Security News

CISA Issues Advisory for High-Severity Vulnerabilities in Fuji Electric HMI Products
2021-01-27 18:24

The U.S. Cybersecurity and Infrastructure Security Agency this week released an advisory to inform industrial organizations that some SCADA/HMI products made by Japanese electrical equipment company Fuji Electric are affected by potentially serious vulnerabilities. The vulnerabilities, reported to Fuji Electric by various researchers through Trend Micro's Zero Day Initiative and CISA, have been described as buffer overflow, out-of-bounds read/write and uninitialized pointer issues that can be exploited for arbitrary code execution.

SolarWinds releases updated advisory for new SUPERNOVA malware
2020-12-26 09:50

SolarWinds has released an updated advisory for the additional SuperNova malware discovered to have been distributed through the company's network management platform. After analyzing the SolarWinds breach, both Palo Alto Networks Unit 42 and Microsoft reported on an additional malware named SuperNova distributed using the App Web logoimagehandler.

CISA Issues ICS Advisory for New Vulnerabilities in Treck TCP/IP Stack
2020-12-22 13:47

Security updates available for the Treck TCP/IP stack address two critical vulnerabilities leading to remote code execution or denial-of-service. A low-level TCP/IP software library, the Treck TCP/IP stack is specifically designed for embedded systems, featuring small critical sections and a small code footprint.

Kudelski Security expands research and advisory services focusing on quantum security
2020-12-07 01:45

Kudelski Security announced the launch of a new focus on quantum security, including expanded research and advisory services that enable security leaders and product and system developers to align their long-term approach to risk and data protection to the era of quantum computing. The global quantum practice for Kudelski Security is led by Dr. Tommaso Gagliardoni, who brings extensive expertise in academic and applied research in the fields of cryptography, quantum computing, and advanced mathematics.

Cymatic names Stuart McClure to its advisory board
2020-10-28 23:30

Cymatic announced that Stuart McClure, founder and former chief executive of AI security firm Cylance, has been named to the Cymatic advisory board. Stuart's security and technology expertise will provide Cymatic with technical guidance and market leadership to ensure the success and relevance of its all-in-one client-side WAF CymaticONE + VADR. Stuart is widely recognized for his achievements in applying machine learning and artificial intelligence to endpoint protection and defense.

QNAP Issues Advisory on Zerologon Vulnerability
2020-10-22 10:51

Storage solutions provider QNAP this week published an advisory to warn customers that certain versions of QTS, the operating system for its network-attached storage devices, are affected by the Zerologon vulnerability. "If exploited, this elevation of privilege vulnerability allows remote attackers to bypass security measures via a compromised QTS device on the network. The NAS may be exposed to this vulnerability if users have configured the device as a domain controller in Control Panel > Network & File Services > Win/Mac/NFS > Microsoft Networking," the company explains.

NSA Advisory on Chinese Government Hacking
2020-10-21 14:21

The NSA released an advisory listing the top twenty-five known vulnerabilities currently being exploited by Chinese nation-state attackers. This advisory provides Common Vulnerabilities and Exposures known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks.

Wickr launches Federal Advisory Board to provide strategic guidance on the company’s federal strategy
2020-10-20 22:15

Wickr announced the launch of its Federal Advisory Board to provide strategic guidance on the company's federal strategy to connect end users with secure collaboration for mission-critical needs. The Federal Advisory Board will be vital in supporting Wickr's federal strategy, capitalizing on its recent growth - including a multi-million-dollar contract award with the Air Force special operations community - by providing external guidance, expertise and strategy on how to bring the world's most secure collaboration tool to federal departments.

LexisNexis Risk Solutions’ Michael Breslin joins U.S. Cyber Investigations Advisory Board
2020-10-14 22:45

Michael Breslin, Strategic Client Relations director for Federal Law Enforcement at LexisNexis Risk Solutions, has been selected by the U.S. Secret Service from a small group of private sector executives, government officials and academic experts to advise the agency's investigations team on how it can better use technology to get ahead of criminals. The newly formed 16-member Cyber Investigations Advisory Board will provide the Secret Service's Office of Investigations with outside strategic input for the agency's investigative mission, including insights on the latest trends in cybercrime, financial crime, technology, and investigative techniques.

Bugcrowd adds two industry executives to advisory board
2020-09-09 23:15

Bugcrowd announced the addition of two board advisory members, Norma Lane, chief human resources officer and executive vice president of people and places at Infoblox, and Dave Gerry, chief revenue officer and head of global operations at WhiteHat Security, a wholly-owned, independent subsidiary of NTT. Both advisors bring a broad set of operational, technical and business management expertise, providing an immediate impact to Bugcrowd as it expands its global workforce and continues to evolve its cybersecurity platform. Lane and Gerry join an advisory board composed of a deep bench of technology and cybersecurity executives.