A security vulnerability identified on AliExpress, the wholesale marketplace owned by the Chinese e-commerce giant Alibaba, could have been exploited by hackers to hijack merchant accounts. A different flaw could have been leveraged to gain access to buyers' details.
Researchers have uncovered several vulnerabilities in the admin panel of InfiniteWP, a free application that allows WordPress website administrators to control multiple installations from a single dashboard.
Recursive Domain Name System (DNS) resolvers are plagued by a vulnerability that can be leveraged to cause them to crash due to resource exhaustion, the CERT Coordination Center at Carnegie Mellon University (CERT/CC) reported.
If North Korea is connected to the Sony attacks, it would be an archetypal example of such a weaker state using cyber operations to level the playing field in potential confrontations with the United States.
Moving towards an adaptive and automated way of applying intelligence based on behavior and heuristics is clearly moving in the right direction to enable a more actionable and relevant set of controls.
Just as automation is applied to the process of Access Certification, the process of revocation needs automation to deliver an Access Governance program that not only satisfies compliance mandates, but actually reduces risk.