Security News

Cisco this week released security patches to address several vulnerabilities in its products, including a critical severity bug in its Unified Contact Center Express software. The issue, Cisco explains in an advisory, exists because of the software's insecure deserialization of user supplied content.

Adobe just published a foursome of very tight-lipped security notifications about new patches. The bulletin APSB20-26 actually came out last week, on Patch Tuesday, leaving a gap at -25, suggesting that at least the patch in bulletin APSB20-15 was prepared in time for Patch Tuesday but didn't make the final cut, perhaps to give it time for additional testing or tweaking.

Cisco has hurried out a fix out for a critical remote code-execution flaw in its customer interaction management solution, Cisco Unified Contact Center Express. Cisco's Unified CCX software is touted as a "Contact center in a box" that allows companies to deploy customer-care applications.

The research investigated the cyber resilience of organizations operating in the energy, finance, health, telecommunications, transport and water industries, located in the world's five largest economies: UK, US, Germany, France and Japan. Of the 370 companies surveyed, only 36 percent had achieved a high level of cyber resilience.

Adobe has issued an out-of-band patch for a critical flaw in Adobe Character Animator, its application for creating live motion-capture animation videos. Users are urged to update to version 3.3 for Windows and macOS. While the flaw is critical, the security bulletin is a Priority 3 update, which according to Adobe resolves vulnerabilities in a product that has historically not been a target for attackers.

According to a 2019 survey of cybersecurity professionals, these critical data defenders were burned out. As companies hurdle toward digital transformation, automation, cloud computing, brand reputation, and strategic investments are falling on CISOs' plate.

The latest U.S. sanctions on tech giant Huawei threaten to devastate the company and escalate a feud with China that could disrupt technology industries worldwide. Huawei Technologies Ltd. is one of the biggest makers of smartphones and network equipment, but that $123 billion-a-year business is in jeopardy after Washington announced further restrictions on use of American technology by foreign companies that make its processor chips.

Nutanix, a leader in enterprise cloud computing, announced several new capabilities in its hyperconverged infrastructure software and AHV hypervisor to protect business-critical applications and maintain continuous business operations in the face of a possible disaster. The new capabilities in Nutanix HCI and AHV help enable customers to confidently deliver mission-critical applications with significantly less complexity and lower management overhead. "Maintaining continuous business operations is a high priority for all types of companies and organizations," said Greg Smith, VP of Product Marketing at Nutanix.

SAP's May 2020 Security Patch Day updates, which the company released on Tuesday, include a total of 18 Security Notes and 4 updates to previous Notes, with six of them rated Hot News. This month, SAP released another update to a Hot News Security Note released in April 2018, which includes security patches for Chromium browser controls in Business Client.

Adobe has fixed 16 critical flaws across its Acrobat and Reader applications and its Adobe Digital Negative Software Development Kit. Those include 24 critical- and important-severity flaws in its Acrobat and Reader application, used for creating and managing PDF files, and 12 in its Adobe DNG Software Development Kit, which provides support for reading and writing DNG files used for digital photography.