Schneier on Security
DECEMBER 24, 2020
Interesting analysis of China’s efforts to identify US spies: By about 2010, two former CIA officials recalled, the Chinese security services had instituted a sophisticated travel intelligence program, developing databases that tracked flights and passenger lists for espionage purposes. “We looked at it very carefully,” said the former senior CIA official.
Tech Republic Security
DECEMBER 24, 2020
Cybercriminals sometimes use AI to their benefit. In order to defeat these cyber bad guys, security pros and AI should focus on what they do best.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Adam Shostack
DECEMBER 24, 2020
Scientists have discovered a chunk of amber with a dinosaur tail in it. (Poor dinosaur!) National Geographic has the story , which is not brand-new, but is a nice bit of scientific joy for the day.
Security Affairs
DECEMBER 24, 2020
Google’s Project Zero experts publicly disclosed details of an improperly patched zero-day code execution vulnerability in Windows. White hat hackers at Google’s Project Zero team has publicly disclosed details of an improperly patched zero-day vulnerability in Windows. The vulnerability tracked as CVE-2020-0986 , resides in the Print Spooler API and could be exploited by a threat actor to execute arbitrary code.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Threatpost
DECEMBER 24, 2020
The LPE bug could allow an attacker to install programs; view, change, or delete data; or create new accounts with full user rights.
Security Affairs
DECEMBER 24, 2020
Citrix confirmed that a DDoS attack is targeting Citrix Application Delivery Controller (ADC) networking equipment. The threat actors are using the Datagram Transport Layer Security (DTLS) protocol as an amplification vector in attacks against Citrix appliances with EDT enabled. The DTLS protocol is a communications protocol for securing delay-sensitive apps and services that use datagram transport.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Security Affairs
DECEMBER 24, 2020
Millions of devices are potential exposed to attacks targeting the vulnerabilities exploited by the tools stolen from the arsenal of FireEye. Security experts from Qualys are warning that more than 7.5 million devices are potentially exposed to cyber attacks targeting the vulnerabilities exploited by the tools stolen from the arsenal of FireEye. As a result of the recent SolarWinds supply chain attack, multiple organizations were compromised, including FireEye. “While the number of vulnera
Dark Reading
DECEMBER 24, 2020
Dridex operators launch a social engineering scam that promises victims a $100 gift card but delivers a banking Trojan.
Dark Reading
DECEMBER 24, 2020
The purchase is intended to increase London-based HelpSystems' file collaboration security capabilities.
Dark Reading
DECEMBER 24, 2020
It's time that security got out of the armchair and out on the field.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Expert insights. Personalized for you.
349 
Let's personalize your content