Chinese hacker group spotted using a UEFI bootkit in the wild | ZDNet
https://www.zdnet.com/article/chinese-hacker-group-spotted-using-a-uefi-bootkit-in-the-wild/

Facebook Announces Bug Bounty Loyalty Program, Streamlined Bug Triage
http://feedproxy.google.com/~r/Securityweek/~3/O-XNYvjAMxQ/facebook-announces-bug-bounty-loyalty-program-streamlined-bug-triage

Facebook has announced a series of updates for its bug bounty program, including bonus rewards for engaged researchers, as well as a faster bug triage process.
read more (https://www.securityweek.com/facebook-announces-bug-bounty-loyalty-program-streamlined-bug-triage)

Security Firms & Financial Group Team Up to Take Down Trickbot
https://www.darkreading.com/vulnerabilities---threats/advanced-threats/security-firms-and-financial-group-team-up-to-take-down-trickbot/d/d-id/1339155?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Microsoft and security firms ESET, Black Lotus Labs, and Symantec collaborated with the financial services industry to cut off the ransomware operation's C2 infrastructure.

Online Voting Is Coming, but How Secure Will It Be?
https://www.darkreading.com/vulnerabilities---threats/online-voting-is-coming-but-how-secure-will-it-be/a/d-id/1339093?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

It's time for state governments to act as leaders, adopt digital ID standards, enable new online voting systems, and provide broad-based access to all communities for the benefit of all.

Acronis Patches Privilege Escalation Flaws in Backup, Security Solutions
http://feedproxy.google.com/~r/Securityweek/~3/TDeNoqmmGPU/acronis-patches-privilege-escalation-flaws-backup-security-solutions

Acronis has released patches for its True Image, Cyber Backup, and Cyber Protect products to address vulnerabilities that could lead to elevation of privileges.
The flaws could allow unprivileged Windows users to run code with SYSTEM privileges, a vulnerability note from the CERT Coordination Center (CERT/CC) reveals.
read more (https://www.securityweek.com/acronis-patches-privilege-escalation-flaws-backup-security-solutions)

Online Infrastructure Security Firm Cyberpion Emerges From Stealth
http://feedproxy.google.com/~r/Securityweek/~3/fju7HQZH2Wo/online-infrastructure-security-firm-cyberpion-emerges-stealth

Online infrastructure security solutions provider Cyberpion on Tuesday emerged from stealth mode after raising $8.25 million in seed funding.
read more (https://www.securityweek.com/online-infrastructure-security-firm-cyberpion-emerges-stealth)

Using location in a consistent way in your ARM template parameters
http://techgenix.com/arm-template-location-parameters/

In this Quick Tip, you see that with location parameters and a variable, we can guarantee that our ARM template will always get valid regions.
The post Using location in a consistent way in your ARM template parameters (http://techgenix.com/arm-template-location-parameters/) appeared first on TechGenix (http://techgenix.com/).

Sysmon - A Linux System Monitor (Like Windows Task Manager)
https://ostechnix.com/sysmon-a-linux-system-monitor-like-windows-task-manager/

Linux Kernel 5.9 Released, Here's a Quick Look at What's New - OMG! Ubuntu!
https://www.omgubuntu.co.uk/2020/10/linux-5-9-kernel-featureske

Adobe Patches Critical Code Execution Vulnerability in Flash Player
http://feedproxy.google.com/~r/Securityweek/~3/HRk4yYQChhE/adobe-patches-critical-code-execution-vulnerability-flash-player

Adobe has patched a critical arbitrary code execution vulnerability in Flash Player. This is the only flaw fixed by the software giant this Patch Tuesday.
The vulnerability, tracked as CVE-2020-9746, has been described as a NULL pointer dereference issue.
read more (https://www.securityweek.com/adobe-patches-critical-code-execution-vulnerability-flash-player)

Google warns of severe 'BleedingTooth' Bluetooth flaw in Linux kernel
https://www.zdnet.com/article/google-warns-of-severe-bleedingtooth-bluetooth-flaw-in-linux-kernel/

4 Firefox Features You Should Be Using Right Now - It's FOSS
https://itsfoss.com/firefox-useful-features/

Linux 5.9: Not a game-changer, but a good, solid Linux kernel | ZDNet
https://www.zdnet.com/article/linux-5-9-not-a-game-changer-but-a-good-solid-linux-kernel/

How Intel's Clear Linux Is Competing Against Late-2020 Linux Distributions - Phoronix
https://www.phoronix.com/scan.php?page=article&item=clear-fall-2020&num=1

VirtualBox 6.1.16 Released with Full Support for Linux Kernel 5.9, Various Improvements
https://9to5linux.com/virtualbox-6-1-16-released-with-full-support-for-linux-kernel-5-9-various-improvements

Oracle Releases Another Mammoth Security Patch Update
https://www.darkreading.com/application-security/oracle-releases-another-mammoth-security-patch-update/d/d-id/1339240?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

October's CPU contains 402 patches for vulnerabilities across 29 product sets, many of which are remotely executable without the need for authentication.

Hackers Can Open Doors by Exploiting Vulnerabilities in Hörmann Device
http://feedproxy.google.com/~r/Securityweek/~3/HYscFJpNBO0/hackers-can-open-doors-exploiting-vulnerabilities-h%C3%B6rmann-device

Hackers could remotely open garage doors and gates by exploiting vulnerabilities found in a gateway device made by Hörmann, researchers warned on Wednesday.
read more (https://www.securityweek.com/hackers-can-open-doors-exploiting-vulnerabilities-h%C3%B6rmann-device)

6 Ways Passwords Fail Basic Security Tests
https://www.darkreading.com/threat-intelligence/6-ways-passwords-fail-basic-security-tests/d/d-id/1339299?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

New data shows humans still struggle with password creation and management.

US Government Issues Warning on Kimsuky APT Group
https://www.darkreading.com/threat-intelligence/us-government-issues-warning-on-kimsuky-apt-group/d/d-id/1339310?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

The joint alert, from CISA, the FBI, and others, describes activities from the North Korean advanced persistent threat group.