Security News > 2020 > October

Dr. David Brumley, Carnegie Mellon University professor and CEO of ForAllSecure, explains what fuzzing, or fuss testing, is and how you can use it to improve application security and speed up your...

Popular U.S. smoked-meat franchise Dickey's Barbecue Pit has been hit with a data breach, with cybercriminals posting the fat cap of the compromised data - 3 million payment cards - on the popular Joker's Stash underground marketplace this week. "We are utilizing the experience of third parties who have helped other restaurants address similar issues and also working with the FBI and payment card networks. We understand that payment card network rules generally provide that individuals who timely report unauthorized charges to the bank that issued their card are not responsible for those charges."

ThunderX has changed its name to Ranzy Locker and launched a data leak site where they shame victims who do not pay the ransom. The ransomware operators quickly fixed their bugs and released a new version of the ransomware under Ranzy Locker name.

In this episode, we investigate a smartwatch for kids with a creepy set of functions, discuss Microsoft's short-lived takedown of Trickbot, explain how to avoid the Windows "Ping of Death" bug, and find the source of mysterious beeping from every computer in the office. WHERE TO FIND THE PODCAST ONLINE. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher, Overcast and anywhere that good podcasts are found.

Microsoft has released two out-of-band security updates designed to address remote code execution bugs found to affect the Microsoft Windows Codecs Library and Visual Studio Code. Microsoft patched two similar RCE bugs in June, leading to user confusion because of the ways the security updates were being delivered - via the Microsoft Store instead of the normal Windows Update channel.

Juniper Networks informed customers this week that it has patched tens of vulnerabilities, including serious issues that can be exploited to take control of affected systems. Juniper Networks has published 40 security advisories describing vulnerabilities in its Junos OS operating system, which powers the company's firewalls, and various third-party components.

Both firms know their users better than those users know themselves; observing trillions of interactions with digital intellects vast, cool and unsympathetic, applying these observations to build a predictive model used to direct and shape "Engagement". From fifty-plus years of anti-smoking efforts, we know that getting people to stop using something that they know is bad for them won't be easy.

NCSC, the cybersecurity arm of the UK's GCHQ intelligence service, urges organizations to make sure that all Microsoft SharePoint products in their environments are patched against CVE-2020-16952 to block takeover attempts. The server-side include vulnerability was reported by information security specialist Steven Seeley of Qihoo 360 Vulcan Team who found that it affects Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Foundation 2013 Service Pack 1, and Microsoft SharePoint Server 2019.

Some are common to most cmdlets, others are unique to a specific cmdlet or branch of cmdlets. The -ComputerName argument is available to many cmdlets and can be used to target a specific device when managing processes remotely.

Millions of Barnes & Noble customers received a worrying email around 1 am on Thursday morning notifying them that the company suffered from a cyberattack on Oct. 10, which brought down its Nook services and led to the "Unauthorized access" to "Certain Barnes & Noble corporate systems." Reports of problems with the Barnes & Noble system started to emerge on Saturday, when GoodEReader reported outages with Nook e-readers as well as the Nook apps for iOS and Android.