Security News > 2020 > November

Intel addressed 95 vulnerabilities as part of the November 2020 Patch Tuesday, including critical ones affecting Intel Wireless Bluetooth products and Intel Active Management Technology. The issues were detailed in the 40 security advisories published by Intel on its Product Security Center, with the company having delivered security and functional updates to users through the Intel Platform Update process.

Fans of the popular Minecraft video game are in the crosshairs of cybercriminals, who have loaded up Google Play with scam apps bent on fleecing players out of cash. According to researchers, the mobile apps for Android fool users into spending hundreds of dollars per month, by offering skins, wallpapers and game mods for Minecraft and other games at super-premium prices.

The former head of the National Cyber Security Centre has warned that some British government figures have a "Profound lack of understanding" of cyberspace, online warfare and information security. Ciaran Martin, who stepped down as NCSC chief earlier this year, also cautioned policymakers against seeing the online world as a place for warfare, saying: "We militarise the internet at our peril."

It's hard to be sure that the student isn't cheating, maybe by having reference materials at hand, or maybe by substituting someone else to take the exam for them. The remote proctoring industry offers a range of services, from basic video links that allow another human to observe students as they take exams to algorithmic tools that use artificial intelligence to detect cheating.

The source code for the widely-used Cobalt Strike post-exploitation toolkit has allegedly been leaked online in a GitHub repository. Twelve days ago, a repository was created on GitHub that contains what appears to be the source code for Cobalt Strike 4.0.

A high-severity flaw in Cisco's IOS XR software could allow unauthenticated, remote attackers to cripple Cisco Aggregation Services Routers. The flaw stems from Cisco IOS XR, a train of Cisco Systems' widely deployed Internetworking Operating System.

Microsoft has announced today that Windows 10 customers with devices running the latest Insider build can launch and interact with multiple Android apps directly on their computers' desktops. Support for streaming and using Android apps on Windows 10 from supported Samsung devices was announced by Microsoft in August.

Enterprise cybersecurity solutions provider SentinelOne on Wednesday announced raising $267 million in an oversubscribed Series F funding round that brings the total raised by the company to $696.5 million. The company achieved "Unicorn" status - its value exceeded $1 billion - earlier this year when it raised $200 million in a Series E round.

GitHub security researcher Kevin Backhouse found bugs in Ubuntu 20.04 which enabled any desktop user to get root access. Backhouse discovered two separate issues, one by accident, which together enable the privilege escalation.

A platform used by healthcare workers in the Philippines designed to share data about COVID-19 cases contained multiple flaws that exposed healthcare worker data and could potentially could have leaked patient data. The Citizen Lab's report is the latest example of how the COVID-19 pandemic has spurred a host of security problems for the healthcare sector to deal with - including securing data and ransomware attacks.