The bug would allow an attacker to exploit a known vulnerability in Intel's CSME to gain access to the chipset key used for cryptography.

Exposures and data breaches due to misconfigurations have become an “alarmingly common” trend according to StackRox’s latest Kubernetes Security Report.

The bug was in its authentication policy and allowed an attacker unauthorized access to information without needing an authorized token.

Of the more than 8.5 billion records breached in 2019, 7 billion were due to misconfigurations.

The vulnerability allows an attacker to activate the affected device's Telnet service over an open transmission control protocol port and gain unauthorized access.

Cisco patched zero-day vulnerabilities in millions of devices; the White House backed US 5G plan; and IBM CTO called open source vital to edge success.

If exploited, the bugs would allow an attacker to eavesdrop on voice and video calls and steal corporate data flowing through the network’s switches and routers.

Misconfiguration, a widespread threat that requires a low level of sophistication, tops the list.

In the past three weeks, Microsoft, Cisco, Oracle, and Citrix have announced a slew of vulnerabilities as the companies have scrambled to lock down their product lines.

The open source security startup reported over 400% revenue growth in 2019 and says its customers include Google, Intuit, New Relic, and Salesforce.

“We urge customers to immediately install these fixes,” noted Citrix Chief Information Security Officer Fermin Serna in a blog post.

Almost 40 vulnerabilities with a 9.8 severity rating can be exploited over a network without requiring user credentials. So can dozens of others with lesser severity ratings.

Verizon to lead new 5G group; Microsoft, NSA warn of "critical" vulnerability; and Red Hat updated OpenShift to target multi-cloud, security.

Nokia cut 180 jobs, with more to come; Equinix pushed to the edge with Packet acquisition; and Google powered up on IBM Power Systems.

“For the U.S. government to share its discovery of a critical vulnerability with a vendor is exceptionally rare if not unprecedented,” said Amit Yoran, CEO of Tenable.

With more people looking for vulnerabilities, the safer and more secure Kubernetes will be, explained Google execs.

Over the weekend two groups released proof-of-concept (PoC) exploit codes for this vulnerability on Github. Citrix said it will issue a fix later this month.

The latest vulnerabilities are in the authentication mechanism and could allow an attacker to execute actions or privileges on a device.

Grab your tinfoil hat and a champagne cocktail, snuggle up in front of a warm fireplace, and check out our five security predictions for 2020.

The past year was highlighted by ongoing security and commercialization challenges around business models, the edge, and 5G.

The bug was initially spotted by Cisco in June 2018 and given a “critical” rating.

The chipmaker issued a patch for the vulnerability, which could allow attackers to change information stored on the chip’s secure enclave.

The new container security technology allows customers to apply consistent security policies across all cloud IaaS workloads, McAfee says.

The legacy network and endpoint security vendor acquired key pieces of cloud-native technology used in its Cloud Optix security platform when it bought Avid Secure.