Security News > 2020 > October
Threat actors have started to hunt for servers running Oracle WebLogic instances vulnerable to a critical flaw that allows taking control of the system with little effort and no authentication. Oracle fixed the vulnerability in this month's release of Critical Patch Update, crediting security researcher Voidfyoo of Chaitin Security Research Lab for finding and reporting it.
Threat actors have started to hunt for servers running Oracle WebLogic instances vulnerable to a critical flaw that allows taking control of the system with little effort and no authentication. Oracle fixed the vulnerability in this month's release of Critical Patch Update, crediting security researcher Voidfyoo of Chaitin Security Research Lab for finding and reporting it.
In a joint statement, the U.S. government is warning the healthcare industry that a hacking group is actively targeting hospitals and healthcare providers in Ryuk ransomware attacks. On this call, the U.S. government warned healthcare providers that Ryuk ransomware is actively targeting the healthcare industry and that proper steps should be taken to secure their systems.
French services outfit Atos has been ordered to pay $855m for pinching a rival's trade secrets. The source of the case is Syntel, an automation outfit that Atos acquired for $3.4bn back in 2018.
Cyber-criminals never sleep, so neither should your customers' security teams or your own managed service operations. The security vendor's revamped License Management Portal is designed to streamline license ordering, management and reporting, leaving you with more time to actually look after your customers and their security needs.
While crowdsourced security has evolved as an alternative to penetration testing in the past 10 years, it's not based on automation but simply throwing more humans at a problem. Tools that can be used to automate penetration testing under certain conditions have surfaced - but can they replace human penetration testers?
Connected devices are becoming more ingrained in our daily lives and the burgeoning IoT market is expected to grow to 41.6 billion devices by 2025. The bill focuses on increasing the security of federal devices with standards provided by the National Institute of Standards and Technology, which will cover devices from development to the final product.
The tactics associated with surveillance capitalism - the commodification of personal data for profit as mastered by companies like Google and Facebook - have followed the same path. The race between competing political campaigns to out-collect, out-analyze and out-leverage voter data has raised concerns about the damaging effects it has on privacy and democratic participation, but also about the fact that all of this data, if seized by adversarial nation-states, opens up opportunities for affecting an election and sowing electoral chaos.
An alert released by the United States this week provides information on Kimsuky, a threat actor focused on gathering intelligence on behalf of the North Korean government. The malicious cyber activity associated with the North Korean government is typically referred to as HIDDEN COBRA by the United States.
Corporate WANs are failing to deliver on businesses' priorities, with 55% of respondents citing security is the biggest pain point, 43% service flexibility, 36% supplier performance, and 35% network congestion, according to a survey from Telia Carrier. The research was conducted in four of the world's biggest markets - the US, the UK, Germany and France - and provides insights into the evolution of the corporate WAN and cloud adoption from the top of business.