Security News > 2020 > October

Jack Wallen walks you through the process of installing an identity and authorization platform on CentOS 8. FreeIPA is an open source identity and authorization platform that provides centralized authorization for Linux, macOS, and Windows.

A data breach at a North Carolina community college may have affected many of its current and former students. The Greensboro News & Records reported Tuesday that Guilford Technical Community College was hit with a ransomware cyberattack in mid-September.

Ryuk ransomware is being aggressively deployed to target US healthcare institutions, government cyber organisations in the US have warned. The caution comes as US hospitals faced an unusually high level of malware and ransomware attacks in spite of promises from criminals earlier this year that they would avoid targeting medical institutions.

Upcoming changes to how Windows 10 automatically installs driver updates may cause plug-and-play to break for some devices. Windows Update is also used to deliver automatic drivers to allow hardware developers to quickly deploy fixes to Windows 10 users encountering bugs in an existing driver.

Upcoming changes to how Windows 10 automatically installs driver updates may cause plug-and-play to break for some devices. Windows Update is also used to deliver automatic drivers to allow hardware developers to quickly deploy fixes to Windows 10 users encountering bugs in an existing driver.

If you think cybercriminals and hackers are without a shred of empathy or human understanding, you'd be wrong. How can you turn the tables? Step one is to start thinking the way they do, and that's what we'll be showing you how to do in our webcast How I'd Attack You, on November 18 at 0900 PT. Our ever sympatico broadcast supremo Tim Phillips will be joined by Darktrace's Dan Fein and Mariana Pereira to discuss how they'd put together an attack in 2020, and how working through that same thought process can bolster your own defenses.

The Business Email Compromise is a particular type of phishing attack in which cybercriminals impersonate a trusted contact or other party, either internal or external. During the third quarter of 2020, the median number of BEC attacks received per company each week rose by 15% from the second quarter, according to the report.

Microsoft today warned that threat actors are continuing to actively exploit systems unpatched against the ZeroLogon privilege escalation vulnerability in the Netlogon Remote Protocol. Zerologon is a critical flaw that enables attackers to elevate privileges to a domain admin, thus allowing them to take full control over the entire domain, to change any user's password, and to execute any arbitrary command.

US Cyber Command today shared information on malware implants used by Russian hacking groups in attacks targeting multiple ministries of foreign affairs, national parliaments, and embassies. The malware samples were identified by US Cyber Command's Cyber National Mission Force unit and the Cybersecurity and Infrastructure Security Agency and uploaded today to the Virus Total online virus scan platform.

Microsoft this week announced the availability of a new vulnerability management report in Microsoft Defender, to provide information on vulnerable devices. The new built-in report complements existing Microsoft Defender for Endpoint threat and vulnerability management capabilities and is catered for those looking to gain insights on devices that pose potential risks due to unpatched vulnerabilities.