Network Security | SC Media

Network Security

Rush to adopt online learning under COVID-19 exposes schools to cyberattacks

As the COVID-19 pandemic rages, the cyber community has rightly focused on protecting the health care industry from malicious hackers but education is at risk, too, as recently homebound students attend school in record numbers via online edtech platforms, e-learning environments and video conferencing. In a public service announcement this month, the FBI’s Internet Crime…

Cure worse than disease? Patching riskier under COVID-19 work-from-home policies

Patch management was challenging enough before the world was upended by a rapidly spreading pandemic. But with security teams working remotely, and employee-operated devices dispersed across large distances, quickly prioritizing and fixing critical vulnerabilities has become both more difficult and more important. As the 2017 Equifax breach showed, delays in patching can result in a…

Chrome browser update knocks out eight bugs

Google yesterday issued a stable channel update for the desktop version of its Chrome browser for Windows, Mac and Linux, fixing eight vulnerabilities in the process. The patched bugs included at least three high-level bugs, including two use-after-free flaw in WebAudio (CVE-2020-6450 and CVE-2020-6451), and a head buffer overflow in media (CVE-2020-6452). The two WebAudio…

Pwn2Own contest yields 13 bugs, as virtual format expands talent pool

Research teams at the Pwn2Own 2020 competition successfully exploited 13 software vulnerabilities this past week, including bugs found in products from Adobe, Apple, Microsoft, Oracle and Ubuntu. Participants earned $270,000 over the two-day event — the first Pwn2Own ever to be held virtually, as a measure to combat the rapid spread of the novel coronavirus.…

Cymatic offers free cybersecurity tool for schools for remote learning

Cymatic has made its in-session visibility dashboard, Cymatic 20/20 will be available for free to educational institutions and non-profits to help supporting students learning from home during the Coronavirus pandemic. The dashboard normally is used to provide remote workers with secure access to critical network applications. The company said in a statement 20/20 dashboard is…

VMware advisory warns users to patch critical issue in product

VMware squashes critical code execution bug in hypervisors

VMware has updated its Workstation hosted hypervisor and Fusion software hypervisor, fixing a critical vulnerability that could be exploited to trigger arbitrary code execution or a denial of service condition. The virtualization and cloud computing software provider company also fixed two important privilege escalation flaws spread out between four of its products. Designated CVE-2020-3947, the most critical…

Cyber investment exec talks COVID-19, Snowden and rise of threat intel automation

The cyber threat intelligence tech space has made significant leaps in the last few years, becoming far less manual, according to Hank Thomas, CEO and co-founder of Strategic Cyber Ventures and former principal/director, cyber intelligence and security, with Booz Allen Hamilton, in an interview with SC Media. “It was seemingly like that particular sector was…

Microsoft issues out-of-band fix for leaked ‘EternalDarkness’ bug

Due to an apparent error in the Microsoft vulnerability disclosure process, news of an unpatched, critical Microsoft Server Message Block (SMB) vulnerability leaked to the public this past Patch Tuesday. In response to this occurrence, Microsoft today issued an out-of-band security update fixing the flaw. If exploited, the bug could result in a wormable remote…

Next post in Executive Insight