SecurityWeek

Managed Security Services provider Secureworks (NASDAQ:SCWX), announced on Wednesday that it has agreed to acquire acquire Delve Laboratories, a company that provides a vulnerability management and asset discovery platform.

Google addressed two critical vulnerabilities in the Android System component as part of the newly released September 2020 set of security patches.

A researcher has disclosed the details of a cross-site scripting (XSS) vulnerability in Google Maps that earned him $10,000.Israel-based security researcher Zohar Shachar discovered the vulnerability in April 2019 and it was patched a few weeks later, but he only now disclosed his findings.

Microsoft’s Patch Tuesday updates for September 2020 fix 129 vulnerabilities, but the company says none of them has been exploited in attacks or made public before patches were released.

A hacking group was observed employing a legitimate tool to gain visibility into and control of compromised cloud environments, threat detection and response company Intezer reported on Tuesday.

A Swiss federal commissioner announced Tuesday that a U.S.-Swiss program aimed to protect personal information exchanged between the two countries doesn’t go far enough, and has downgraded the United States to rank it as a country deemed to have inadequate data protection.

Vulnerabilities affecting CodeMeter, a popular licensing and DRM solution made by Germany-based Wibu-Systems, can expose industrial systems to remote attacks, industrial cybersecurity company Claroty warned on Tuesday.

Adobe on Tuesday informed customers that it has patched a total of 18 vulnerabilities across its Experience Manager (AEM), FrameMaker and InDesign products.

One the worst cyberattacks yet against Connecticut’s capital city forced officials to postpone the first day of school Tuesday, disrupting the day for thousands of families as city computer experts rushed to restore systems vital for school operations.

Google on Tuesday announced an expansion of its Confidential Computing portfolio, with the general availability of Confidential VMs and the addition of Confidential GKE (Google Kubernetes Engine) Nodes.

Diversity Not Only Includes Gender and Racial Diversity, But Also Diversity of Thought

A presidential memorandum made public on Friday by the White House details the cybersecurity principles that should govern space systems.

The National Security Agency and the National Cryptologic Museum Foundation (NCMF) last week shared information on the design plans for the proposed Cyber Center for Education and Innovation (CCEI), set to be built on the NSA-Washington (NSAW) campus at Fort Meade.

China has launched an initiative to address global data security issues, a countermove to the U.S. “clean network” program that is aimed at discouraging other countries from using Chinese technology.Foreign Minister Wang Yi announced the initiative in Beijing on Tuesday at a seminar on global digital governance.

Routers made by MoFi Network are affected by several vulnerabilities, including critical flaws that can be exploited to remotely hack a device.The vulnerabilities were reported to the vendor in May by Rich Mirch, a security researcher at CRITICALSTART. However, some of them remain unpatched.

The threat group tracked as Evilnum was observed using updated tactics and tools in recent attacks, Cybereason’s Nocturnus research team reported last week.

Cybersecurity agencies in Australia, Canada, New Zealand, the United Kingdom, and the United States have published a joint advisory focusing on detecting malicious activity and incident response.

State securities officials say cybercrime including email attacks are on the rise during the pandemic, and they’re warning people to be careful online.

Data residency-as-a-service platform provider InCountry last week announced it raised $18 million in new funding, which brings the total capital secured by the company to $39 million.

Cisco last week released patches to address a critical remote code execution vulnerability in Jabber for Windows.