UK Urges Orgs To Patch Severe CVE-2020-16952 SharePoint RCE Bug The U.K. National Cyber Security Centre (NCSC) today issued an alert highlighting the risks behind the recently addressed CVE2020-16952 remote code execution (RCE) vulnerability in Microsoft SharePoint Server. NCSC, the cybersecurity arm of the UK’s GCHQ intelligence service, urges organizations to Read more…
NPM Nukes NodeJS Malware Opening Windows, Linux Reverse Shells NPM has removed multiple packages hosted on its repository this week that established connection to remote servers and exfiltrated user data. These 4 packages had collected over 1,000 total downloads over the course of the last few months up until being removed by Read more…
Critical SonicWall Vulnerability Affects 800K Firewalls, Patch Now A critical stack-based Buffer Overflow vulnerability has been discovered in SonicWall VPNs. When exploited, it allows unauthenticated remote attackers to execute arbitrary code on the impacted devices. Tracked as CVE-2020-5135, the vulnerability impacts multiple versions of SonicOS ran by hundreds of thousands of active VPNs. Craig Young of Tripwire Vulnerability Read more…
Crytek Hit By Egregor Ransomware, Ubisoft Data Leaked The Egregor ransomware gang has hit game developer Crytek in a confirmed ransomware attack and leaked what they claim are files stolen from Ubisoft’s network. Ubisoft and Crytek are both well-known game developers with corporate headquarters in France and Germany, respectively. This Read more…
Online Proctor Service ProctorTrack Disables Service After Hack The online proctoring service ProctorTrack has disabled access to their service after its parent company was hacked. With many schools and colleges performing remote learning, including tests, online proctoring services are increasingly being used to prevent students from cheating. ProctorTrack is one Read more…
Zoom Rolls Out End-To-End Encryption (E2EE) Next Week Zoom announced today that it will roll out end-to-end encryption (E2EE) for all users starting next week, as part of a 30-day technical preview. To start using E2EE when joining new meetings during this roll out phase, meeting participants will have to Read more…
US Cyber Command: Patch Windows ‘Bad Neighbor’ TCP/IP Bug Now US Cyber Command warns Microsoft customers to immediately patch their systems against the critical and remotely exploitable CVE-2020-16898 vulnerability addressed during this month’s Patch Tuesday. “Update your Microsoft software now so your system isn’t exploited: CVE-2020-16898 in particular should be Read more…
Intel’s Ice Lake Xeon Processors Get New Security Features Intel today revealed the data security and privacy upgrades that will be introduced to the upcoming 3rd generation Intel Xeon Scalable processors code-named Ice Lake and specifically built to power data center platforms. “Intel is doubling down on its Security First Pledge, Read more…
Windows 10 Now Blocks Some Third-Party Drivers From Installing Microsoft says that Windows 10 and Windows Server users will be blocked from installing incorrectly formatted third-party drivers after deploying this month’s cumulative updates. “When installing a third-party driver, you might receive the error, ‘Windows can’t verify the publisher of this Read more…
Windows 10 Cumulative Updates KB4579311 & KB4577671 Released Today is the second Tuesday of October 2020 and the first batch of security updates or ‘B’ updates are now available for all supported versions of Windows 10. If you want to grab these updates, check for updates in the Settings and the update Read more…
Let us help you out.
Singapore
7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987
Thailand
The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand
Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!
Click one of our contacts below to chat on WhatsApp
