Month: November 2020

Vulnerabilities

Issued by: CSO

A year ago, in the fall of 2019, Mike Zachman ran a security drill for his company, Zebra Technologies Corp. Zachman, who as chief security officer oversees cybersecurity as well as product security and physical security, had focused the exercise on business continuity to determine how well the company’s plans would hold up. He had…

Network Security

Issued by: CSO

As businesses grapple with the pandemic, millions of workers are no longer working in the traditional office behind the traditional perimeter. They are working from home, accessing data and network resources using unauthorized devices, unauthorized software and unsecured WiFi. Research has revealed that almost 50% of US businesses have been hit by a Covid-related attack…

Vulnerabilities

Issued by: Help Net Security

Academics at UCL and other institutions have collaborated to develop a machine learning tool that identifies new domains created to promote false information so that they can be stopped before fake news can be spread through social media and online channels. To counter the proliferation of false information it is important to move fast, before…

Malware & Threats

Issued by: Help Net Security

Nuspire released a report, outlining new cybercriminal activity and tactics, techniques and procedures (TTPs) throughout Q3 2020, with additional insight from Recorded Future. Threat actors becoming even more ruthless The report demonstrates threat actors becoming even more ruthless. Throughout Q3, hackers shifted focus from home networks to overburdened public entities, including the education sector and…

Vulnerabilities

Issued by: Security Week

As its largest acquisition to date, Palo Alto will pay $670 million in cash and stock and approximately $130 million in equity awards. Expanse’s platform provides customers with a vulnerability map of externally exposed and untracked assets and helps evaluate and mitigate risk. Following the acquisition, Expanse’s attack surface management capabilities will be integrated into…

Vulnerabilities

Issued by: Security Week

The Firefox vulnerability, tracked as CVE-2020-26950, has been described as an issue related to write side effects in MCallGetProperty opcode not being accounted for. “In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition,” Mozilla said in an advisory published on Monday. The flaw was fixed with…

Vulnerabilities

Issued by: CSO

A few years ago, many deception technology companies were in the process of adding advanced features like cloud integration, artificial intelligence (AI) and automation to their platforms to combat increasingly advanced threats. The upgraded defenses were necessary because skilled attackers were starting to unmask and circumvent classic deception tricks like dropping breadcrumbs pointing at fictitious,…

Application Security

Issued by: Help Net Security

Zoom Video Communications, the maker of the popular Zoom video conferencing solution, has agreed to settle allegations made by the US Federal Trade Commission (FTC) that it “engaged in a series of deceptive and unfair practices that undermined the security of its users.” The settlement requires Zoom to – among other things – establish and…

Network Security

Issued by: CSO

The COVID-19 pandemic forced many companies to adapt to a new work-from-home reality. We’re now past the initial shock of the COVID-19 pandemic, which forced many companies to quickly adapt to a new work-from-home reality. In the early days, business continuity, often at the expense of security, was the priority in decision making around remote…