Security News > 2020 > August

Four critical-severity flaws were recently disclosed in the Find My Mobile feature of Samsung Galaxy smartphones, which if exploited could allow attackers to force a factory reset on the phones or spy on users. Researchers have disclosed a slew of critical-severity, patched flaws in flagship Samsung smartphones - including the Galaxy S7, S8 and S9 models.

A survey report published Tuesday by identity management provider Hitachi ID shines a light on the new priorities among IT leaders for 2020. Cited by 89% of those surveyed, cybersecurity is now considered the top priority for the rest of 2020.

vBulletin developers on Monday rushed to address a zero-day remote code execution vulnerability in the forum software, one day after the issue was publicly disclosed. On Sunday, security researcher Amir Etemadieh published information on a new vulnerability in vBulletin, explaining how it can be abused to bypass the patch released in September 2019 for CVE-2019-16759, and also providing proof-of-concept code that demonstrates how easily the flaw can be exploited.

What drives the cyber-crime economy, and how can organizations prevent their data being used as a criminal commodity?

If you have CentOS servers in your data center, you'll want to make sure to patch them against BootHole. I ran two different updates on two different CentOS machines and neither updated the necessary packages.

Vulnerabilities in HDL Automation smart products could be abused to take over user accounts and remotely control devices deployed in homes, commercial buildings or hotels, SentinelOne reports. The issues, SentinelOne researcher Barak Sternberg explained at the DEF CON conference last week, were identified in an HDL automation system that allows users to control various smart devices within residential, commercial and hospitality environments.

Moving employees to a work-from-home model means your security infrastructure has to change quickly. Most organizations prior to COVID-19 were already moving to a cloud adoption, cloud security model, moving their data to the cloud, moving their security to the cloud.

Moving employees to a work-from-home model means your security infrastructure has to change quickly. Some recent breaches highlight the importance of cybersecurity.

Citrix today released patches for multiple new security vulnerabilities affecting its Citrix Endpoint Management, also known as XenMobile, a product made for enterprises to help companies manage and secure their employees' mobile devices remotely. Citrix Endpoint Management offers businesses mobile device management and mobile application management capabilities.

Tens of researchers showcased their work last week at the DEF CON hacking conference. They presented research on hacking phones, cars, satellite communications, traffic lights, smart home devices, printers, and popular software services, among many others.