The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-53 Rev.5. Security and Privacy Controls for Information Systems and Organizations. The Special Publication (SP) 800-53 provides cloud access control (AC) characteristics and a set of general access control guidance for cloud service models. An abstract from SP 800-53: This publication provides […]
The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-53B Control Baselines for Information Systems and Organizations.
NIST SP 800-53B: Control Baselines for Information Systems and Organizations Read More »
The Apache Software Foundation has patched a Struts 2 vulnerability CVE-2020-17530 that may lead to remote code execution.
Apache patches Struts 2 RCE vulnerability (CVE-2020-17530) Read More »
Microsoft has released the December 2020 Security updates that includes patches for 58 vulnerabilities, 9 of them rated Critical.
Microsoft December 2020 Security Updates Read More »
OpenSSL patched a high severity vulnerability CVE-2020-1971 in certain OpenSSL versions. As a result, a bad actor could exploit and launch a Denial of Service attack against impacted systems.
OpenSSL patches High risk vulnerability (CVE-2020-1971) Read More »
Security researchers have spotted malicious cyber actors targeting the COVID-19 vaccine cold chain via a global phishing cyber campaign.
Threat actors targeting COVID-19 vaccine cold chain Read More »
The Apache Software Foundation has patched a Tomcat HTTP/2 Request header mix-up vulnerability CVE-2020-17527.
Apache patches Tomcat HTTP/2 Request header mix-up vulnerability (CVE-2020-17527) Read More »
Google has released Chrome 87 security update (87.0.4280.88) for Windows, Mac and Linux with fixes for 8 vulnerabilities. The tech giant also released a new Chrome OS version and Chrome browser update for Android.
Google releases Chrome security update (87.0.4280.88) Read More »
Apple has released a security update to fix multiple vulnerabilities in iCloud for Windows 11.5. A hacker could exploit some of these vulnerabilities to take control of affected devices.
Apple releases iCloud for Windows 11.5 with fixes for multiple vulnerabilities Read More »
VMware has issued a workaround for a Critical command injection vulnerability CVE-2020-4006 in multiple VMware products.
