Cybersecurity News


Two 0-Days Under Active Attack, Among 120 Bugs Patched by Microsoft

Two 0-Days Under Active Attack, Among 120 Bugs Patched by Microsoft One of the two zero-day bugs is rated ‘critical’ and is classified as a remote code-execution bug impacting Microsoft’s Internet Explorer.
11 August 2020

Developers Need More Usable Static Code Scanners to Head Off Security Bugs

As companies "shift left" -- pushing more responsibility for security onto developers -- the tools that are available are falling short, usability researchers say.
11 August 2020

Microsoft Patch Tuesday, August 2020 Edition

Microsoft today released updates to plug at least 120 security holes in its Windows operating systems and supported software, including two newly discovered vulnerabilities that are actively being exploited. Yes, good people of the Windows world, it's time once again to backup and patch up!
11 August 2020

Critical Intel Flaw Afflicts Several Motherboards, Server Systems, Compute Modules

Critical Intel Flaw Afflicts Several Motherboards, Server Systems, Compute Modules A critical privilege-escalation flaw affects several popular Intel motherboards, server systems and compute modules.
11 August 2020

Symmetry Systems Emerges from Stealth

Company behind Data Store and Object Security (DSOS) becomes public knowledge following a $3 million seed round of funding.
11 August 2020

Zoom Vulnerabilities Demonstrated in DEF CON Talk

A security researcher demonstrated multiple vulnerabilities, two of which could let an attacker read and steal user data.
11 August 2020

Microsoft August 2020 Patch Tuesday fixes 120 vulnerabilities, two zero-days

Microsoft says attackers have used a Windows zero-day to spoof file signatures and another RCE in the Internet Explorer scripting engine to execute code on users' devices.
11 August 2020

Is Edtech the Greatest APT?

Educational technology is critical but can come at huge costs to student and teacher privacy and security. Are those costs too high?
11 August 2020

Critical Adobe Acrobat and Reader Bugs Allow RCE

Critical Adobe Acrobat and Reader Bugs Allow RCE Adobe patched critical and important-severity flaws tied to 26 CVEs in Acrobat and Reader.
11 August 2020

EU-US Privacy Shield Dissolution: What Happens Next?

In a world that isn't private by design, security and liability implications for US-based cloud companies are huge.
11 August 2020

Threema joins the ranks of E2EE chat apps that support encrypted video calls

Other E2E chat apps that support encrypted video calls include Signal, WhatsApp, Wickr, and Wire.
11 August 2020

Cybersecurity Skills Gap Worsens, Fueled by Lack of Career Development

Cybersecurity Skills Gap Worsens, Fueled by Lack of Career Development The fundamental causes for the skill gap are myriad, starting with a lack of training and career-development opportunities.
11 August 2020

Zero-Trust Security 101

Zero-Trust Security 101 What are the fundamental spirit and tenets of zero-trust architecture, boiled down, without the marketing speak?
11 August 2020

Mozilla lays off 250 employees while it refocuses on commercial products

Mozilla: "Our pre-COVID plan is no longer workable."
11 August 2020

Samsung Quietly Fixes Critical Galaxy Flaws Allowing Spying, Data Wiping

Samsung Quietly Fixes Critical Galaxy Flaws Allowing Spying, Data Wiping Four critical-severity flaws were recently disclosed in the Find My Mobile feature of Samsung Galaxy smartphones, which if exploited could allow attackers to force a factory reset on the phones or spy on users.
11 August 2020

How to Help Spoil the Cybercrime Economy

Cybercrime increasingly is turning into a commodity. Stolen PII data and hijacked cloud accounts especially propel the spread, research shows.
11 August 2020

Researcher Publishes Bypass for Patch for vBulletin 0-Day Flaw

Researcher Publishes Bypass for Patch for vBulletin 0-Day Flaw Three separate proof-of-concepts on Bash, Python and Ruby posted to outsmart fix issued last year to remedy pre-auth RCE bug.
11 August 2020

17 Essential Stats About the State of Consumer Privacy

17 Essential Stats About the State of Consumer Privacy These illuminating numbers offer a glimpse into current consumer attitudes and enterprise readiness for protecting their customers' personal data.
11 August 2020

Gamifying Password Training Shows Security Benefits

When picking passwords, users often fall back on certain insecure patterns, but good habits can be learned using simple games, a group of researchers find.
10 August 2020

Hacking It as a CISO: Advice for Security Leadership

A security leader shares tips for adopting a CISO mindset, creating risk management strategies, and "selling infosec" to IT and executives.
10 August 2020