Security News

Checkmarx SCA: New SaaS-based software composition analysis solution. Zyxel launches USG FLEX series of mid-range firewalls for SMBs. Zyxel's new USG FLEX 100, USG FLEX 200 and USG FLEX 500 firewalls feature upgraded hardware and software power that level up SMB security with up to 125 percent of firewall performance and up to an additional 500 percent Unified Threat Management performance.

Not only can malicious people make airliners climb and dive without pilot input - they can also control where and when they do so, research from Pen Test Partners has found. TCAS spoofing, the practice of fooling collision detection systems aboard airliners, can be controlled to precisely determine whether an airliner fitted with TCAS climbs or descends - and even to produce climb rates of up to 3,000ft/min.

Is the future of information security and tech conferences virtual?While RSA Conference USA - the largest information security conference in the world - managed to take place mere weeks before the World Health Organization declared COVID-19 a pandemic, European countries started closing borders and airlines started suspending routes and grounding planes, most infosec and tech events scheduled to take place after it were doomed. Understanding the basics of API securityThis is the first of a series of articles that introduces and explains application programming interfaces security threats, challenges, and solutions for participants in software development, operations, and protection.

The latest version of Guardicore Infection Monkey now maps its actions to the MITRE ATT&CK knowledge base, providing a new report with the utilized techniques and recommended mitigations, to help security and network infrastructure teams simulate APT attacks and mitigate real attack paths intelligently. Datadog Security Monitoring: Detect threats in real time, investigate security alerts.

A vulnerability existed in Microsoft's Slack for Suits tool, Teams, that could have let a remote attacker take over accounts by simply sending a malicious GIF, infosec researchers claim. The rest of the Teams vuln was patched last Monday, 20 April.

Sophos XG Firewall hacked in the wild - hotfix available. Sophos has rushed out a hotfix for its XG Firewall products to close an SQL injection vulnerability - after hackers were spotted exploiting the hole in the wild.

Trustwave Security Colony delivers resources, playbooks and expertise to bolster security posture. Trustwave Security Colony is based on thousands of hours of actual consulting projects helping organizations implement new information security programs and heightening levels of security maturity.

Security standards for defence contractors have been lowered thanks to the coronavirus outbreak, Britain's Ministry of Defence has told its suppliers. In an Industry Security Notice published to an obscure corner of GOV.UK, the ministry said it is suspending the need for its suppliers to have the Cyber Essentials Plus security certification.

Corsa Security Orchestrator offers a single-pane-of-glass view, enabling network security professionals to quickly and easily add more firewall capacity as their traffic inspection needs grow, without having to configure multiple elements. Advanced Security for Zoom ensures the organization has secure video conferencing and collaboration, free from Zoombombing and other security issues.

In what was surely a very serious piece of research and not just an excuse to set stuff ablaze, the team at the aptly-named CoalFire have demonstrated how a 3D printer could be tricked into bursting into flames remotely. By hijacking the firmware update process of a 3D printer called the Flashforge Finder, a miscreant could potentially flash the machine's software to remove its temperature constraints.