Security News > 2020 > March

As the coronavirus pandemic accelerates, authorities worldwide are plotting ways to flatten the curve of infection rates using potentially privacy-busting measures such as phone tracking, facial recognition and other tech. In this Threatpost poll, we want your take on whether sacrificing personal privacy for the public good is worth it.

VMware has released an update for the macOS version of Fusion to fix a privilege escalation vulnerability for which it initially released an incomplete patch. VMware told customers on March 17 that Fusion, Remote Console and Horizon Client for Mac are impacted by a high-severity privilege escalation vulnerability tracked as CVE-2020-3950.

Adobe has issued a patch for a critical flaw that can be exploited to delete files from Windows computers running the Creative Cloud client. "Successful exploitation could lead to arbitrary File Deletion in the context of the current user," Adobe said in its bulletin today.

The attack appeared to be aimed at achieving a foothold at the agency rather than being an end unto itself: "The targeting infrastructure seems to focus on certain types of healthcare and humanitarian organizations that are uncommon for cybercriminals," Costin Raiu, researcher at Kaspersky, told Threatpost. As for the "Why" of the attack, which was thwarted, Raiu said that information about remediation for coronavirus - such as cures, tests or vaccines - would be invaluable to any nation-state's intelligence officials.

A targeted and ongoing malicious campaign first spotted last year has hit organizations in the Middle East with a new, fully-fledged Trojan, Kaspersky reveals. The attacks were aimed at various organizations, some related to the industrial sector.

Creative Cloud acts as a central console for desktop users to quickly launch, manage and update their Adobe apps, such as Photoshop, Acrobat, Illustrator and more. "Adobe recommends users update their product installations to the latest versions using the instructions referenced in the security bulletin."

Integrate your disconnected products and management if you want to survive Webcast In a recent survey, nine out of 10 organisations that suffered a significant security attack were running...

San Francisco, Calif-based Arkose Labs has raised $22 million in a Series B funding round led by the Microsoft venture fund, M12. Existing investors PayPal and USVP participated, bringing the total raised so far to $36.5 million. Arkose Labs provides a fraud detection and prevention platform.

A critical vulnerability patched on Tuesday by Adobe in its Creative Cloud desktop application can be exploited by hackers to delete arbitrary files. Adobe Creative Cloud is a set of applications and services used for video editing, graphic design, photography and web development.

Cybersecurity company Akamai has responded to consumer demand and announced on Tuesday that it was adding new tools to its Enterprise Threat Protector service that allowed customers to send all web traffic to a proxy. Jim Black, product marketing manager for Akamai, explained in a blog post that the new secure web gateway capability would add a new level of security and visibility to the company's security offering while providing something that has historically been difficult to do.