NIST SP 800-121 Revision 2:Â Guide to Bluetooth Security
The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-121 Revision 2: “Guide to Bluetooth Security.”
Endpoint Security
NSA releases guidance on securing wireless devices in public settings
The National Security Agency (NSA) has released guidance on securing wireless devices in public settings for government national defense entities and the general public. The new 8-page guidance infosheet summarizes ways bad actors target wireless devices as well as good safeguards to protect against such cyberattacks. The NSA warns that although connecting to public Wi-Fi …
NSA releases guidance on securing wireless devices in public settings Read More »
The top 3 endpoint threats used in 2020 cyberattacks
Cybersecurity criminals are continuing to change threat tactics by leveraging more fileless malware and duel-use tools to attack organizations.
Apple security updates for iOS 13.3, macOS Catalina 10.15.2 and other products
Apple has released security updates for iOS 13.3 and macOS Catalina 10.15.2, as well as other products to include Safari, watchOS, tvOS, iTunes, iCloud and Xcode.
Attackers reverse Outlook vulnerability CVE-2017-11774 patch functionality
Researchers at FireEye have spotted an uptick in active exploits of CVE-2017-11774, an Outlook security feature bypass vulnerability. Attackers are also actively reversing Outlook vulnerability patch functionality. To help protect against such exploits, FireEye has provided Outlook hardening guidelines.
NIST SP 800-128: Security-Focused Configuration Management of Information Systems Guidelines
The National Institute of Standards and Technology (NIST) has issued new Security-Focused Configuration Management of Information Systems guidelines (SP 800-128).
RobbinHood ransomware holds Baltimore City’s data hostage
Baltimore City computer network has been a victim of a ransomware attack that has taken data for hostage and knocked out city services.
Former student uses “USB Killer” device to destroy university computers
A former student at the College of St. Rose, in New York used a weaponized USB stick dubbed “USB Killer” to destroy 59 university computers and seven monitors that had open USB slots.
ASUS updates Live Update Software, response to APT
ASUS released a new security update in response to Advanced Persistent Threat (APT) actors that targeted certain international organizations. A new version of ASUS Live Update was made available.
Cold boot attack can expose encryption keys, data on laptops
Security researchers at F-Secure have uncovered a decade-old attack that exploits firmware weaknesses in laptops to expose encryption keys and sensitive data.