Cybersecurity News


Threats vs. Thrift: Running Effective AppSec During a Global Crisis

By looking at security testing capacity, staff expertise, and risks throughout the software supply chain, application security teams can improve their overall effectiveness.
12 August 2020

Kr00k, KRACK, and the Seams in Wi-Fi, IoT Encryption

Black Hat talk expands on research that uncovered more weaknesses in Wi-Fi chips allowing for the unauthorized decryption of traffic.
12 August 2020

TikTok Surreptitiously Collected Android User Data Using Google-Prohibited Tactic

TikTok Surreptitiously Collected Android User Data Using Google-Prohibited Tactic App concealed the practice of gathering device unique identifiers using an added layer of encryption.
12 August 2020

Adobe tackles critical code execution vulnerabilities in Acrobat, Reader

This month’s security update fixes a variety of critical and important bugs in the software.
12 August 2020

Agent Tesla Spyware Adds Fresh Tricks to Its Arsenal

Agent Tesla Spyware Adds Fresh Tricks to Its Arsenal The RAT is surging in 2020, becoming more prevalent than even the infamous TrickBot or Emotet malware.
11 August 2020

Researchers Trick Facial-Recognition Systems

Goal was to see if computer-generated images that look like one person would get classified as another person.
11 August 2020

Microsoft Patches 120 Vulnerabilities, Two Zero-Days

The August 2020 Patch Tuesday marks the sixth month in a row Microsoft released patches for more than 110 vulnerabilities.
11 August 2020

Two 0-Days Under Active Attack, Among 120 Bugs Patched by Microsoft

Two 0-Days Under Active Attack, Among 120 Bugs Patched by Microsoft One of the two zero-day bugs is rated ‘critical’ and is classified as a remote code-execution bug impacting Microsoft’s Internet Explorer.
11 August 2020

Developers Need More Usable Static Code Scanners to Head Off Security Bugs

As companies "shift left" -- pushing more responsibility for security onto developers -- the tools that are available are falling short, usability researchers say.
11 August 2020

Microsoft Patch Tuesday, August 2020 Edition

Microsoft today released updates to plug at least 120 security holes in its Windows operating systems and supported software, including two newly discovered vulnerabilities that are actively being exploited. Yes, good people of the Windows world, it's time once again to backup and patch up!
11 August 2020

Critical Intel Flaw Afflicts Several Motherboards, Server Systems, Compute Modules

Critical Intel Flaw Afflicts Several Motherboards, Server Systems, Compute Modules A critical privilege-escalation flaw affects several popular Intel motherboards, server systems and compute modules.
11 August 2020

Symmetry Systems Emerges from Stealth

Company behind Data Store and Object Security (DSOS) becomes public knowledge following a $3 million seed round of funding.
11 August 2020

Zoom Vulnerabilities Demonstrated in DEF CON Talk

A security researcher demonstrated multiple vulnerabilities, two of which could let an attacker read and steal user data.
11 August 2020

Microsoft August 2020 Patch Tuesday fixes 120 vulnerabilities, two zero-days

Microsoft says attackers have used a Windows zero-day to spoof file signatures and another RCE in the Internet Explorer scripting engine to execute code on users' devices.
11 August 2020

Is Edtech the Greatest APT?

Educational technology is critical but can come at huge costs to student and teacher privacy and security. Are those costs too high?
11 August 2020

Critical Adobe Acrobat and Reader Bugs Allow RCE

Critical Adobe Acrobat and Reader Bugs Allow RCE Adobe patched critical and important-severity flaws tied to 26 CVEs in Acrobat and Reader.
11 August 2020

EU-US Privacy Shield Dissolution: What Happens Next?

In a world that isn't private by design, security and liability implications for US-based cloud companies are huge.
11 August 2020

Threema joins the ranks of E2EE chat apps that support encrypted video calls

Other E2E chat apps that support encrypted video calls include Signal, WhatsApp, Wickr, and Wire.
11 August 2020

Twitter working to fix issue with 2FA feature

An apparent glitch is preventing a number of users from signing into their accounts

The post Twitter working to fix issue with 2FA feature appeared first on WeLiveSecurity

11 August 2020

Cybersecurity Skills Gap Worsens, Fueled by Lack of Career Development

Cybersecurity Skills Gap Worsens, Fueled by Lack of Career Development The fundamental causes for the skill gap are myriad, starting with a lack of training and career-development opportunities.
11 August 2020