Cybersecurity News


Microsoft Patch Tuesday fixes 17 critical flaws, Windows zero‑day

The second Tuesday of the month brings another fresh batch of fixes for security vulnerabilities in various Microsoft products

The post Microsoft Patch Tuesday fixes 17 critical flaws, Windows zero‑day appeared first on WeLiveSecurity

11 November 2020

Play Store identified as main distribution vector for most Android malware

Mammoth research project using Symantec (now NortonLifeLock) telemetry confirms what everyone suspected.
11 November 2020

How to Avoid Getting Killed by Ransomware

Using a series of processes, infosec pros can then tap automated data hygiene to find and fix files that attackers key in on.
11 November 2020

High-Severity Cisco DoS Flaw Can Immobilize ASR Routers

High-Severity Cisco DoS Flaw Can Immobilize ASR Routers The flaw stems from an issue with the ingress packet processing function of Cisco IOS XR software.
11 November 2020

COVID-19 Data-Sharing App Leaked Healthcare Worker Info

COVID-19 Data-Sharing App Leaked Healthcare Worker Info Philippines COVID-KAYA app allowed for unauthorized access typically protected by ‘superuser’ credentials and also may have exposed patient data.
11 November 2020

Palo Alto Networks acquires attack surface manager Expanse in $800m deal

Expanse’s platform will be added to the Cortex product suite.
11 November 2020

Avast warns of Minecraft skin, mod apps fleecing ‘millions’ of Android users

Ridiculously expensive subscriptions are costing users as much as $120 per month.
11 November 2020

Why you should keep your Netflix password to yourself

Sharing is caring – except when it isn’t. Here’s why you shouldn’t share your password for online media services with other people.

The post Why you should keep your Netflix password to yourself appeared first on WeLiveSecurity

11 November 2020

Adobe releases new security fixes for Connect, Reader Mobile

This month’s update is small in comparison to last month’s flurry of emergency fixes.
11 November 2020

Facebook link preview feature used as a proxy in website-scraping scheme

Mysterious groups have been scraping data from internet sites by abusing Facebook's link preview feature, using Facebook API servers as proxies to avoid getting blacklisted.
11 November 2020

Patch Tuesday, November 2020 Edition

Adobe and Microsoft each issued a bevy of updates today to plug critical security holes in their software. Microsoft's release includes fixes for 112 separate flaws, including one zero-day vulnerability that is already being exploited to attack Windows users. Microsoft also is taking flak for changing its security advisories and limiting the amount of information disclosed about each bug.
10 November 2020

Flaws in Privileged Management Apps Expose Machines to Attack

The Intel Support Assistant is the latest Windows utility to be found that could expose millions of computers to privilege-escalation attacks through file manipulation and symbolic links.
10 November 2020

Malware Hidden in Encrypted Traffic Surges Amid Pandemic

Zscaler says attacks involving the use of SSL/TLS encryption jumped 260% in the first nine months of 2020 compared to the same period last year.
10 November 2020

Claroty Details Vulnerabilities in Schneider PLCs

The vulnerabilities in a common line of programmable logic controllers could allow attackers to gain control of industrial equipment.
10 November 2020

Microsoft Patches Windows Kernel Flaw Under Active Attack

This month's Patch Tuesday addressed a Windows zero-day in a release of 112 vulnerabilities, 17 of which are critical.
10 November 2020

Microsoft Patch Tuesday Update Fixes 17 Critical Bugs

Microsoft Patch Tuesday Update Fixes 17 Critical Bugs Remote code execution vulnerabilities dominate this month’s security bulletin of warnings and patches.
10 November 2020

Colossal Intel Update Anchored by Critical Privilege-Escalation Bugs

Colossal Intel Update Anchored by Critical Privilege-Escalation Bugs Intel released 40 security advisories in total, addressing critical- and high-severity flaws across its Active Management Technology, Wireless Bluetooth and NUC products.
10 November 2020

Scalper-Bots Shake Down Desperate PS5, Xbox Series X Shoppers

Scalper-Bots Shake Down Desperate PS5, Xbox Series X Shoppers Retail bots are helping scalpers scoop up PS5, Xbox Series X inventory and charge massive markups.
10 November 2020

Cloud Usage, Biometrics Surge As Remote Work Grows Permanent

A new report reveals organizations are increasing their adoption of biometric authentication and disallowing SMS as a login method.
10 November 2020

Overlooked Security Risks of the M&A Rebound

Successful technology integration, post-merger, is tricky in any market, and never more so than with today's remote work environments and distributed IT infrastructure.
10 November 2020