Rss Bot

Nine critical bugs and 58 overall fixes mark the last scheduled security advisory of 2020. View the full article

A CISA alert is flagging a critical default credentials issue that affects 100+ types of devices found in hospitals, from MRI machines to surgical imaging. View the full article

Adobe fixed three critical-severity flaws in Adobe Prelude, Adobe Experience Manager and Adobe Lightroom. View the full article

A new set of vulnerabilities has been discovered affecting millions of routers and IoT and OT devices from more than 150 vendors, new research warns. View the full article

Feds are warning that adversaries are exploiting a weeks-old bug in VMware’s Workspace One Access and VMware Identity Manager products. View the full article

As hackers put a bullseye on healthcare, Threatpost spotlights how hospitals, researchers and patients have been affected and how the sector is bolstering their cyber defenses. View the full article

In the early fog of the COVID-19 pandemic, cybersecurity took a back seat to keeping patients alive. Lost in the chaos was IT security. View the full article

The high-severity cross-site scripting flaws could allow remote-code injection on QNAP NAS systems. View the full article

Desktop versions of the browser received a total of eight fixes, half rated high-severity. View the full article

The skimmer steals credit-card data, using steganography to hide in plain sight in seemingly benign images. View the full article

VMware has issued a full patch and revised the severity level of the NSA-reported vulnerability to "important." View the full article

A new "TrickBoot" module scans for vulnerable firmware and has the ability to read, write and erase it on devices. View the full article

Lookout's Hank Schless discusses accelerated threats to mobile endpoints in the age of COVID-19-sparked remote working. View the full article

Patches for a flaw (CVE-2020-8913) in the Google Play Core Library have not been implemented by several popular Google Play apps, including Cisco Teams and Edge. View the full article

The feds have seen ongoing cyberattacks on think-tanks (bent on espionage, malware delivery and more), using phishing and VPN exploits as primary attack vectors. View the full article

CISA warns the leading enterprise document management platform is open to attack and urges companies to apply fixes. View the full article

The post-COVID-19 surge in the criticality level of medical infrastructure, coupled with across-the-board digitalization, will be big drivers for medical-sector cyberattacks next year. View the full article

Researcher Ian Beer from Google Project Zero took six months to figure out the radio-proximity exploit of a memory corruption bug that was patched in May. View the full article

The GO SMS Pro app has been downloaded 100 million times; now, underground forums are actively sharing images stolen from GO SMS servers. View the full article

An offshore Cayman Islands bank’s backups, covering a $500 million investment portfolio, were left unsecured and leaking personal banking information, passport data and even online banking PINs. View the full article

Four security vulnerabilities in an open-source medical records management platform allow remote code execution, patient data theft and more. View the full article

This post is originally published on Designmodo: When Should You Rethink Using Time-sensitive Images on Your Webite? There are two ways we can classify a website’s content in terms of time. Evergreen content is content that’s just as relevant and useful today as it is years from now. Time-sensitive content, on the other hand, has a very … For more information please contact Designmodo View the full article

More than a month after the cyberattack first hit, the UVM health network is still grappling with delayed payment processing and other issues. View the full article

Ransomware gangs with zero-days and more players overall will characterize financially motivated cyberattacks next year. View the full article

While 2021 will present evolving threats and new challenges, it will also offer new tools and technologies that will we hope shift the balance towards the defense. View the full article