Several years ago, the Federal Trade Commission (FTC) released a good video that is still highly relevent today. The video explains how companies can leverage NIST's Cybersecurity Framework to greatly improve security in their organization. In this article, we highlight the five key tenants from the framework and how they could have possibly prevented FTC action and penalties.
As the COVID-19 crisis continues to spread, larger numbers of enterprises and learning organizations are moving meetings and classrooms online via video-teleconferencing (VTC) platforms. The FBI has issued a new warning of recent VTC attacks and also offered guidance on how to better security VTC platforms.
The Mozilla Foundation released a new security update for Firefox 74.0.1 that patches two zero-day Critical vulnerabilities (CVE-2020-6819 and CVE-2020-6820) under active attack.
Researchers from FireEye have discovered Chinese cyber threat group APT41 carry out a broad cyber campaign between January 20 and March 11, 2020. The actors have attempted to exploit vulnerabilities in Citrix NetScaler/ADC, Cisco routers, and Zoho ManageEngine Desktop Central products against 75 FireEye customers.
Google has released Chrome 80.0.3987.162 for Windows, Mac and Linux, as well as a new version of Chrome for Android.
In a breach notification letter posted online, General Electric (GE) said one of their service providers Canon Business Process Services experienced a data breach last month. The breach exposed certain personal data on past and present GE employees, as well as their beneficiaries.
Apple has released security updates for iOS 13.4, macOS Catalina 10.15.4, Safari 13.1 and other products.
Microsoft has issued a new security advisory for two remote code execution (RCE) vulnerabilities in Adobe Type Manager (ATM) Library exploited in the wild. Microsoft also published several workarounds to reduce risk until a patch is rolled out.
Drupal has released a critical security update to address third-party library CKEditor XSS vulnerabilities in Drupal 8.7.x and 8.8.x.
Google has released Chrome 80.0.3987.149 for Windows, Mac and Linux, as well as a new version of Chrome for Android. The update addresses 13 security fixes to include 9 High severity vulnerabilities.