Security News > 2020 > July

Adobe today released software updates to patch a total of 13 new security vulnerabilities affecting 5 of its widely used applications. According to the advisory, the other three important flaws in this Adobe software are privilege escalation issues.

Adobe today released software updates to patch a total of 13 new security vulnerabilities affecting 5 of its widely used applications. According to the advisory, the other three important flaws in this Adobe software are privilege escalation issues.

Network detection and response solutions enable organizations to improve their threat response, they help protect against a variety of threats, and also provide visibility into what is actually on the network. To select an appropriate network detection and response solution for your business, you need to think about a variety of factors.

Every time ransomware moves out of the news cycle, someone will ask whether cybercriminals have moved on to other, perhaps more lucrative, activities. In contrast to Ransomware 1.0, big-game ransomware attacks are well planned, targeted and have a greater chance of earning the perpetrators money.

Mozilla is the latest browser maker to have announced updated policies that would reduce the lifetime of TLS certificates. Currently, SSL/TLS certificates have a maximum lifespan of 825 days in an attempt to ensure better protection of HTTPS connections, browser makers such as Apple, Google and Mozilla are looking into reducing that period to 398 days.

Video conference users should not post screen images of Zoom and other video conference sessions on social media, according to Ben-Gurion University of the Negev researchers, who easily identified people from public screenshots of video meetings on Zoom, Microsoft Teams and Google Meet. While there have been many privacy issues associated with video conferencing, the BGU researchers looked at what types of information they could extract from video collage images that were posted online or via social media.

These tools can help people complete their jobs but are fraught with security challenges. Frost & Sullivan examined how threats and attacks exist around employees' external systems and devices, and found that multi-factor authentication can be easily leveraged by IT departments.

Hackers infiltrated Collabera, siphoned off at least some employees' personal information, and infected the US-based IT consultancy giant's systems with ransomware. Collabera identified malware in its network system consistent with a ransomware attack.

The Russian hacker accused of raiding LinkedIn, Dropbox and Formspring, and obtaining data on 213 million user accounts, has been found guilty. The jury reckoned Nikulin probably swiped the LinkedIn account details, all 117 million of them, for commercial gain, though they didn't think greed played a role in his theft of 28 million account records from Formspring and 68 million from Dropbox.

Aureus has integrated its Anvesa 3.0 solution with Microsoft Azure and Azure AI to leverage key artificial intelligence and machine learning capabilities to power new tools for legal professionals in their digital journey. The updated Anvesa 3.0- set to launch July 15, 2020- now provides unsupervised machine learning and keyword extraction, features that vastly increase the speed with which law firms can review large documents and document troves.