Security News

In tandem with Tuesday's security update, Adobe starting on Tuesday will also block Flash Player content, weeks after dropping support for Flash. The move means that when users attempt to load a page with Flash Player, the content now will no longer load. "Since Adobe will no longer be supporting Flash Player after December 31, 2020 and Adobe will block Flash content from running in Flash Player beginning January 12, 2021, Adobe strongly recommends all users immediately uninstall Flash Player to help protect their systems," according to Adobe.

The 5G ecosystem is reaching a level of technology maturity much more rapidly than earlier generations, enabling operators to develop network deployment and go to market strategies with mass-market appeal and scalable across evolving B2C, B2B and B2B2X business models. Strategy Analytics' report reviews 5G commercial developments to date and provides recommendations to operators on how to build competitive, differentiated 5G value propositions.

The FBI has announced that Christopher Dobbins pleaded guilty and was sentenced to a year in prison for breaching and temporarily disabling the Stradis Healthcare shipping system using a secret account, after being fired weeks earlier. Last March, as doctors reported having to ration and reuse personal protective equipment to treat COVID-19 patients, Georgia-based Stradis Healthcare, which packages and ships PPE and surgical kits, was eager to step up and help, according to FBI Special Agent Roderick Coffin, who investigated the matter.

Google has fixed two critical bugs affecting its Android handsets. The more serious flaws exists in the Android System component and allow remote attackers to execute arbitrary code.

A team of researchers today unveiled two critical security vulnerabilities in Dell Wyse Thin clients that could have potentially allowed attackers to remotely execute malicious code and access arbitrary files on affected devices. The flaws, which were uncovered by healthcare cybersecurity provider CyberMDX and reported to Dell in June 2020, affects all devices running ThinOS versions 8.6 and below.

Several critical vulnerabilities have been found by researchers in products from PTC-owned industrial automation solutions provider Kepware. The U.S. Cybersecurity and Infrastructure Security Agency last week published two advisories describing vulnerabilities identified in Kepware products.

The US Cybersecurity Infrastructure and Security Agency has warned of critical vulnerabilities in a low-level TCP/IP software library developed by Treck that, if weaponized, could allow remote attackers to run arbitrary commands and mount denial-of-service attacks. The four flaws affect Treck TCP/IP stack version 6.0.1.67 and earlier and were reported to the company by Intel.

Dell on Monday informed customers that updates released for some of its Wyse Thin Client products patch a couple of critical vulnerabilities that can be exploited remotely without authentication to compromise devices. Dell Wyse Thin Client is a small form-factor PC series that runs an operating system named ThinOS, which Dell advertises as "The most secure thin client operating system." According to CyberMDX, there are more than 6,000 organizations using these products, including many healthcare providers, in the U.S. alone.

Dell has patched two critical security vulnerabilities in its Dell Wyse Thin Client Devices, which are small form-factor computers optimized for connecting to a remote desktop. The bugs allow arbitrary code execution and the ability to access files and credentials, researchers said.

Almost a dozen Dell Wyse thin client models are vulnerable to critical issues that could be exploited by a remote attacker to run malicious code and gain access to arbitrary files. It is estimated that more than 6,000 organizations, most of them from the healthcare sector, have deployed Dell Wyse thin clients on their networks.