Cybersecurity News


Dragos Nets $110M in Series C Led by Major Global Energy, Manufacturing, Oil & Gas Company Investors

National Grid Partners, Saudi Aramco Energy Ventures, and Hewlett Packard Enterprise led the latest funding round for the ICS/OT security company.
08 December 2020

Gula Tech Foundation to Award $1M in Grants to Infosec Nonprofits

The first Gula Tech Foundation competitive grant program will focus on increasing African American engagement in cybersecurity.
08 December 2020

The Remote-Work Transition Shifts Demand for Cyber Skills

The Remote-Work Transition Shifts Demand for Cyber Skills According to Cyberseek, an interactive mapping tool that tracks the current state of the security job market, there are more than half a million open cybersecurity positions available in the U.S. alone (522,000).
08 December 2020

Why Compliance Is No Longer King for Financial Services Cybersecurity

Financial services companies' experience in risk management serves them well when it comes to minimizing their cyber-risk.
08 December 2020

Microsoft December 2020 Patch Tuesday fixes 58 vulnerabilities

Fixes for 22 remote code execution vulnerabilities included in this month's patches.
08 December 2020

Fortinet Purchases Panopta

The acquisition is intended to improve the visibility and automated response capabilities of Fortinet's Security Fabri.
08 December 2020

Keeping Cyber Secure at Christmas

Keeping Cyber Secure at Christmas Sylvain Cortes, Security Evangelist and cybersecurity expert at Alsid, highlights the need for security departments to raise awareness through their organizations over cyber threats this Christmas.
08 December 2020

GitHub rolls out dependency review, vulnerability alerts for pull requests

The aim is to prevent vulnerable code from being added to dependencies by accident.
08 December 2020

A Q&A with Gill Woodcock, VP, Global Head of Programs

 

After more than 10 years at PCI Security Standards Council (PCI SSC), Gill Woodcock, VP, Global Head of Programs, retires this month. In this blog, we interviewed Gill about her career in IT security and the payments industry, the most rewarding aspects of her job, and why she believes lifelong learning and taking the occasional risk are the key ingredients to success.

08 December 2020

Critical, Unpatched Bug Opens GE Radiological Devices to Remote Code Execution

Critical, Unpatched Bug Opens GE Radiological Devices to Remote Code Execution A CISA alert is flagging a critical default credentials issue that affects 100+ types of devices found in hospitals, from MRI machines to surgical imaging.
08 December 2020

Accounts with default creds found in 100+ GE medical device models

GE Healthcare is embarking on a massive effort to help healthcare providers reconfigure vulnerable devices.
08 December 2020

Adobe Warns Windows, macOS Users of Critical-Severity Flaws

Adobe Warns Windows, macOS Users of Critical-Severity Flaws Adobe fixed three critical-severity flaws in Adobe Prelude, Adobe Experience Manager and Adobe Lightroom.
08 December 2020

Attackers Know Microsoft 365 Better Than You Do

Users have taken to Microsoft Office 365's tools, but many are unaware of free features that come with their accounts -- features that would keep them safe.
08 December 2020

Norway says Russian hacking group APT28 is behind August 2020 Parliament hack

Russian hackers breached the Norway's Parliament email accounts in August this year.
08 December 2020

Spearphishing Attack Spoofs Microsoft.com to Target 200M Office 365 Users

Spearphishing Attack Spoofs Microsoft.com to Target 200M Office 365 Users It remains unknown as to why Microsoft is allowing a spoof of their very own domain against their own email infrastructure.
08 December 2020

Amnesia:33 vulnerabilities impact millions of smart and industrial devices

Security researchers have identified 33 security flaws in four open-source TCP/IP stacks used across a wide range of smart products.
08 December 2020

‘Amnesia:33’ TCP/IP Flaws Affect Millions of IoT Devices

‘Amnesia:33’ TCP/IP Flaws Affect Millions of IoT Devices A new set of vulnerabilities has been discovered affecting millions of routers and IoT and OT devices from more than 150 vendors, new research warns.
08 December 2020

Police officer abused vehicle database to track down women drivers

A court dismissed the idea that he did so to contact women for an Instagram comic project, or that this is in any way justifiable.
08 December 2020

Phishing Campaign Targets 200M Microsoft 365 Accounts

A well-organized email spoofing campaign has been seen targeting financial services, insurance, healthcare, manufacturing, utilities, and telecom.
07 December 2020

NSA Warns: Patched VMware Bug Under Active Exploit

NSA Warns: Patched VMware Bug Under Active Exploit Feds are warning that foreign adversaries are exploiting a weeks-old bug in VMware’s Workspace One Access and VMware Identity Manager products.
07 December 2020