SecurityWeek

Adobe on Tuesday announced that security updates for its Prelude, Experience Manager and Lightroom products patch critical arbitrary code execution vulnerabilities.

The OpenSSL Project today warned that the widely deployed TLS/SSL toolkit is vulnerable to a serious security flaw that exposes users to denial-of-service attacks.

Industrial cybersecurity firm Dragos announced on Tuesday that it has raised $110 million in a Series C funding round, which brings the total raised by the company to-date to $158 million.

Norway's domestic spy agency on Tuesday blamed a Russian hacker group linked to Moscow's military intelligence for a cyberattack on the Norwegian parliament earlier this year.

D-Link is working on releasing firmware updates to address two command injection vulnerabilities that affect multiple VPN router models.

US and Israel-based cloud visibility solutions provider Orca Security on Tuesday announced that it has raised $55 million in a Series B funding round, which brings the total raised by the company to $82 million.

On Friday, December 4, U.S. President Donald Trump signed the Internet of Things Cybersecurity Improvement Act of 2020 into law.

Beyond Identity, a security startup on a quest to eliminate passwords, today announced a $75 million Series B funding round, bringing the total investment in the company to $105 million. 

A critical vulnerability addressed earlier this year in the PlayStation Now application for Windows could have been exploited by malicious websites to execute arbitrary code.

Electronics manufacturing giant Foxconn has confirmed that some of its systems have been targeted in a cyberattack, after a group of hackers started leaking files allegedly stolen from the company.

Security researcher Oskars Vegeris has published documentation on a wormable, cross-platform vulnerability in Microsoft Teams that could allow invisible malicious hacker attacks.

Russian state-sponsored hackers have been exploiting a vulnerability that VMware patched recently in some of its products, the National Security Agency (NSA) warned on Monday.

A Russian bitcoin expert at the center of a multi-country legal tussle was sentenced in Paris on Monday to five years in prison for money laundering and ordered to pay 100,000 euros (more than $120,000) in fines in a case of suspected cryptocurrency fraud.

Looking to beef up its portfolio of consumer security software, NortonLifeLock on Monday announced an all-cash $360 million deal to snap up German anti-virus firm Avira.

Google this week announced the launch of a knowledge base with information on a class of vulnerabilities referred to as cross-site leaks, or XS-Leaks.

Two information disclosure vulnerabilities recently identified in the Chrome, Edge, and Firefox web browsers may be exploited to obtain information on applications on the system, Fortinet reports.The bugs impact Protocol Handlers, which are related to a mechanism that allows apps to register their own URI schemes used for process execution.

The United States and Australia on Friday announced a partnership for the continuous development of a virtual cyber training range.

The Greater Baltimore Medical Center in Towson, Maryland was hit by a ransomware attack that impacted computer systems and medical procedures, the healthcare provider said Sunday.

Human resources giant Randstad last week revealed that its IT systems were targeted in a recent cyberattack involving a relatively new piece of ransomware named Egregor.

Two people have been arrested for stealing defense data from the Italian aerospace and electronics group Leonardo, the interior ministry said on Saturday.