Microsoft has released a patch for the CVE-2020-0601 vulnerability, which was first reported by the NSA, ZDNet reports.
CVE-2020-0601 is related to how Windows CryptoAPI validates Elliptic Curve Cryptography certificates. Attackers can exploit it by using spoofed code-signing certificates to fool the CryptoAPI into thinking the file came from a trusted, legitimate source. According to Microsoft, successful exploits could allow attackers to conduct man-in-the-middle attacks and decrypt confidential information.
AWS Security Hub adds 4 new partner integrations
AWS Security Hub has added 4 new partner integrations. It now integrations with IBM QRadar, Slack, ServiceNow ITSM, and ServiceNow SecOps. According to AWS, these integrations will help customers take action on findings and easily send findings from Security Hub to these partner’s products.
“Available globally, AWS Security Hub gives you a comprehensive view of your high priority security alerts and compliance status across your AWS accounts. With AWS Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Firewall Manager, and AWS Identity and Access Management (IAM) Access Analyzer, as well as from AWS Partner solutions,” AWS wrote in a post.
Infocenter advances to ServiceNow Elite Partner
Managed Service Provider Infocenter has announced that it is now a ServiceNow Elite Partner, which is the highest designation offered.
“Our global team is extraordinary. We are providing highly innovative and rapidly deployable ServiceNow solutions that are transforming our client’s critical business processes,” said Michael Vadini, founder and CEO of Infocenter. “We are thrilled about achieving Elite status.”