SecurityWeek

Latest IT Security News and Expert Insights Via RSS Feed
  1. For more than five months, Lastline security researchers have tracked the evolution of malicious Excel 4.0 (XL4) macros, observing the fast pace at which malware authors change them to stay ahead of security tools.

    read more

  2. Zoom’s chief executive revealed on Tuesday that free users will not be offered end-to-end encryption as the company wants to assist the FBI and local law enforcement in their investigations.

    read more

  3. Cybersecurity firm Trustwave on Wednesday disclosed the details of several vulnerabilities found by its researchers in SAP Adaptive Server Enterprise (ASE).

    read more

  4. AppOmni Aims to Reduce SaaS Risks in Remote Working With Enterprise Essentials

    read more

  5. Firefox 77 and Tor Browser 9.5 were released this week with patches for a variety of vulnerabilities, including several rated high severity.

    read more

  6. A newly introduced bipartisan bill seeks to provide individuals with increased control over the sharing of data with services designed to notify them if they have been exposed to the COVID-19 coronavirus.

    read more

  7. Private equity investment company Thoma Bravo on Tuesday announced its intention to acquire secure business collaboration solutions provider Exostar, reportedly for roughly $100 million.

    read more

  8. France is rolling out an official coronavirus contact-tracing app aimed at containing fresh outbreaks as lockdown restrictions gradually ease, becoming the first major European country to deploy the smartphone technology amid simmering debates over data privacy.

    read more

  9. Several vulnerabilities affecting the Exim mail transfer agent (MTA) have been exploited by Russia-linked hackers, and administrators have been urged to patch immediately, but hundreds of thousands of servers remain unpatched.

    read more

  10. Google has started rolling out the June 2020 security patches for the Android operating system, which address a total of 43 vulnerabilities, including several rated critical.

    read more

  11. A recently patched vulnerability affecting VMware Cloud Director has a major impact for cloud services providers as it can allow an attacker to take full control of all private clouds hosted on the same infrastructure, cybersecurity firm Citadelo revealed on Monday.

    read more

  12. Microsoft is sponsoring a Machine Learning Security Evasion Competition this year, with partners CUJO AI, VMRay, and MRG Effitas, the company has announced.

    The competition, which welcomes both machine learning (ML) practitioners and cybersecurity professionals, will allow researchers to exercise their defender and attacker skills, Microsoft says.

    read more

  13. A vulnerability related to the IP-in-IP tunneling protocol that can be exploited for denial-of-service (DoS) attacks and to bypass security controls has been found to impact devices from Cisco and other vendors.

    read more

  14. Apple on Monday released security patches to address a zero-day vulnerability that had been used to jailbreak iPhones running iOS 13.5.

    Tracked as CVE-2020-9859, the vulnerability was found in the iOS kernel and it can allow an application to achieve unsandboxed, kernel-level code execution.

    read more

  15. The cybercriminals behind the recent attack on Elexon, which manages the electricity market in the United Kingdom, have started leaking data allegedly stolen from the company.

    read more

  16. A distributed denial-of-service (DDoS) attack crippled the websites and systems of Minneapolis late last week, but no data appears to have been breached.

    read more

  17. Cloud security firm Zscaler has acquired Edgewise Networks, a company that helps customers secure application-to-application communications using a zero-trust approach through microsegmentation.

    The acquisition was announced on Thursday and terms of the deal were not disclosed.

    read more

  18. An unprotected Amazon Web Services (AWS) S3 bucket exposed the details of 2,700 users who signed up for the Joomla Resources Directory (JRD), Joomla’s Incident Response Task Group reported last week.

    read more

  19. A security researcher claims Apple paid a $100,000 bug bounty reward for a critical vulnerability in Sign in with Apple, the company’s privacy-focused authentication system.

    read more

  20. Two researchers have discovered a new timing channel attack technique that remains effective even if multiple processes are running on a system.

    read more

Website Copyright 1998-2020 by PCBest. All Rights Reserved.
we accept credit cards