Cybersecurity News


Open-Source Developers Still Not Interested in Secure Coding

Security and development are still two different worlds, with open-source developers resistant to spending time finding and fixing vulnerabilities.
08 December 2020

Nation-State Hackers Breached FireEye, Stole Its Red Team Tools

"Novel techniques" used by the attackers cheated security tools and forensics, according to FireEye CEO Kevin Mandia.
08 December 2020

FireEye Cyberattack Compromises Red-Team Security Tools

FireEye Cyberattack Compromises Red-Team Security Tools An attacker stole FireEye's Red Team assessment tools that the company uses to test its customers’ security.
08 December 2020

FireEye, one of the world's largest security firms, discloses security breach

FireEye suspects it was the victim of a nation-state actor.
08 December 2020

Microsoft Fixes 58 CVEs for December Patch Tuesday

The last Patch Tuesday of 2020 brings fixes for Critical vulnerabilities in Microsoft SharePoint and Exchange.
08 December 2020

Divers Pull Rare Surviving WWII Enigma Cipher Machine from Bottom of the Baltic

Divers Pull Rare Surviving WWII Enigma Cipher Machine from Bottom of the Baltic This sealogged Nazi machine will undergo restoration.
08 December 2020

Microsoft Wraps Up a Lighter Patch Tuesday for the Holidays

Microsoft Wraps Up a Lighter Patch Tuesday for the Holidays Nine critical bugs and 58 overall fixes mark the last scheduled security advisory of 2020.
08 December 2020

Apple Manufacturer Foxconn Confirms Cyberattack

Apple Manufacturer Foxconn Confirms Cyberattack Manufacturing powerhouse confirmed North American operations impacted by November cyberattack.
08 December 2020

The Internal Revenue Service expands identity protection to all tax‑payers

U.S. tax-payers will be able to enroll in the Identity Protection PIN program that was previously available only to certain users starting mid-January.

The post The Internal Revenue Service expands identity protection to all tax‑payers appeared first on WeLiveSecurity

08 December 2020

Dragos Nets $110M in Series C Led by Major Global Energy, Manufacturing, Oil & Gas Company Investors

National Grid Partners, Saudi Aramco Energy Ventures, and Hewlett Packard Enterprise led the latest funding round for the ICS/OT security company.
08 December 2020

Gula Tech Foundation to Award $1M in Grants to Infosec Nonprofits

The first Gula Tech Foundation competitive grant program will focus on increasing African American engagement in cybersecurity.
08 December 2020

The Remote-Work Transition Shifts Demand for Cyber Skills

The Remote-Work Transition Shifts Demand for Cyber Skills According to Cyberseek, an interactive mapping tool that tracks the current state of the security job market, there are more than half a million open cybersecurity positions available in the U.S. alone (522,000).
08 December 2020

Why Compliance Is No Longer King for Financial Services Cybersecurity

Financial services companies' experience in risk management serves them well when it comes to minimizing their cyber-risk.
08 December 2020

Microsoft December 2020 Patch Tuesday fixes 58 vulnerabilities

Fixes for 22 remote code execution vulnerabilities included in this month's patches.
08 December 2020

Fortinet Purchases Panopta

The acquisition is intended to improve the visibility and automated response capabilities of Fortinet's Security Fabri.
08 December 2020

Keeping Cyber Secure at Christmas

Keeping Cyber Secure at Christmas Sylvain Cortes, Security Evangelist and cybersecurity expert at Alsid, highlights the need for security departments to raise awareness through their organizations over cyber threats this Christmas.
08 December 2020

GitHub rolls out dependency review, vulnerability alerts for pull requests

The aim is to prevent vulnerable code from being added to dependencies by accident.
08 December 2020

A Q&A with Gill Woodcock, VP, Global Head of Programs

 

After more than 10 years at PCI Security Standards Council (PCI SSC), Gill Woodcock, VP, Global Head of Programs, retires this month. In this blog, we interviewed Gill about her career in IT security and the payments industry, the most rewarding aspects of her job, and why she believes lifelong learning and taking the occasional risk are the key ingredients to success.

08 December 2020

Critical, Unpatched Bug Opens GE Radiological Devices to Remote Code Execution

Critical, Unpatched Bug Opens GE Radiological Devices to Remote Code Execution A CISA alert is flagging a critical default credentials issue that affects 100+ types of devices found in hospitals, from MRI machines to surgical imaging.
08 December 2020

Accounts with default creds found in 100+ GE medical device models

GE Healthcare is embarking on a massive effort to help healthcare providers reconfigure vulnerable devices.
08 December 2020