Cybersecurity News
FireEye Cyberattack Compromises Red-Team Security Tools
An attacker stole FireEye's Red Team assessment tools that the company uses to test its customers’ security.08 December 2020
FireEye, one of the world's largest security firms, discloses security breach
FireEye suspects it was the victim of a nation-state actor.08 December 2020
Microsoft Fixes 58 CVEs for December Patch Tuesday
The last Patch Tuesday of 2020 brings fixes for Critical vulnerabilities in Microsoft SharePoint and Exchange.08 December 2020
Divers Pull Rare Surviving WWII Enigma Cipher Machine from Bottom of the Baltic
This sealogged Nazi machine will undergo restoration.08 December 2020
Microsoft Wraps Up a Lighter Patch Tuesday for the Holidays
Nine critical bugs and 58 overall fixes mark the last scheduled security advisory of 2020.08 December 2020
Apple Manufacturer Foxconn Confirms Cyberattack
Manufacturing powerhouse confirmed North American operations impacted by November cyberattack.08 December 2020
The Internal Revenue Service expands identity protection to all tax‑payers
U.S. tax-payers will be able to enroll in the Identity Protection PIN program that was previously available only to certain users starting mid-January.
The post The Internal Revenue Service expands identity protection to all tax‑payers appeared first on WeLiveSecurity
08 December 2020
Dragos Nets $110M in Series C Led by Major Global Energy, Manufacturing, Oil & Gas Company Investors
National Grid Partners, Saudi Aramco Energy Ventures, and Hewlett Packard Enterprise led the latest funding round for the ICS/OT security company.08 December 2020
Gula Tech Foundation to Award $1M in Grants to Infosec Nonprofits
The first Gula Tech Foundation competitive grant program will focus on increasing African American engagement in cybersecurity.08 December 2020
The Remote-Work Transition Shifts Demand for Cyber Skills
According to Cyberseek, an interactive mapping tool that tracks the current state of the security job market, there are more than half a million open cybersecurity positions available in the U.S. alone (522,000).08 December 2020
Why Compliance Is No Longer King for Financial Services Cybersecurity
Financial services companies' experience in risk management serves them well when it comes to minimizing their cyber-risk.08 December 2020
Microsoft December 2020 Patch Tuesday fixes 58 vulnerabilities
Fixes for 22 remote code execution vulnerabilities included in this month's patches.08 December 2020
Fortinet Purchases Panopta
The acquisition is intended to improve the visibility and automated response capabilities of Fortinet's Security Fabri.08 December 2020
Keeping Cyber Secure at Christmas
Sylvain Cortes, Security Evangelist and cybersecurity expert at Alsid, highlights the need for security departments to raise awareness through their organizations over cyber threats this Christmas.08 December 2020
GitHub rolls out dependency review, vulnerability alerts for pull requests
The aim is to prevent vulnerable code from being added to dependencies by accident.08 December 2020
A Q&A with Gill Woodcock, VP, Global Head of Programs
After more than 10 years at PCI Security Standards Council (PCI SSC), Gill Woodcock, VP, Global Head of Programs, retires this month. In this blog, we interviewed Gill about her career in IT security and the payments industry, the most rewarding aspects of her job, and why she believes lifelong learning and taking the occasional risk are the key ingredients to success.
08 December 2020
Critical, Unpatched Bug Opens GE Radiological Devices to Remote Code Execution
A CISA alert is flagging a critical default credentials issue that affects 100+ types of devices found in hospitals, from MRI machines to surgical imaging.08 December 2020
Accounts with default creds found in 100+ GE medical device models
GE Healthcare is embarking on a massive effort to help healthcare providers reconfigure vulnerable devices.08 December 2020
Adobe Warns Windows, macOS Users of Critical-Severity Flaws
Adobe fixed three critical-severity flaws in Adobe Prelude, Adobe Experience Manager and Adobe Lightroom.08 December 2020
Attackers Know Microsoft 365 Better Than You Do
Users have taken to Microsoft Office 365's tools, but many are unaware of free features that come with their accounts -- features that would keep them safe.08 December 2020