Juvenile Pleads Guilty to 2016 DNS Attack
Enterprise VulnerabilitiesFrom DHS/US-CERT's National Vulnerability Database
CVE-2020-26271PUBLISHED: 2020-12-10
In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph....
Security Incidents Are ‘Tip of the Iceberg,’ Says UK Security Official
Pete Cooper, deputy director of cyber defense for the UK Cabinet Office, emphasized the importance of security fundamentals, collaboration, and diversity in his Black Hat Europe keynote talk.A resilient...
Ransomware Makes Up Half of All Major Incidents
Misconfigurations and lack of visibility allow attackers to compromise networks and monetize their intrusions, according to CrowdStrike's analysis of about 200 incidents.Ransomware attacks made up the majority of serious...
Microsoft Fixes 58 CVEs for December Patch Tuesday
The last Patch Tuesday of 2020 brings fixes for Critical vulnerabilities in Microsoft SharePoint and Exchange.Microsoft today released its final Patch Tuesday fixes of the year, addressing 58 CVEs...
Nation-State Hackers Breached FireEye, Stole Its Red Team Tools
"Novel techniques" used by the attackers cheated security tools and forensics, according to FireEye CEO Kevin Mandia.The cybersecurity firm best known for its incident response (IR) chops today said...
NSA Warns of Exploits Targeting Recently Disclosed VMware Vulnerability
Agency urges organizations to deploy patch as soon as possible since exploit activity is hard to detect.The US National Security Agency (NSA) Monday warned network administrators at the Department...
Phishing Campaign Targets 200M Microsoft 365 Accounts
A well-organized email spoofing campaign has been seen targeting financial services, insurance, healthcare, manufacturing, utilities, and telecom.A large-scale phishing campaign is targeting 200 million Microsoft 365 users around the...
Intel Doubles Down on Emerging Technologies for Sharing and Using Data Securely
Homomorphic encryption and federated learning could allow groups to share data and analysis while protecting the actual information.Two technologies — homomorphic encryption and federated learning — could allow companies...
Microsoft Cloud Security Exec Talks New Tech, WFH, Gamification
Gunter Ollman explains the benefits of CPSM technology, how IT security teams have evolved, and how the pandemic has shaped security.Organizations have experienced "two years' worth of digital transformation...
Researchers Discover New Obfuscation-As-a-Service Platform
Researchers detail how a Android APK obfuscation service automates detection evasion for highly malicious apps.A new obfuscation-as-a-service platform detailed by researchers today during the Botconf 2020 virtual conference offers yet...
