Cybersecurity News
Microsoft August 2020 Patch Tuesday fixes 120 vulnerabilities, two zero-days
Microsoft says attackers have used a Windows zero-day to spoof file signatures and another RCE in the Internet Explorer scripting engine to execute code on users' devices.11 August 2020
Is Edtech the Greatest APT?
Educational technology is critical but can come at huge costs to student and teacher privacy and security. Are those costs too high?11 August 2020
Critical Adobe Acrobat and Reader Bugs Allow RCE
Adobe patched critical and important-severity flaws tied to 26 CVEs in Acrobat and Reader.
11 August 2020
EU-US Privacy Shield Dissolution: What Happens Next?
In a world that isn't private by design, security and liability implications for US-based cloud companies are huge.11 August 2020
Threema joins the ranks of E2EE chat apps that support encrypted video calls
Other E2E chat apps that support encrypted video calls include Signal, WhatsApp, Wickr, and Wire.11 August 2020
Twitter working to fix issue with 2FA feature
An apparent glitch is preventing a number of users from signing into their accounts
The post Twitter working to fix issue with 2FA feature appeared first on WeLiveSecurity
11 August 2020
Cybersecurity Skills Gap Worsens, Fueled by Lack of Career Development
The fundamental causes for the skill gap are myriad, starting with a lack of training and career-development opportunities.
11 August 2020
Zero-Trust Security 101
What are the fundamental spirit and tenets of zero-trust architecture, boiled down, without the marketing speak?
11 August 2020
Mozilla lays off 250 employees while it refocuses on commercial products
Mozilla: "Our pre-COVID plan is no longer workable."11 August 2020
Samsung Quietly Fixes Critical Galaxy Flaws Allowing Spying, Data Wiping
Four critical-severity flaws were recently disclosed in the Find My Mobile feature of Samsung Galaxy smartphones, which if exploited could allow attackers to force a factory reset on the phones or spy on users.
11 August 2020
How to Help Spoil the Cybercrime Economy
Cybercrime increasingly is turning into a commodity. Stolen PII data and hijacked cloud accounts especially propel the spread, research shows.11 August 2020
Researcher Publishes Bypass for Patch for vBulletin 0-Day Flaw
Three separate proof-of-concepts on Bash, Python and Ruby posted to outsmart fix issued last year to remedy pre-auth RCE bug.
11 August 2020
17 Essential Stats About the State of Consumer Privacy
These illuminating numbers offer a glimpse into current consumer attitudes and enterprise readiness for protecting their customers' personal data.
11 August 2020
Gamifying Password Training Shows Security Benefits
When picking passwords, users often fall back on certain insecure patterns, but good habits can be learned using simple games, a group of researchers find.10 August 2020
Hacking It as a CISO: Advice for Security Leadership
A security leader shares tips for adopting a CISO mindset, creating risk management strategies, and "selling infosec" to IT and executives.10 August 2020
Google Fixes Mysterious Audio Recording Blip in Smart Speakers
Google Home devices reportedly recorded noises even without the "Hey Google" prompt due to the inadvertent rollout of a home security system feature.
10 August 2020
Better Business Bureau Warns of New Visa Scam
Visa limitations due to the novel coronavirus have given rise to a wave of scams aimed at visa-seekers.10 August 2020
Can I Use the Same Security Tools on My IT and OT?
You can quit worrying about IT tools in the OT environment.
10 August 2020
Security researcher publishes details and exploit code for a vBulletin zero-day
Proof-of-concept exploit code available in Bash, Python, and Ruby.10 August 2020
Google Chrome Browser Bug Exposes Billions of Users to Data Theft
The vulnerability allows attackers to bypass Content Security Policy (CSP) protections and steal data from website visitors.
10 August 2020
