GE third party data breach exposes employee personal data

In a breach notification letter posted online, General Electric (GE) said one of their service providers Canon Business Process Services experienced a data breach last month. The breach exposed certain personal data on past and present GE employees, as well as their beneficiaries.

Continue Reading GE third party data breach exposes employee personal data

Microsoft issues advisory for two zero-day RCE vulnerabilities exploited in the wild (updated)

Microsoft has issued a new security advisory for two remote code execution (RCE) vulnerabilities in Adobe Type Manager (ATM) Library exploited in the wild. Microsoft also published several workarounds to reduce risk until a patch is rolled out.

Continue Reading Microsoft issues advisory for two zero-day RCE vulnerabilities exploited in the wild (updated)

Trend Micro patches two zero-day vulnerabilities under active attack in the wild

Trend Micro has patched five vulnerabilities in multiple products. The updates address two zero-days - one Critical risk vulnerability CVE-2020-8467 and another High risk vulnerability CVE-2020-8468 under active attack in the wild. In addition, the company also patched three other Critical vulnerabilities that require no authentication to exploit.

Continue Reading Trend Micro patches two zero-day vulnerabilities under active attack in the wild

VMware patches critical vmnetdhcp vulnerability (CVE-2020-3947) in VMware Workstation and Fusion

VMware has released patches for a critical vulnerability in VMware Workstation and Fusion products. The company also fixed high severity vulnerabilities in VMware Horizon Client for Windows and VMRC for Windows.

Continue Reading VMware patches critical vmnetdhcp vulnerability (CVE-2020-3947) in VMware Workstation and Fusion

Guidance for CISOs to improve remote worker security, free access to small business online collaboration tools

In the wake of Coronavirus / COVID-19 pandemic, Microsoft has issued sound guidance for security leaders to improve remote worker security. Tech companies are also offering small businesses free access to online collaboration tools during the outbreak.

Continue Reading Guidance for CISOs to improve remote worker security, free access to small business online collaboration tools

Organizations need heightened level of Enterprise VPN security in the wake of Coronavirus Pandemic

To prepare for possible impacts of Coronavirus Disease 2019 (COVID-19), more organizations are electing to have their employees work remotely from home. With that responsibility, more organizations will need to adopt a heightened level of security to protect themselves from attackers who look to exploit weaknesses in enterprise virtual private networks (VPNs).

Continue Reading Organizations need heightened level of Enterprise VPN security in the wake of Coronavirus Pandemic