All the latest blog posts from the most relevant cyber security companies in the business.

Digital transformation is increasing the need for enterprise resource planning (ERP) systems to allow organizations to manage the entirety of their business in a coordinated manner. Globalization is forcing organizations to consider cloud solutions to prevent disjointed business operation across multiple global locations — and even smaller companies are simply attracted by the economies and…

BlackBerry, which recently announced the acquisition of endpoint security firm Cylance for $1.4 billion in cash, says its Secure technology can be licensed by third-party vendors for their Internet-connected devices. The Secure feature packs provide manufacturers a framework that should help them build safer and more secure products without the need to internally develop cybersecurity…

The National Counterintelligence and Security Center began sending out detailed advisories, in brochure and video forms, to companies around the country to show them how to guard against cyber-incursions. The blitz follows hotel chain Marriott’s disclosure last week that hackers stole more than five million passport numbers of guests at its properties. It was the…

The vulnerabilities impact the Windows and macOS versions of Acrobat and Acrobat Reader DC (Continuous and Classic 2015 tracks), and Acrobat and Acrobat Reader 2017 products. The list of security holes includes various types of critical bugs that can lead to arbitrary code execution, including buffer errors, untrusted pointer dereference, use-after-free, and heap overflow. The…

A British parliamentary committee investigating whether the social media behemoth was being used to manipulate the results of elections published 250 pages of internal Facebook documents earlier Wednesday. They show executives holding discussions about big companies such as Netflix being granted preferential access to user data even after Facebook had tightened its privacy rules in…

According to Facebook, researchers can earn up to $40,000 if they report an account hijacking flaw that does not require any user interaction, and $25,000 if minimum user interaction is required for the exploit to work. The bounty applies to Facebook and other services owned by the company, including Instagram, WhatsApp and Oculus. “By increasing…

The addressed issues include remote code execution bugs, elevation of privilege flaws, and information disclosure vulnerabilities, along with a denial of service. Impacted components include Framework, Media framework, System, and Qualcomm components. “The most severe vulnerability in this section could enable a proximate attacker using a specially crafted file to execute arbitrary code within the…

The zero-day flaw, tracked as CVE-2018-15454, is related to the Session Initiation Protocol (SIP) inspection engine used in the company’s Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. A remote and unauthenticated attacker can exploit the vulnerability to cause an affected device to reload or consume CPU resources, resulting in a denial-of-service (DoS)…