Vulnerabilities

Issued by: CSO

Protecting high-value research data from nation-state attackers

Joint NCSC-DHS-CISA advisories and a warning from the FBI have recently highlighted activities of nation-state-backed groups targeting organizations focused on COVID-19 research. The goal is to obtain information for their domestic COVID-19 research efforts. Security leaders at research organizations need to better understand the motivations and methods of these attackers. That will allow them to…

Malware & Threats

Issued by: Help Net Security

Tim Rains, who formerly held many essential roles at Microsoft and is currently working at Amazon Web Services as Regional Leader for Security and Compliance Business Acceleration for EMEA, had the opportunity to gain knowledge from and advise thousands of organizations and enterprises about incident response and threat intelligence. Cybersecurity Threats, Malware Trends, and Strategies…

Vulnerabilities

Issued by: Help Net Security

Microsoft fixes two RCE flaws affecting Windows 10 machines

Microsoft has released fixes for two remote code execution (RCE) vulnerabilities in the Microsoft Windows Codecs Library on Windows 10 machines. The vulnerabilities Both flaws – CVE-2020-1425 and CVE-2020-1457 – arose because of the way the Microsoft Windows Codecs Library handled objects in memory. CVE-2020-1425 could allow attackers to obtain information to further compromise the…

Vulnerabilities

Issued by: Security Week

Back in March as the coronavirus pandemic gathered steam in the U.S., a largely unheralded video-conferencing service suddenly found itself in the spotlight. And just as quickly as Zoom became a household name for connecting work colleagues, church and school groups, friends, family, book clubs and others during stay-at-home lockdowns, it also gained a reputation…

Malware & Threats

Issued by: Help Net Security

The average $5 billion company incurs delays of roughly 5 weeks per year in new product launches due to missed risks, with a $99 million opportunity cost, according to Gartner. Opportunity costs from missing risks A survey of more than 382 strategic initiative leaders quantified the cost of missing risks in strategic initiatives. For an…

Cloud Security

Issued by: Help Net Security

Vendor revenue from sales of IT infrastructure products (server, enterprise storage, and Ethernet switch) for cloud environments, including public and private cloud, increased 2.2% in the first quarter of 2020 (1Q20) while investments in traditional, non-cloud, infrastructure plunged 16.3% year over year, according to IDC. Pandemic as the major factor driving infrastructure spending The broadening…

Cloud Security

Issued by: Help Net Security

Even before lockdowns, there was a steady migration toward more flexible workforce arrangements. Given the new normal of so many more people working from home—on top of a pile of evidence showing that productivity and quality of life typically go up with remote work—it is inevitable that many more companies will continue to offer those…

Vulnerabilities

Issued by: Help Net Security

A desire to remain compliant with the European Union’s General Data Protection Regulation (GDPR) and other privacy laws has made HR leaders wary of any new technology that digs too deeply into employee emails. This is understandable, as GDPR non-compliance pay lead to stiff penalties. At the same time, new technologies are applying artificial intelligence…

Malware & Threats

Issued by: Help Net Security

Cybercriminals are increasingly using IM platforms like Telegram, Discord, Jabber, WhatsApp, IRC and others to advertise and sell their goods and services, IntSight researchers have found. While traditional cybercrime sources (e.g., forums, black markets, credit card shops, etc.) continue to see regular traffic, peer-to-peer communication networks and chat channels offer advantages like automated answers and…