Security News > 2021 > January
Windows 10X is a new streamlined version of Windows designed for security and performance that Microsoft announced in 2019 and plans to launch in Spring 2021 on a new range of devices. In addition to a new user interface, Windows 10X also comes with a new feature called "Anti-theft protection," a measure designed to prevent thieves from wiping and re-using stolen devices.
Dnsmasq vulnerabilities open networking devices, Linux distros to DNS cache poisoningSeven vulnerabilities affecting Dnsmasq, a caching DNS and DHCP server used in a variety of networking devices and Linux distributions, could be leveraged to mount DNS cache poisoning attack and/or to compromise vulnerable devices. Vulnerability management isn't working for cloud security: Here's how to do it rightThree things in life are seemingly guaranteed: death, taxes and high-profile cloud security breaches.
The computer chipmaker Intel Corp. on Friday blamed an internal error for a data leak that prompted it to release a quarterly earnings report early. The company's chief financial officer, George Davis, had earlier told The Financial Times that Intel published its earnings ahead of the stock market's close on Thursday because it believed a hacker stole financially sensitive information from the site.
Cybersecurity researchers have warned of a publicly available fully-functional exploit that could be used to target SAP enterprise software. The exploit leverages a vulnerability, tracked as CVE-2020-6207, that stems from a missing authentication check in SAP Solution Manager version 7.2.
SonicWall is a well-known manufacturer of hardware firewall devices, VPN gateways, and network security solutions whose products are commonly used in SMB/SME and large enterprise organizations. On Friday night, SonicWall released an 'urgent advisory' stating that hackers used a zero-day vulnerability in their Secure Mobile Access VPN device and its NetExtender VPN client in a "Sophisticated" attack on their internal systems.
The Russian government has issued a security warning to organizations in Russia about possible retaliatory cyberattacks by the USA for the SolarWinds breach. The US government believes that this attack was conducted by a Russian state-sponsored hacking group whose goal was to steal cloud data such as email and files from high profile US corporations and government agencies.
SonicWall is a well-known manufacturer of hardware firewall devices, VPN gateways, and network security solutions whose products are commonly used in SMB/SME and large enterprise organizations. On Friday night, SonicWall released an 'urgent advisory' stating that hackers used a zero-day vulnerability in their Secure Mobile Access VPN device and its NetExtender VPN client in a "Sophisticated" attack on their internal systems.
UPDATE] Cybersecurity firm SonicWall said late on Friday that some of its internal systems were targeted by "Highly sophisticated threat actors" exploiting what appear to be zero-day vulnerabilities affecting some of the company's products. The SMA 100 Series product remains under investigation, SonicWall said.
One-time ADT security engineer Telesforo Aviles, 35, pleaded guilty to computer fraud in the US after spying on women through their home surveillance cameras. As we reported last year, Aviles added himself as an admin user, using his personal email address, to the accounts of customers' home security systems, giving him full access to every part of their lives.
If you were logged out of Facebook tonight, you are not alone. Facebook states that users were logged out of the social site due to a "Configuration change."