Microsoft fixes critical Outlook bug exploitable via preview pane

Microsoft has released the October 2020 Office security updates with a total of 24 security updates and 5 cumulative updates for 7 different products, fixing 13 vulnerabilities that could enable remote attackers to execute arbitrary code on vulnerable systems. The highlight of this month's Microsoft Office security updates is without a doubt CVE-2020-16947, a remote … Continue reading Microsoft fixes critical Outlook bug exploitable via preview pane

FIN11 hackers jump into the ransomware money-making scheme

FIN11, a financially-motivated hacker group with a history starting since at least 2016, has adapted malicious email campaigns to transition to ransomware as the main monetization method. The group runs high-volume operations, lately targeting companies primarily in North America and Europe from almost every industry sector to steal data and to deploy Clop ransomware. Recent … Continue reading FIN11 hackers jump into the ransomware money-making scheme

Intel’s Ice Lake Xeon processors get new security features

Intel today revealed the data security and privacy upgrades that will be introduced to the upcoming 3rd generation Intel Xeon Scalable processors code-named Ice Lake and specifically built to power data center platforms. "Intel is doubling down on its Security First Pledge, bringing its pioneering and proven Intel Software Guard Extension (Intel SGX) to the … Continue reading Intel’s Ice Lake Xeon processors get new security features

CISOs Planning on Bigger Budgets: Report

Budgets are on the rise, even in a time of revenue worries across the industry. A new report on CISO spending patterns shows fear of regulators drives board-level security investment decisions, with 77% of respondents saying their organizations are increasing their budgets because of audit failures or security incidents. Fifty-eight percent of the 900-plus infosec … Continue reading CISOs Planning on Bigger Budgets: Report

Adobe fixes critical security vulnerability in Flash Player

Adobe has released a security update for a critical remote code execution vulnerability in Adobe Flash Player that could be exploited by simply visiting a website. Adobe states that hackers could exploit this vulnerability, tracked as CVE-2020-9746, by inserting malicious strings in HTTP responses when users visit a website. "Exploitation of CVE-2020-9746 requires an attacker … Continue reading Adobe fixes critical security vulnerability in Flash Player