SecurityWeek

VMware Patches Critical Code Execution Vulnerability in ESXi

Security Week - 50 min ago

VMware this week informed customers that it has patched several vulnerabilities in its ESXi, Workstation, Fusion and NSX-T products, including a critical flaw that allows arbitrary code execution.

The critical vulnerability, identified as CVE-2020-3992, has been described as a use-after-free issue that affects the OpenSLP service in ESXi.

read more

Categories: SecurityWeek

Russia Dismisses Hacking Allegations as 'Russophobia'

Security Week - 2 hours 27 min ago

The Kremlin on Tuesday denied US claims that Russian military intelligence was behind cyber attacks targeting Ukraine's power grid, the 2017 French election and the 2018 Winter Olympic Games.

read more

Categories: SecurityWeek

IoT Security Foundation Launches Vulnerability Reporting Platform

Security Week - 3 hours 7 min ago

The Internet of Things Security Foundation (IoTSF), an effort aimed at improving the security of IoT, has launched an online platform designed to make the reporting of vulnerabilities in IoT devices easier.

read more

Categories: SecurityWeek

Chrome Update Patches Actively Exploited FreeType Vulnerability

Security Week - 3 hours 34 min ago

A Chrome 86 update released by Google on Tuesday patches several high-severity vulnerabilities, including a zero-day that has been exploited in the wild.

read more

Categories: SecurityWeek

Euronext Says Stock Market Glitch Was Not a Cyber Attack

Security Week - 3 hours 57 min ago

A problem that halted trading on the Paris stock market and others across Europe was a "middleware" issue and not a cyber attack, operator Euronext said Tuesday.

read more

Categories: SecurityWeek

NSA Lists 25 Vulnerabilities Currently Targeted by Chinese State-Sponsored Hackers

Security Week - 4 hours 29 min ago

The U.S. National Security Agency this week released an advisory containing information on 25 vulnerabilities that are being actively exploited or targeted by Chinese state-sponsored threat actors.

read more

Categories: SecurityWeek

Chinese Hackers Target Cisco Discovery Protocol Vulnerability

Security Week - 5 hours 31 min ago

Chinese state-sponsored hackers are targeting a Cisco Discovery Protocol vulnerability that was disclosed earlier this year, the networking giant and the U.S. National Security Agency revealed on Tuesday.

read more

Categories: SecurityWeek

Sweden Bans Huawei, ZTE From 5G, Calls China Biggest Threat

Security Week - 7 hours 17 min ago

Sweden is banning Chinese tech companies Huawei and ZTE from building new high-speed wireless networks after a top security official called China one of the country’s biggest threats.

read more

Categories: SecurityWeek

Adobe Releases Security Updates for 10 Products

Security Week - Tue, 10/20/2020 - 2:31pm

Adobe on Tuesday announced that it has released security updates for 10 of its products, patching a total of 20 vulnerabilities.

read more

Categories: SecurityWeek

New TrickBot Control Servers Unable to Respond to Bot Requests

Security Week - Tue, 10/20/2020 - 1:36pm

Control servers included in the configuration file of new TrickBot samples fail to respond to bot requests, according to researchers at threat intelligence company Intel 471.

read more

Categories: SecurityWeek

Security Testing Company NSS Labs Ceases Operations

Security Week - Tue, 10/20/2020 - 10:27am

Austin, Texas-based security product testing company NSS Labs has announced that it ceased operations on October 15, 2020.

“Due to Covid-related impacts, NSS Labs ceased operations on October 15th,” a message on the company’s website reads.

read more

Categories: SecurityWeek

Identity-Focused Intelligence Firm 4iQ Raises $30 Million

Security Week - Tue, 10/20/2020 - 9:28am

Identity-focused intelligence company 4iQ on Tuesday announced that it has raised $30 million in a Series C funding round led by ForgePoint Capital and Benhamou Global Ventures.

read more

Categories: SecurityWeek

How to Seize the OT Security Opportunity and Accelerate Your Digital Transformation

Security Week - Tue, 10/20/2020 - 8:45am

Simplifying Processes Helps to Enable Acceleration and Resilience and Optimizes Your Resources

read more

Categories: SecurityWeek

Serious Vulnerability in GitHub Enterprise Earns Researcher $20,000

Security Week - Tue, 10/20/2020 - 8:33am

A security researcher says he has earned $20,000 for a high-severity GitHub Enterprise vulnerability that might have allowed an attacker to execute arbitrary commands.

GitHub Enterprise, the on-premises version of GitHub.com, is designed to make it easier for large enterprise software development teams to collaborate.

read more

Categories: SecurityWeek

UK Says Russia Launched Cyberattacks Against 2020 Olympic, Paralympic Games

Security Week - Tue, 10/20/2020 - 7:41am

The United Kingdom on Monday exposed and condemned cyberattacks that the Russian military intelligence service GRU allegedly launched against organizations involved in the 2020 Olympic and Paralympic Games that were set to take place in Tokyo this summer, but were postponed due to the COVID-19 pandemic.

read more

Categories: SecurityWeek

Irish Regulator Investigates Instagram Over Children's Data

Security Week - Tue, 10/20/2020 - 6:59am

Irish privacy regulators have opened two investigations into Instagram over the social media site’s handling of young people’s personal data.

read more

Categories: SecurityWeek

Adobe Patches 9 Vulnerabilities in Magento

Security Week - Tue, 10/20/2020 - 4:33am

Adobe last week patched a total of nine vulnerabilities in its Magento e-commerce platform, including two critical issues.

read more

Categories: SecurityWeek

Ryuk Ransomware Attacks Continue Following TrickBot Takedown Attempt

Security Week - Mon, 10/19/2020 - 11:40pm

The threat actor behind the Ryuk ransomware continues to conduct attacks following the recent attempts to disrupt the TrickBot botnet, CrowdStrike reports.

read more

Categories: SecurityWeek

Singapore's World-First Face Scan Plan Sparks Privacy Fears

Security Week - Mon, 10/19/2020 - 11:04pm

Singapore will become the world's first country to use facial verification in its national ID scheme, but privacy advocates are alarmed by what they say is an intrusive system vulnerable to abuse.

read more

Categories: SecurityWeek

Android, macOS Versions of GravityRAT Spyware Spotted in Ongoing Campaign

Security Week - Mon, 10/19/2020 - 2:58pm

Kaspersky security researchers have identified versions of the GravityRAT spyware that are targeting Android and macOS devices.

read more

Categories: SecurityWeek

Pages