SEARCH
All Articles
Microsoft’s RDP Patch Isn’t a Complete Fix
Microsoft's February security update fixes the vulnerability that can result in reverse RDP attacks in the built-in Windows RDP client, but third-party RDP clients are still vulnerable, Check Point said.
Stuxnet’s Legacy Lives on in New Windows Bug
A vulnerability in the Windows print spooler service patched this week echoes a similar one exploited by the Stuxnet worm 10 years ago.
Lawmakers Ask for Cybersecurity Funding for States
A bipartisan group of Congressional lawmakers are trying to drum up support to include money for states and local governments to modernize their IT infrastructure in the next stimulus package.
US Exposes New North Korean Malware Tools
The U.S. government has published details of three new malware tools it says are in use by North Korean state-sponsored attackers.
Thunderspy Attack Underscores Existing Thunderbolt Security Issues
The new Thunderspy attack highlights a handful of shortcomings in the security model of the Thunderbolt chip used in many PCs.
GitHub Expands Scanning to Find Security Flaws in Code
The goal for secure software isn’t to never have vulnerabilities, but to be able to find vulnerabilities as soon as possible so that they can be fixed. GitHub has expanded its code scanning capabilities to make it easier for developers to identify flaws in projects that are managed on its platform.
Cisco Fixes Kerberos Authentication Bypass Bug in ASA Software
Cisco has patched a dangerous flaw in its Adaptive Security Appliance Software that could allow an attacker to bypass authentication when Kerberos is enabled.
Thousands of SaltStack Servers Patched, But Many Still Vulnerable
The number of servers vulnerable to the CVE-2020-11651 SaltStack flaw has dropped considerably, but several thousand are still unpatched.
CISA Warnings Highlight Myriad Security Threats
Over the past few days, the Cybersecurity and Infrastructure Security Agency has issued several alerts warning about nation-state actors targeting healthcare and medical research organizations, as well as ways organizations should protect their remote workforce.
GoDaddy Reports Breach of Customer Hosting Accounts
An attacker was able to access an undisclosed number of GoDaddy customers' hosting accounts using SSH connections.
SaltStack Flaw Used in Numerous Attacks
Attackers are exploiting the CVE-2020-11651 flaw in SaltStack Salt to install coinmining scripts on exposed servers.
Decipher Podcast: Andy Ellis
Akamai CSO Andy Ellis joins Dennis Fisher to talk about the security implications of moving thousands of employees worldwide to remote work.
Senators Plan COVID-19 Data Protection Bill
Four senators are planning to introduce the COVID-19 Data Protection Act to regulate the collection, use, and transfer of health and location data related to virus infections.
RDP Stays in Attackers’ Sights
There has been a sharp increase in scans for exposed RDP servers recently as attackers try to take advantage of the move to remote work.
Banner Health Settles Data Breach Lawsuit
A judge has approved the deal settling all claims related to Banner Health’s 2016 data breach, which includes stipulations for how the hospital operator must improve its information security.