Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Hundreds of Moxa devices similar to the ones targeted in the 2015 Ukraine power grid hack are vulnerable to remote attacks [Read More]
Chinese drone maker DJI and a researcher are in an online battle – which could also turn into a legal battle – over the company’s bug bounty program [Read More]
Google makes public details of Chrome OS exploit chain for persistent code execution worth $100,000 [Read More]
Analysis shows that China delays disclosure of known critical vulnerabilities, sometimes to enable their immediate use by APT groups with probable Chinese government affiliation. [Read More]
The U.S. government introduced greater transparency into the process by which government agencies decide whether to disclose or stockpile the cyber vulnerabilities they discover. [Read More]
Apache CouchDB was affected by critical vulnerabilities that could have allowed remote attackers to escalate privileges and execute code [Read More]
A critical vulnerability in Cisco’s Voice Operating System exposes a dozen collaboration products to remote attacks [Read More]
Vulnerabilities in the popular WordPress plugin Formidable Forms expose sensitive data and allow hackers to hijack websites [Read More]
Amazon Echo and Google Home devices are vulnerable to attacks exploiting the recently disclosed BlueBorne vulnerabilities [Read More]
Oracle patches several vulnerabilities, including two rated critical, in the Jolt server component of the company’s Tuxedo product [Read More]

FEATURES, INSIGHTS // Vulnerabilities

rss icon

Jim Ivers's picture
Why are even the most security-conscious organizations being compromised, and what does it mean for everyone else?
David Holmes's picture
DUHK and ROCA are both implementation-specific vulnerabilities concerning one of my favorite topics, random number generators.
Torsten George's picture
The end user community is at the mercy of security researchers to act responsibly in order to limit the potential for their findings to be used for malicious purposes.
Alastair Paterson's picture
With greater awareness about POS system attacks, operations against third-party suppliers, and the vulnerabilities of public or semi-public Wi-Fi networks, companies can do a lot to mitigate risk and ensure safer journeys for travelers.
Jennifer Blatnik's picture
One of the crucial benefits of blockchain is its distributed capabilities, which mean there isn’t one centralized target to hack.
Jim Ivers's picture
Given the observation that consumers still seem oblivious to the risks and the lack of awareness about basic security hygiene, the education push will fall short.
David Holmes's picture
Security researchers found 26 vulnerabilities within ISP network devices that would have given them remote admin access to the majority of home networks in the United States.
David Holmes's picture
A manufacturer of a meter may have a different threat model involving the physical aspects of the device itself: device memory, firmware interface, ecosystem communications.
Jim Ivers's picture
These recommendations will help your organization reduce risk and save real money on the cost of resolving defects. It is not often you get such a clear win-win scenario.
Dan Cornell's picture
Being able to properly defend applications requires organizations to first identify their attack surfaces before meaningful risk management can take place.