Cybersecurity News
McAfee Raises $740M in Second IPO
The security software giant and its investors sold 37 million shares priced at $20 each, putting McAfee's value around $8.6 billion.22 October 2020
Making a Difference: Global Payments
The PCI Security Standards Council (PCI SSC) recently announced the nomination period for the next PCI SSC Board of Advisors. The Board of Advisors represents PCI SSC Participating Organizations worldwide to ensure global industry involvement in the development of PCI Security Standards. As strategic partners, they bring industry, geographical and technical insight to PCI Council plans and projects. In this post, we talk with 2018 - 2020 PCI SSC Board of Advisor Member Stacy Hughes, Chief Information Security Officer, at Global Payments about the role of the PCI SSC Board of Advisors in shaping payment security globally.
22 October 2020
Firefox 'Site Isolation' feature enters user testing, expected next year
Users can test Firefox Site Isolation in Nightly builds.22 October 2020
Need for 'Guardrails' in Cloud-Native Applications Intensifies
With more organizations shifting to cloud services in the pandemic, experts say the traditionally manual process of securing them will be replaced by automated tools in 2021 and beyond.22 October 2020
Implementing Proactive Cyber Controls in OT: Myths vs. Reality
Debunking the myths surrounding the implementation of proactive cyber controls in operational technology.22 October 2020
Feds: Iran Behind ‘Proud Boys’ Email Attacks on Democratic Voters
Messages that threaten people to ‘vote for Trump or else’ are part of foreign adversaries’ attempts to interfere with the Nov. 3 election, according to feds.
22 October 2020
New Windows RAT can be controlled via a Telegram channel
New RAT shows a rising trend in the cybercrime underground, with more malware being released with control-by-Telegram features.22 October 2020
SEC issues Kik $5 million penalty over illegal cryptocurrency offering
The US regulator alleged that Kik’s ICO flouted investment and securities law.22 October 2020
US blames Iran for spoofed Proud Boys emails threatening Democrat voters
US claims Iran is behind a wave of emails purporting to be from right-wing Proud Boys group that threatened registered Democrat voters with repercussions if they didn't vote for Trump.21 October 2020
FIRST Announces Cyber-Response Ethical Guidelines
The 12 points seek to provide security professionals with advice on ethical behavior during incident response.21 October 2020
Oracle Releases Another Mammoth Security Patch Update
October's CPU contains 402 patches for vulnerabilities across 29 product sets, many of which are remotely executable without the need for authentication.21 October 2020
Ubiq Rolls Out Encryption-as-a-Service Platform Aimed at Developers
A few lines of code and two API calls is all that it takes for developers to add encryption to their applications, startup says.21 October 2020
Bug Parade: NSA Warns on Cresting China-Backed Cyberattacks
The Feds have published a Top 25 exploits list, rife with big names like BlueKeep, Zerologon and other notorious security vulnerabilities.
21 October 2020
As Smartphones Become a Hot Target, Can Mobile EDR Help?
Lookout Security debuts a mobile endpoint detection and response offering that will integrate into its mobile security platform.21 October 2020
Cisco Warns of Severe DoS Flaws in Network Security Software
The majority of the bugs in Cisco’s Firepower Threat Defense (FTD) and Adaptive Security Appliance (ASA) software can enable denial of service (DoS) on affected devices.
21 October 2020
Dealing With Insider Threats in the Age of COVID
Dangerous gray areas like new BYOD policies and shadow IT devices have increased, thanks to the rapid shift to remote working.21 October 2020
Oracle Kills 402 Bugs in Massive October Patch Update
Over half of Oracle's flaws in its quarterly patch update can be remotely exploitable without authentication; 65 are critical, and two have CVSS scores of 10 out of 10.
21 October 2020
How AI Will Supercharge Spear-Phishing
To keep pace with intelligent, unpredictable threats, cybersecurity will have to adopt an intelligent security of its own.
21 October 2020
IASME Consortium to Kick-start New IoT Assessment Scheme
The IASME Consortium has been awarded a DCMS grant, enabling the UK organization to kick-start an Internet of Things (IoT) assessment scheme. IASME is looking for manufacturers interested in getting their IoT device certified cyber secure for free via the new pilot scheme.21 October 2020
WordPress deploys forced security update for dangerous bug in popular plugin
More than one million WordPress sites were running a vulnerable version of the Loginizer plugin.21 October 2020