Firefox 91 delivers new security and privacy options
Released on August 10, Firefox 91 delivers HTTPS by Default in Private Browsing mode and an enhanced cookie clearing option. Increased security with HTTPS by Default HTTP over …
Zeljka Zorz
Allstar app helps enforce security best practices for GitHub projects
Google and the Open Source Security Foundation (OpenSSF) have released Allstar, an app that allows organizations / owners of GitHub repositories to set up security policy …
Microsoft patches actively exploited zero-day (CVE-2021-36948), more Print Spooler flaws
Microsoft’s August 2021 Patch Tuesday is pretty lightweight, through it covers a wide variety of Microsoft solutions. 44 CVE-numbered security holes have been plugged, …
Adobe fixes security holes in Magento, most of which are critical
Adobe has released security updates to address vulnerabilities in Magento and Adobe Connect. Magento August 2021 security updates Magento is a popular open-source e-commerce …
The challenges healthcare CISOs face in an evolving threat landscape
Organizations in the healthcare sector – and especially those engaged in delivering healthcare services – have always been juicy targets for cyber attackers. But …
Patch bypass flaw in Pulse Secure VPNs can lead to total compromise (CVE-2021-22937)
The patch for a vulnerability (CVE-2020-8260) in Pulse Connect Secure VPN devices that attackers have been exploiting in the wild can be bypassed, security researcher Rich …
Vulnerable TCP/IP stack is used by almost 200 device vendors
Researchers have discovered 14 new vulnerabilities affecting the proprietary NicheStack (aka InterNiche) TCP/IP stack, used in OT devices such as the extremely popular Siemens …
A clever phishing campaign is targeting Office 365 users
Microsoft is warning about an ongoing, “sneakier than usual” phishing campaign aimed at Office 365 users. An active phishing campaign is using a crafty combination …
Critical vulnerabilities may allow attackers to compromise hospitals’ pneumatic tube system
Armis researchers have unearthed critical vulnerabilities in Swisslog Healthcare’s Translogic pneumatic tube system, which plays a crucial role in patient care in more …
CISA launches US federal vulnerability disclosure platform
Bug hunters who want to help the US federal government secure their online assets can now source all the relevant information from a vulnerability disclosure policy (VDP) …
Microsoft adds Safe Links phishing protection to Microsoft Teams
Microsoft has extendend the phishing protection offered by Microsoft Defender for Office 365’s Safe Links feature to Microsoft Teams. “At its core, Safe Links …
How to develop a skilled cybersecurity team
What skills should aspiring information security workers possess and work on? What certifications can come in handy more than others? What strategies should organizations …
