Security News

Netgear has released a swathe of security and firmware updates for its JGS516PE Ethernet switch after researchers from NCC Group discovered 15 vulnerabilities in the device - including an unauthenticated remote code execution flaw. The switch is vulnerable to nine high-severity vulns and a further five medium-rated ones, said NCC Group IT security consultant Manuel Ginés Rodriquez in a damning blog post about his findings.

Internet Security Research Group nonprofit Let's Encrypt has massively upgraded its certification hardware and software so that it can delete and reissue all its certs in less than 24 hours. Last April the certificate authority was forced to kill three million HTTPS certs after a bug was found in its automated certificate management environment, about 2.6 per cent of its 150 million live certificate base.

The CV90 is a family of tracked combat vehicles first developed in the 1980s to cope with the extreme Nordic environments. Built around Clavister's cOS core platform - the company's internally developed operating software - the firewall solution has been augmented based on NATO and BAE Systems requirements.

Dense Air, the neutral host operator of the connected 5G testbed at Millbrook originally created by the DCMS 5G testbed and trials project AutoAir, has announced a major upgrade of the hyper dense, high performance 4G and 5G network. The network will be one of the first, and the largest standalone 5G neutral host network's in Europe.

Microsoft has released a new cumulative update for Windows 10 20H2 that fixes a bug preventing users from performing in-place upgrades with the Microsoft Media Creation Tool. An in-place upgrade is when you reinstall Windows 10 with files downloaded from Microsoft's servers without deleting existing apps or files.

After upgrading to the Windows 10 October 2020 update, a bug is not allowing users to perform in-place upgrades using the Microsoft Media Creation Tool. As Windows Latest reported, since the Windows 10 October 2020 Update release, users are no longer able to select the choice to keep their data, which effectively breaks in-place upgrades.

Applications Software Technology announced the version 3.0 release of AST's automated Testing-as-a-Service, powered by the unique and proprietary AST Autonomous Cloud Tester tool. The latest series of enhancements enables organizations to further accelerate their release, patch, and upgrade test cycles across the full breadth of Oracle Cloud applications.

Microsoft has improved password spray detection in Azure Active Directory by doubling the number of compromised accounts it detects using a new machine learning system. Microsoft built a heuristic engine focused on detecting password spray attack, which helped the company to spot and alert tenants of hundreds of thousands of attacks each month.

Emotet switched to a new template this week that pretends to be a Microsoft Office message stating that Microsoft Word needs to be updated to add a new feature. Emotet is a malware infection that spreads through emails containing Word documents with malicious macros.

Emotet switched to a new template this week that pretends to be a Microsoft Office message stating that Microsoft Word needs to be updated to add a new feature. Emotet is a malware infection that spreads through emails containing Word documents with malicious macros.