Security News > 2020 > March

Microsoft is warning of critical zero-day flaws in its Windows operating system that could enable remote code execution. "Microsoft is aware of limited targeted attacks that could leverage unpatched vulnerabilities in the Adobe Type Manager Library, and is providing the following guidance to help reduce customer risk until the security update is released," according to a Monday Microsoft security advisory.

The latest ransomware campaigns are targeting businesses and their remote workers through such methods as phishing emails and vulnerabilities in Microsoft's Remote Desktop Protocol. There are ways to strengthen your defense against these ransomware attacks, as described by Beazley Breach Response Services.

An IT colleague has advised that a video comes out tomorrow from WhatsApp called martinelli do not open it , it hacks your phone and nothing will fix it. If you receive a message to update the WhatsApp to WhatsApp Gold, do not click!!!!!

The latest malicious COVID-19 campaigns are repurposing conventional phishing emails with a coronavirus angle, says security trainer KnowBe4. With the coronavirus upper most in our minds, bad actors have been deploying different waves of COVID-19 phishing emails, each with its own unique approach, according to KnowBe4.

Hackers could have caused a Tesla Model 3's central touchscreen to become unusable simply by getting the targeted user to visit a specially crafted website. A researcher who uses the online moniker Nullze discovered that the Tesla Model 3's web interface is affected by a denial-of-service vulnerability.

One of the vulnerabilities that researchers from the University of York discovered in widely-used password managers could have resulted in malicious apps stealing users' credentials. Password managers are encrypted vaults employed to store credentials and other sensitive information, and they allow the use of strong, unique credentials for each of the applications and online services an individual uses.

University of Utah Health revealed last week that it discovered unauthorized access to some employee email accounts, along with a malware infection on one of its workstations. "From January 22 to February 27, 2020, we became aware that there was unauthorized access to some employees' email accounts. This unauthorized access occurred between January 7 and February 21, 2020," the hospital reveals.

The Department of Justice has raised its first federal court action against online fraud relating to the coronavirus pandemic, on Sunday taking steps to shutter a fraudulent website that claimed to give away free coronavirus vaccines. The website was live as of March 21, according to the DoJ; but as of Monday, the website is currently down.

The Department of Justice has raised its first federal court action against online fraud relating to the coronavirus pandemic, on Sunday taking steps to shutter a fraudulent website that claimed to give away free coronavirus vaccines. The website was live as of March 21, according to the DoJ; but as of Monday, the website is currently down.

Some cyber security jobs require specific technical skill sets while other roles require leadership skills, strategic thinking, and the capacity to communicate technical details to executives and corporate boards. Vishal Salvi, chief information security officer at Infosys, said that security leaders will need a higher level of trust and support from corporate leadership than in the past.