Security News > 2020 > May

The aim, said the code repo house, is to help developers suss out potential security vulnerabilities ahead of time, and to do so at a scale that will work for both small and large projects. The feature, based on the code-checking tools GitHub bought last year when it gobbled up UK-based Semmle, automatically graphs and scans code when a new push request is made and checks it for a number of common errors that can cause security vulnerabilities.

With the new 5.0 version of Zoom, the app has added features to help you protect your virtual meetings from Zoombombing and other unwanted intrusion.

With the IT world turned upside-down for many organisations, it's a good time to talk network security. Because while it's something we all need more than ever, there's almost always a gap between demand and budget, or between need and the ability to service that need.

Since February, spam exploiting the novel coronavirus has jumped by 4,300% and 14,000% in the past 14 days, according to IBM X-Force, IBM's threat intelligence group.

A study from Kaspersky also reveals significant changes in the ways people work since COVID-19. Slightly over half of employees admit to watching adult content on devices they use for work from home, a move that could be introducing security risks, according to newly released data from Kaspersky.

GitHub on Wednesday announced two new security features designed to help developers identify vulnerabilities and potential secrets in their code. These new security features, code scanning and secret scanning, are currently in beta.

Malicious campaigns are using password spraying as a type of brute-force attack to find weak passwords at healthcare and medical facilities. Specific attacks against healthcare providers detected by security agencies in the UK and US are using password spraying to compromise accounts with weak passwords.

Microsoft has launched a bug-bounty program for its Azure Sphere offering, which is a security suite for the internet of things that encompasses hardware, OS and cloud elements. Microsoft is offering various resources to program participants, including the Azure Sphere development kit; product documentation; direct communication channels with the Microsoft team; and other Microsoft products and services if needed.

If your organization is one of the many adjusting to the new "Normal" of a virtual workforce, you understand the challenges that come with helping employees, contractors, gig workers and others in the workforce make the transition to working remotely. As you work to reduce adverse impacts on your workforce, don't overlook the impact on the people who are making it all possible for everybody else: your IT and helpdesk teams.

Firefox just published its latest now-every-fourth-Tuesday release, bringing numerous security fixes, including three denoted critical. CVE-2020-12395: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8.