Security News

VMware has revealed and repaired the flaws in its hypervisor discovered at China's Tianfu Cup white hat hacking competition. The bug needs patching in ESXi from version 6.5, VMware's Fusion and Workstation desktop hypervisors from versions 11 and 15 respectively, plus VMware Cloud Foundation from version 3.

Broadcom's security subsidiary Symantec has named a China-linked hacking gang known as "APT 10" and "Cicada" as the probable source of a year-long attack on Japanese interests around the world. Symantec's analysis of the campaign detailed how APT 10 used custom malware named Backdoor.

The government of Finland said Thursday it was preparing legislation that would allow citizens to change their personal identity codes in cases of gross data breaches that carry a high risk of identity theft. The government's fast-tracked proposal was designed primarily to assist thousands of people whose personal information was stolen during a hacking of patient records at a private Finnish psychotherapy center.

Mozilla and Google have already patched the critical Firefox and Chrome vulnerabilities exploited recently by white hat hackers at a competition in China. The flaw was fixed with the release of Firefox 82.0.3, Firefox ESR 78.4.1 and Thunderbird 78.4.2 just a couple of days after it was disclosed at the 2020 Tianfu Cup International PWN Contest, which took place over the past weekend in China.

After suffering a data breach in September, a threat actor is selling a RedDoorz database containing 5.8 million user records on a hacker forum. 5.8 million RedDoorz user records sold online.

Bug bounty hunters have earned a total of more than $1.2 million over the weekend at the 2020 Tianfu Cup International PWN Contest, a major hacking competition that takes place every year in China. The winner was a team representing Chinese cybersecurity firm Qihoo 360, which earned over $740,000.

In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. In it, he noted [PDF] that in three years, the optimal cost per component on a chip had dropped by a factor of 10, while the optimal number had increased by the same factor, from 10 to 100.

Starting on Friday, US high school students can register to participate in CyberStart America, an online puzzle-solving game designed to identify cybersecurity talent and qualify participants for an opportunity to compete in the National Cyber Scholarship Competition next year. The CyberStart America program, sponsored by the National Cyber Scholarship Foundation, aims to find students with an affinity for security-oriented challenges in the hope of steering them toward careers defending US organizations.

The virtual edition of the HITBCyberWeek 2020 security conference starts on November 15. Simultaneously, those in search for specific cyber security knowledge and effective exercises can opt for one of the virtual trainings that have been scheduled to take place.

In a joint statement, the U.S. government is warning the healthcare industry that a hacking group is actively targeting hospitals and healthcare providers in Ryuk ransomware attacks. On this call, the U.S. government warned healthcare providers that Ryuk ransomware is actively targeting the healthcare industry and that proper steps should be taken to secure their systems.