirtualBox, Adobe…
Android Surveillance Campaign Leverages COVID-19 Crisis
Amid numerous malicious attacks leveraging the current COVID-19 coronavirus crisis, security researchers have discovered an Android surveillance campaign targeting users in Libya. read more Advertise on IT Security News. Read the complete article: Android Surveillance Campaign Leverages COVID-19 Crisis
Drupal Updates CKEditor to Patch XSS Vulnerabilities
The developers of the Drupal content management system (CMS) announced on Wednesday that updates for versions 8.8.x and 8.7.x address a couple of vulnerabilities affecting the CKEditor library. read more Advertise on IT Security News. Read the complete article:…
NIST Updates Flagship SP 800-53 Security and Privacy Controls
NIST SP 800-53 Revision 5 Represents a Multi-Year Effort to Develop Next-Generation Security and Privacy Controls read more Advertise on IT Security News. Read the complete article: NIST Updates Flagship SP 800-53 Security and Privacy Controls
Google Patches High-Risk Chrome Flaws, Halts Upcoming Releases
Google this week rolled out an update to address multiple high-severity vulnerabilities in Chrome and also announced that it is pausing upcoming releases of the browser. The pause, the Internet giant says, was caused by an adjusted work schedule due…
RDP-Capable TrickBot Targets Telecoms Sectors in U.S. and Hong Kong
A recently discovered TrickBot variant targeting telecommunications organizations in the United States and Hong Kong includes a module for remote desktop protocol (RDP) brute-forcing, Bitdefender reports. read more Advertise on IT Security News. Read the complete article: RDP-Capable TrickBot…
NIST, DHS Publish Guidance on Securing Virtual Meetings, VPNs
With people worldwide forced to work from home due to the coronavirus epidemic, NIST and DHS published a series of recommendations on how to ensure that virtual meetings and connections to enterprise networks are protected from prying eyes. read more…
California Man Gets Prison for Hacking Atlanta-Based Company
A California man has been sentenced to more than seven years in prison for hacking an Atlanta-based company and trying to extort money in exchange for the return of the company’s intellectual property. read more Advertise on IT Security…
Patch for Recently Disclosed VMware Fusion Vulnerability Incomplete
The patch released recently by VMware for a privilege escalation vulnerability affecting Fusion for Mac have been found to be incomplete. read more Advertise on IT Security News. Read the complete article: Patch for Recently Disclosed VMware Fusion Vulnerability…
Researchers Hack Windows, Ubuntu, macOS at Pwn2Own 2020
On the first day of the Pwn2Own 2020 hacking competition, participants earned a total of $180,000 for demonstrating exploits targeting Windows 10, Ubuntu Desktop and macOS. read more Advertise on IT Security News. Read the complete article: Researchers Hack…
Cisco Patches Several Vulnerabilities in SD-WAN Solution
Cisco on Wednesday announced that it has patched a total of five vulnerabilities in its SD-WAN solution, including three that have been assigned a “high severity” rating. read more Advertise on IT Security News. Read the complete article: Cisco…
Researchers Track Coronavirus-Themed Cyberattacks
Cybercriminals have always used crises and natural disasters to fuel their social engineering activities. The COVID-19 (Coronavirus) pandemic is a massive human crisis, and criminals have been quick to take advantage. People are afraid, and fear is a primary social…
Analyzing Cyberspace Solarium Commission’s Blueprint for a Cybersecure Nation
The Cyberspace Solarium Commission (CSC) is a modern iteration of Eisenhower’s original 1953 Project Solarium. Project Solarium was tasked with developing a national strategy to contain and counter the nuclear threat from the USSR. CSC has a similar task to…
Adobe Patches Critical Flaws in Reader, ColdFusion, Other Products
Security updates released this week by Adobe address numerous critical and important vulnerabilities in Genuine Integrity Service, Acrobat and Reader, Photoshop, Experience Manager, ColdFusion, and Bridge. read more Advertise on IT Security News. Read the complete article: Adobe Patches…
Sixgill Introduces Dark Web Data Feed Product
Threat intelligence provider Sixgill has announced a new product that allows organizations to integrate a real-time, actionable dark web data feed into any security platform. read more Advertise on IT Security News. Read the complete article: Sixgill Introduces Dark…
VMware Fixes Privilege Escalation Vulnerability in Fusion for Mac
VMware announced on Tuesday that it has patched a serious privilege escalation vulnerability that can be exploited on Mac systems where Fusion, Remote Console (VMRC) or Horizon Client are installed. read more Advertise on IT Security News. Read the…
The Human Element and Beyond: Why Static Passwords Aren’t Enough
Static Passwords Are No Longer Enough to Secure Systems read more Advertise on IT Security News. Read the complete article: The Human Element and Beyond: Why Static Passwords Aren’t Enough
Ransomware Is Mostly Deployed After Hours: Report
Most ransomware is deployed after hours, and usually several days after the initial compromise, newly published research from FireEye reveals. read more Advertise on IT Security News. Read the complete article: Ransomware Is Mostly Deployed After Hours: Report
The Other Virus Threat: Surge in COVID-Themed Cyberattacks
It may look like an email from a supervisor with an attachment on the new “work from home policy.” But it could be a cleverly designed scheme to hack into your network. read more Advertise on IT Security News.…
Barr: FBI Probing If Foreign Gov’t Behind HHS Cyber Incident
Attorney General William Barr vowed in an interview with The Associated Press on Tuesday that there would be swift and severe action if a foreign government is behind disinformation campaigns aimed at spreading fear in the U.S. amid the coronavirus…
Trend Micro Patches Two Vulnerabilities Exploited in the Wild
Trend Micro has patched several serious vulnerabilities in its Worry-Free Business Security, Apex One and OfficeScan products, including a couple of flaws that have been exploited in the wild. read more Advertise on IT Security News. Read the complete…
Financial Services Firms Exposed 500,000 Sensitive Documents
Researchers say two financial services companies have exposed over 500,000 sensitive legal and financial documents by storing them in an unprotected AWS S3 bucket. read more Advertise on IT Security News. Read the complete article: Financial Services Firms Exposed…
Tech Companies Partner to Securely Connect IoT to Cloud
Thales, Telstra, Microsoft, and Arduino this week announced a partnership aimed at enabling the secure connection of IoT devices to the cloud. Delivering end-to-end connectivity between devices and cloud platforms, the solution enables “instant and standardized mutual authentication” over cellular…
Private Application Access Firm Axis Security Emerges From Stealth
Axis Security, a company that specializes in private application access, emerged from stealth mode on Tuesday with $17 million in funding. read more Advertise on IT Security News. Read the complete article: Private Application Access Firm Axis Security Emerges…
Two Dozen Arrested for Laundering Funds From BEC, Other Scams
Twenty-four individuals were arrested for laundering funds illegally obtained via business email compromise (BEC), romance, and retirement account scams targeting victims across the United States. The large-scale fraud operation facilitated by the arrested individuals has caused losses of more than…
Users Complain About Windows Update That Patches SMBGhost Vulnerability
Some users have complained that the Windows security update released recently by Microsoft to patch a wormable vulnerability related to Server Message Block 3.0 (SMBv3) is causing problems. read more Advertise on IT Security News. Read the complete article:…
Senate Votes to Renew Surveillance Powers, Delaying Changes
The U.S. Senate has voted to extend, rather than tweak, three surveillance powers that federal law enforcement officials use to fight terrorists, passing the bill back to an absent House and throwing the future of the authorities in doubt. read…
Rare Android Stalkerware Can Steal Data, Control Devices
A recently discovered piece of Android stalkerware can install itself persistently on the system partition and steals the file containing the hash sum for the screen unlock pattern or password to allow its operators to unlock devices. read more …
HHS Says DDoS Attack Failed to Cause Disruption
The U.S. Department of Health and Human Services (HHS) was targeted with a distributed denial-of-service (DDoS) attack on Sunday, but the agency said it did not experience any significant disruption as a result of the incident. read more Advertise…
PE Firm to Buy Application Security Specialist Checkmarx at $1.15 Billion Valuation
Checkmarx, a provider of tools for testing source code for security issues, announced on Monday that private equity firm Hellman & Friedman (“H&F”) has agreed to acquire a majority of the Company from Insight Partners in a deal valuing Checkmarx…
There Are Plenty of Phish in the Sea
There Are Plenty of Phish in the Sea for Commercial Phishers and Weekend Scammers Alike The phish market is open. And you don’t have to be an experienced angler to land a catch of the day. read more Advertise…
Organizations Slow to Patch Targeted Microsoft Exchange Vulnerability
Organizations have fallen behind with the patching of a Microsoft Exchange Server vulnerability addressed with Microsoft’s February 2020 Patch Day updates and already targeted in attacks. read more Advertise on IT Security News. Read the complete article: Organizations Slow…
There Are Plenty of Phish in the Sea for Commercial Phishers and Weekend Scammers Alike
Cybercrime Has Gone Mainstream With All the Tools You Need Now Easily Available on the Dark Web The phish market is open. And you don’t have to be an experienced angler to land a catch of the day. read more…
Slack Vulnerability Allowed Hackers to Hijack Accounts
A researcher earned $6,500 from Slack last year after finding a critical vulnerability that could have been exploited to hijack Slack accounts. Researcher Evan Custodio discovered in November 2019 that the enterprise collaboration platform’s slackb.com domain was vulnerable to HTTP…
COVID-19 Themed Phishing Campaigns Continue
Another COVID-19 (Coronavirus) phishing campaign has been discovered — this one apparently operated by the Pakistan-based APT36, which is thought to be nation-backed. APT36 has been active since 2016, and possibly earlier, performing cyber espionage activity against Indian defense and…
ProtonMail, ProtonVPN Will Use Alternative Routing to Bypass Censorship
Privacy-focused services provider Proton Technologies is deploying a new system to ensure that its email and VPN applications continue to be accessible even in scenarios where governments or ISPs attempt to block them. read more Advertise on IT Security…
Many Backdoors Found in Zyxel CloudCNM SecuManager Software
Researchers have discovered 16 types of vulnerabilities, including many backdoors, in Zyxel’s CloudCNM SecuManager network management software. The vendor has confirmed the flaws and says it’s working on patches. read more Advertise on IT Security News. Read the complete…
How National Security Surveillance Nabs More Than Spies
The case against Nassif Sami Daher and Kamel Mohammad Rammal, two Michigan men accused of food stamp fraud, hardly seemed exceptional. But the tool that agents used to investigate them was extraordinary: a secretive surveillance process intended to identify potential…
European Authorities Dismantle Two SIM Hijacking Gangs
European authorities managed to crack down on two cybercrime gangs responsible for stealing millions by employing SIM hijacking. read more Advertise on IT Security News. Read the complete article: European Authorities Dismantle Two SIM Hijacking Gangs
US Surveillance Powers Set to Temporarily Expire
Three surveillance powers available to the U.S. government are set to temporarily expire Sunday after a trio of senators opposed a bipartisan House bill that would renew the authorities and impose new restrictions. read more Advertise on IT Security…
Flaws in Popup Builder Plugin Impacted Over 100,000 WordPress Sites
More than 100,000 WordPress websites were potentially affected by a series of vulnerabilities recently discovered and addressed in the Popup Builder plugin. read more Advertise on IT Security News. Read the complete article: Flaws in Popup Builder Plugin Impacted…
Microsoft Deprecates Remote Desktop Connection Manager
Microsoft announced this week that has deprecated Remote Desktop Connection Manager (RDCMan) due to security concerns. read more Advertise on IT Security News. Read the complete article: Microsoft Deprecates Remote Desktop Connection Manager
Critical Flaw in VMware Workstation, Fusion Allows Code Execution on Host From Guest
VMware has patched three serious vulnerabilities in its products, including a critical flaw in Workstation and Fusion that can be exploited to execute arbitrary code on the host from the guest operating system. The critical flaw, tracked as CVE-2020-3947, is…
China-linked APT Hackers Launch Coronavirus-Themed Attacks
COVID-19 (Coronavirus) themed malware attacks are now common. The subject matter automatically contains at least two of the primary social engineering triggers, fear and urgency, making it an obvious lure for use by criminals. Even a long-standing China-based APT has…
Trump Signs Bill to Help Telecoms Replace Huawei Equipment
President Donald Trump on Thursday signed into law a bill that provides $1 billion to help small telecom providers replace equipment made by China’s Huawei and ZTE. read more Advertise on IT Security News. Read the complete article: Trump…
U.S. Senators Seek to Ban TikTok on Government Devices
read more Advertise on IT Security News. Read the complete article: U.S. Senators Seek to Ban TikTok on Government Devices
House Strikes Deal to Extend Surveillance Powers
House lawmakers prepared to extend surveillance authorities that expire this month, releasing legislation that represents a rare bipartisan agreement after members of both parties said they wanted to ensure the tools preserved civil liberties. read more Advertise on IT…
‘Cookiethief’ Android Malware Hijacks Facebook Accounts
A recently discovered Android Trojan was designed to gain root access on infected devices and hijack Facebook accounts by stealing cookies from the browser and the social media app. read more Advertise on IT Security News. Read the complete…
Currency Data Provider ‘Open Exchange Rates’ Discloses Breach
Currency data provider Open Exchange Rates has started informing customers that their information was likely stolen by hackers. read more Advertise on IT Security News. Read the complete article: Currency Data Provider ‘Open Exchange Rates’ Discloses Breach
Facebook Takedowns Reveal Sophistication of Russian Trolls
Facebook and Twitter revealed evidence Thursday suggesting that Russian efforts to interfere in the U.S. presidential election are getting more sophisticated and harder to detect. The companies said they have removed dozens of fake accounts and pages from their services.…
Out-of-Band Windows Updates Patch Wormable SMB Vulnerability
Microsoft has released out-of-band updates for Windows to patch a critical remote code execution vulnerability in Server Message Block 3.0 (SMBv3) that has been described as “wormable.” read more Advertise on IT Security News. Read the complete article: Out-of-Band…
Google Releases Tool to Block USB Keystroke Injection Attacks
Google has released a new software tool designed to identify potential USB keystroke injection attacks and block devices they originate from. read more Advertise on IT Security News. Read the complete article: Google Releases Tool to Block USB Keystroke…
Russia-Linked Turla Cyberspies Add More Malware to Arsenal
The Russia-linked threat group known as Turla was observed using two new pieces of malware in attacks launched over a period of roughly two months in the fall of 2019, ESET reports. read more Advertise on IT Security News.…
Several Vulnerabilities Expose Phoenix Contact Industrial 4G Routers to Attacks
Several potentially serious vulnerabilities have been discovered in some of the industrial 4G routers made by Phoenix Contact, a Germany-based provider of industrial automation, connectivity and interface solutions. read more Advertise on IT Security News. Read the complete article:…
Auth0 Adds Threat Intelligence Tools to Identification Platform
Identity management firm Auth0 has launched Auth0 Signals, a collection of threat intelligence tools and capabilities designed to protect customers from identity attacks. read more Advertise on IT Security News. Read the complete article: Auth0 Adds Threat Intelligence Tools…
Vulnerability Prompts Avast to Disable Emulator Used by Antivirus
Avast this week disabled a JavaScript interpreter that is part of its antivirus product, after a security researcher discovered a vulnerability that could potentially lead to remote code execution. The JavaScript interpreter was found to run unsandboxed, thus potentially exposing…
Tech Must Be Treated Like Tobacco, Says Facebook Whistleblower
Facebook and other tech companies need to be regulated like the tobacco industry, warned Christopher Wylie, the whistleblower who exposed the Cambridge Analytica scandal. read more Advertise on IT Security News. Read the complete article: Tech Must Be Treated…
Google Offering Higher Bonuses for Cloud Platform Vulnerabilities
Google announced on Wednesday that it’s prepared to pay out an extra $313,337 for interesting Cloud Platform vulnerabilities submitted in 2020. read more Advertise on IT Security News. Read the complete article: Google Offering Higher Bonuses for Cloud Platform…
Intel Patches 27 Vulnerabilities Across Product Portfolio
Intel this week released patches for more than two dozen vulnerabilities impacting graphics drivers, FPGA, processors NUC, BlueZ, and other products. read more Advertise on IT Security News. Read the complete article: Intel Patches 27 Vulnerabilities Across Product Portfolio
Critical Vulnerabilities in SAP Solution Manager Expose Companies to Attacks
SAP on Tuesday released 16 security notes and two updates to previously released patches as part of its March 2020 Security Patch Day, with three of the new notes rated hot news. read more Advertise on IT Security News.…
US Needs Top Cyber Coordinator, Better Hacker ‘Deterrence’: Panel
The US needs a top-level cybersecurity coordinator and a better strategy of “deterrence” to protect against hackers and other cyber threats, a congressionally mandated commission said Wednesday. read more Advertise on IT Security News. Read the complete article: US…
Tens of Vulnerabilities Expose WAGO Controllers, HMI Panels to Attacks
Tens of vulnerabilities discovered by Cisco Talos researchers in WAGO products expose some of the company’s controllers and human-machine interface (HMI) panels to remote attacks. read more Advertise on IT Security News. Read the complete article: Tens of Vulnerabilities…
Firefox 74 Patches Vulnerabilities, Disables TLS 1.0 and 1.1
Mozilla this week released Firefox 74 to the stable channel with several security improvements, including patches, a new add-ons policy, improved privacy, and versions 1.0 and 1.1 of the Transport Layer Security (TLS) protocol disabled by default. read more …
SOC-as-a-Service Specialist Arctic Wolf Raises $60 Million
Sunnyvale, Calif-based Arctic Wolf Networks has raised $60 million in a Series D funding round led by Blue Cloud Ventures and Stereo Capital. This brings the total raised to date to $148.2 million. read more Advertise on IT Security…
Dating App Maker Match Group Backs US Bill Seen as Privacy Threat
Match Group, the parent company of dating apps such as Tinder, on Tuesday publicly endorsed a US bill others in the tech industry fear will erode online privacy and speech in the name of fighting child abuse. read more …
Avast AntiTrack Flaw Allows MitM Attacks on HTTPS Traffic
A vulnerability in Avast’s anti-tracking solution could allow malicious actors to perform man-in-the-middle (MitM) attacks on HTTPS traffic, a security researcher has discovered. The security flaw, which impacts both Avast and AVG AntiTrack, as they share underlying code, resides in…