October 2020 - Page 2 of 5 - Cyber Security Minute

Google patches actively exploited zero-day bug that affects Chrome users

Issued by: Blog Malwarebytes

Google has recently released Chrome version 86.0.4240.111 to patch several holes. One is for a zero-day flaw – that means a vulnerability that is being actively exploited in the wild. The flaw, which is officially designated as CVE-2020-15999, occurs in the way FreeType handles PNG images embedded in fonts using the Load_SBit_Png function. FreeType is…

Malware & Threats

Machine identity related cyberattacks grew by 433% between 2018 and 2019

Issued by: Help Net Security

The machine identity attack surface is exploding, with a rapid increase in all types of machine identity-related security events in 2018 and 2019, according to Venafi. For example, the number of reported machine identity-related cyberattacks grew by over 400% during this two-year period. “We have seen machine use skyrocket in organizations over the last five…

Vulnerabilities

Cybersecurity is failing due to ineffective technology

Issued by: Help Net Security

A failing cybersecurity market is contributing to ineffective performance of cybersecurity technology, a Debate Security research reveals. Based on over 100 comprehensive interviews with business and cybersecurity leaders from large enterprises, together with vendors, assessment organizations, government agencies, industry associations and regulators, the research shines a light on why technology vendors are not incentivized to…

Vulnerabilities

Oracle Releases Another Mammoth Security Patch Update

Issued by: Dark Reading

For the second straight quarter this year, Oracle’s latest critical patch update (CPU) released this week contained more than 400 security patches addressing vulnerabilities in a wide range of the company’s product sets. With 402 patches, Oracle’s October 2020 CPU was slightly smaller than its previous one in July, which contained a record-breaking 444 security…

Vulnerabilities

How tech trends and risks shape organizations’ data protection strategy

Issued by: Help Net Security

Trustwave released a report which depicts how technology trends, compromise risks and regulations are shaping how organizations’ data is stored and protected. Data protection strategy The report is based on a recent survey of 966 full-time IT professionals who are cybersecurity decision makers or security influencers within their organizations. Over 75% of respondents work in…

Vulnerabilities

Account Fraud is Killing Streaming Services: What Providers Can Do

Issued by: Security Intelligence

The use of online streaming services was already burgeoning well before most of the world started spending so much time at home. The current explosion in the demand for video and music streaming services is cause for celebration in the industry, but it has a dark side. Account fraud, sharing and takeover, enabled by password…

Cloud Security

Moving to the cloud with a security-first, zero trust approach

Issued by: Help Net Security

Many companies tend to jump into the cloud before thinking about security. They may think they’ve thought about security, but when moving to the cloud, the whole concept of security changes. The security model must transform as well. Moving to the cloud and staying secure Most companies maintain a “castle, moat, and drawbridge” attitude to…

Network Security

Biometric device revenues to drop 22%, expected to rebound in 2021

Issued by: Help Net Security

In the aftermath of the COVID-19 pandemic, global biometric device revenues are expected to drop 22%, ($1.8 billion) to $6.6 billion, according to a report from ABI Research. The entire biometrics market, however, will regain momentum in 2021 and is expected to reach approximately $40 billion in total revenues by 2025. Global biometric device revenues…

Vulnerabilities

Can we trust passwordless authentication?

Issued by: Help Net Security

We are beginning to shift away from what has long been our first and last line of defense: the password. It’s an exciting time. Since the beginning, passwords have aggravated people. Meanwhile, passwords have become the de facto first step in most attacks. Yet I can’t help but think, what will the consequences of our…

Vulnerabilities

Most US states show signs of a vulnerable election-related infrastructure

Issued by: Help Net Security

75% of all 56 U.S. states and territories leading up to the presidential election, showed signs of a vulnerable IT infrastructure, a SecurityScorecard report reveals. Since most state websites offer access to voter and election information, these findings may indicate unforeseen issues leading up to, and following, the US election. Election infrastructure: High-level findings Seventy-five…