Security News
Adobe has issued unscheduled patches for two critical vulnerabilities that, if exploited, enable an attacker to execute remote code on targeted devices. The two apps affected by the critical flaws are Adobe After Effects, a visual effects and motion graphics app used for post-production film making and video game production, and Adobe Media Encoder, an application to help with media processing requirements for audio and video.
Adobe today released out-of-band software updates for After Effects and Media Encoder applications that patch a total of two new critical vulnerabilities. The bug in Adobe After Effects, an application for creating motion graphics and special effects used in the video, was discovered by security researcher Matt Powell and reported to Adobe via Trend Micro Zero Day Initiative project.
Adobe today released out-of-band software updates for After Effects and Media Encoder applications that patch a total of two new critical vulnerabilities. The bug in Adobe After Effects, an application for creating motion graphics and special effects used in the video, was discovered by security researcher Matt Powell and reported to Adobe via Trend Micro Zero Day Initiative project.
The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency earlier today issued a warning to all industries operating critical infrastructures about a new ransomware threat that if left unaddressed could have severe consequences. The advisory comes in response to a cyberattack targeting an unnamed natural gas compression facility that employed spear-phishing to deliver ransomware to the company's internal network, encrypting critical data and knocking servers out of operation for almost two days.
The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency earlier today issued a warning to all industries operating critical infrastructures about a new ransomware threat that if left unaddressed could have severe consequences. The advisory comes in response to a cyberattack targeting an unnamed natural gas compression facility that employed spear-phishing to deliver ransomware to the company's internal network, encrypting critical data and knocking servers out of operation for almost two days.
A popular WordPress theme plugin with over 200,000 active installations contains a severe but easy-to-exploit software vulnerability that, if left unpatched, could let unauthenticated remote attackers compromise a wide range of websites and blogs. The vulnerable plugin in question is 'ThemeGrill Demo Importer' that comes with free as well as premium themes sold by the software development company ThemeGrill.
A popular WordPress theme plugin with over 200,000 active installations contains a severe but easy-to-exploit software vulnerability that, if left unpatched, could let unauthenticated remote attackers compromise a wide range of websites and blogs. The vulnerable plugin in question is 'ThemeGrill Demo Importer' that comes with free as well as premium themes sold by the software development company ThemeGrill.
Control Risks, a leading global risk consultancy and Everbridge, the global leader in critical event management, announced the formation of a new strategic alliance. The companies will combine Control Risks' deep operational security risk and all-hazards crisis management expertise with Everbridge's holistic technology platform for correlating risk intelligence to manage the full lifecycle of a critical event - from awareness and assessment to remediation, response and recovery.
A popular WordPress plugin, which helps make websites compliant with the General Data Protection Regulation, has issued fixes for a critical flaw. The plugin, GDPR Cookie Consent, which helps businesses display cookie banners to show that they are compliant with EU's privacy regulation, has more than 700,000 active installations - making it a ripe target for attackers.
One is a big new category that we saw emerging in 2019 was not a true data breach per se, but what we're calling a data exposure, or you may also have heard the term data lake, and that's where some businesses just forgot to put a password on their cloud environments. If you can't keep up with all those passwords, use a password manager.