Cybersecurity News


Spyware Labeled ‘TikTok Pro’ Exploits Fears of US Ban

Spyware Labeled ‘TikTok Pro’ Exploits Fears of US Ban Malware can take over common device functions as well as creates a phishing page to steal Facebook credentials.
09 September 2020

Weave Scope is now being exploited in attacks against cloud environments

The legitimate cloud infrastructure monitoring tool has been added to attacker arsenals.
09 September 2020

Adobe Experience Manager, InDesign, Framemaker receive fixes for critical bugs in new update

The worst issues can lead to code and browser-based JavaScript execution.
09 September 2020

Next-Gen Firewalls 101: Not Just a Buzzword

Next-Gen Firewalls 101: Not Just a Buzzword In a rare twist, "next-gen" isn't just marketing-speak when it comes to next-gen firewalls, which function differently than traditional gear and may enable you to replace a variety of devices.
08 September 2020

Microsoft Patch Tuesday, Sept. 2020 Edition

Microsoft today released updates to remedy nearly 130 security vulnerabilities in its Windows operating system and supported software. None of the flaws are known to be currently under active exploitation, but 23 of them could be exploited by malware or malcontents to seize complete control of Windows computers with little or no help from users.
08 September 2020

Microsoft Fixes 129 Vulnerabilities for September's Patch Tuesday

This month's Patch Tuesday brought fixes for 23 critical vulnerabilities, including a notable flaw in Microsoft Exchange.
08 September 2020

Microsoft’s Patch Tuesday Packed with Critical RCE Bugs

Microsoft’s Patch Tuesday Packed with Critical RCE Bugs The most concerning of the disclosed bugs would allow an attacker to take over Microsoft Exchange just by sending an email.
08 September 2020

Critical Intel Active Management Technology Flaw Allows Privilege Escalation

Critical Intel Active Management Technology Flaw Allows Privilege Escalation The critical Intel vulnerability could allow unauthenticated attackers gain escalated privileges on Intel vPro corporate systems.
08 September 2020

WordPress Plug-in Has Critical Zero-Day

The vulnerability in WordPress File Manager could allow a malicious actor to take over the victim's website.
08 September 2020

Google Cloud Expands Confidential Computing Lineup

Google plans to build out its Confidential Computing portfolio with the launch of Confidential GKE Nodes for Kubernetes workloads.
08 September 2020

VPNs: The Cyber Elephant in the Room

While virtual private networks once boosted security, their current design doesn't fulfill the evolving requirements of today's modern enterprise.
08 September 2020

Microsoft September 2020 Patch Tuesday fixes 129 vulnerabilities

Twenty critical remote code execution bugs have been patched this month, including in Windows and SharePoint enterprise servers.
08 September 2020

Women in Payments: Q&A with Julie Krueger

 

When Julie Krueger graduated from college 35 years ago, only five percent of her electrical engineering class were women. Today, that number has improved, but not nearly enough. In this month’s blog series, Krueger encourages women to persist no matter what.

08 September 2020

Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers

Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers Five critical cross-site scripting flaws were fixed by Adobe in Experience Manager as part of its regularly scheduled patches.
08 September 2020

City of Hartford postpones first day of school after ransomware attack

Ransomware attack impacted the IT system that the school district uses to manage school buses and transportation routes.
08 September 2020

Cryptobugs Found in Numerous Google Play Store Apps

Cryptobugs Found in Numerous Google Play Store Apps A new dynamic tool developed by Columbia University researchers flagged cryptography mistakes made in more than 300 popular Android apps.
08 September 2020

Post-COVID-19 Cybersecurity Spending Update

Post-COVID-19 Cybersecurity Spending Update Security spending growth will slow in 2020, but purse strings are looser than for other areas of IT.
08 September 2020

Bug in Google Maps Opened Door to Cross-Site Scripting Attacks

Bug in Google Maps Opened Door to Cross-Site Scripting Attacks A researcher discovered a cross-site scripting flaw in Google Map's export function, which earned him $10,000 in bug bounty rewards.
08 September 2020

8 Frequently Asked Questions on Organizations' Data Protection Programs

Adherence to data protection regulations requires a multidisciplinary approach that has the commitment of all employees. Expect to be asked questions like these.
08 September 2020

Researcher reveals Google Maps XSS bug, patch bypass

The bounty was doubled after the bug bounty hunter realized the original fix had failed.
08 September 2020