Cybersecurity News
Microsoft patches actively exploited Windows kernel flaw
This month’s relatively humble bundle of security updates fixes 56 vulnerabilities, including a zero-day bug and 11 flaws rated as critical
The post Microsoft patches actively exploited Windows kernel flaw appeared first on WeLiveSecurity
Zero Trust in the Real World
Those who are committed to adopting the concept have the opportunity to make a larger business case for it across the organization, working with executive leaders to implement a zero-trust framework across the entire enterprise.Intel Squashes High-Severity Graphics Driver Flaws
Intel is warning on security bugs across its graphics drivers, server boards, compute modules and modems.
Paving the way: Inspiring Women in Payments - A podcast featuring Angel Grant
When she’s not perfecting her lock-picking skills, Angel Grant is busy building a diverse team who have the right attributes for the dynamic world of technology. In this edition of our podcast series, Angel explains that since your future job probably doesn’t exist yet, the keys to success are your transferrable skills.
Multivector Attacks Demand Security Controls at the Messaging Level
As a Google-identified attack reveals, security teams need to look beyond VPNs and network infrastructure to the channels where social engineering takes place.Authorities arrest SIM swapping gang that targeted celebrities
Eight men were arrested in England and Scotland as part of an investigation into a series of SIM swapping attacks targeting US celebrities.The time for Insider Risk Management is now: Code42 2021 Data Exposure Report Reveals a Perfect Storm
The Code42 2021 Data Exposure Report highlights the need to adopt a new approach to data security and invest in modern Insider Risk technology.
Supply-Chain Hack Breaches 35 Companies, Including PayPal, Microsoft, Apple
Ethical hacker Alex Birsan developed a way to inject malicious code into open-source developer tools to exploit dependencies in organizations internal applications.
Investor data breach 'fatigue' reduces Wall Street punishment for cybersecurity failures
As data breaches are now common, acceptance now lessens the impact on share prices.Adobe patches wave of critical bugs in Magento, Acrobat, Reader
Some of the vulnerabilities were reported through a hacking contest.Microsoft warns enterprises of new 'dependency confusion' attack technique
New "dependency confusion" technique, also known as a "substitution attack," allows threat actors to sneak malicious code inside private code repositories by registering internal library names on public package indexes.Microsoft Patch Tuesday, February 2021 Edition
Microsoft today rolled out updates to plug at least 56 security holes in its Windows operating systems and other software. One of the bugs is already being actively exploited, and six of them were publicized prior to today, potentially giving attackers a head start in figuring out how to exploit the flaws.Actively Exploited Windows Kernel EoP Bug Allows Takeover
Microsoft addressed 56 security vulnerabilities for February Patch Tuesday -- including 11 critical and six publicly known. And, it continued to address the Zerologon bug.
Google Play Boots Barcode Scanner App After Ad Explosion
A barcode scanner with 10 million downloads is removed from Google Play marketplace after ad blitz hits phones.
Florida Water Utility Hack Highlights Risks to Critical Infrastructure
The intrusion also shows how redundancy and detection can minimize damage and reduce impact to the population.Microsoft Fixes Windows Zero-Day in Patch Tuesday Rollout
Microsoft's monthly security fixes addressed a Win32k zero-day, six publicly known flaws, and three bugs in the Windows TCP/IP stack.Fears over DNA privacy as 23andMe goes public in deal with Richard Branson
Genetic testing company with 10 million customers’ data has ‘huge cybersecurity implications’
The genetic testing company 23andMe will go public through a partnership with a firm backed by the billionaire Richard Branson, in a deal that has raised fresh privacy questions about the information of millions of customers.
Launched in 2006, 23andMe sells tests to determine consumers’ genetic ancestry and risk of developing certain illnesses, using saliva samples sent in by mail.
Related: Your DNA is a valuable asset, so why give it to ancestry websites for free? | Laura Spinney
Continue reading...Attackers Exploit Critical Adobe Flaw to Target Windows Users
A critical vulnerability in Adobe Reader has been exploited in "limited attacks."