Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Equifax shares more details about the breach and how it was discovered by the company [Read More]
VMware patches critical SVGA code execution flaw and other vulnerabilities in ESXi, vCenter Server, Workstation and Fusion [Read More]
Magento has released updates for its eCommerce platforms to address numerous vulnerabilities, including a remote code execution bug rated Critical severity. [Read More]
Apple's new Secure Kernel Extension Loading (SKEL) security feature, set to be implemented in the upcoming macOS 10.13 High Sierra, is trivial to bypass, a security researcher claims. [Read More]
Equifax confirms that an Apache Struts vulnerability exploited in the wild since March has been used to breach its systems [Read More]
Zerodium is offering a total of $1 million for Tor Browser zero-day exploits that it will sell to governments [Read More]
SEC Consult discloses details of several vulnerabilities affecting IBM InfoSphere DataStage and Information Server [Read More]
SAP on Tuesday released 16 security notes as part of its SAP Security Patch Day, to which it also added 1 out-of-band release and 6 updates to previously released Security Notes, for a total of 23 Notes. [Read More]
Microsoft patches 80 vulnerabilities, including a .NET framework zero-day flaw exploited to deliver spyware [Read More]
Microsoft patches .NET zero-day vulnerability exploited to deliver FinFisher spyware to Russian users [Read More]

FEATURES, INSIGHTS // Vulnerabilities

rss icon

Alastair Paterson's picture
With greater awareness about POS system attacks, operations against third-party suppliers, and the vulnerabilities of public or semi-public Wi-Fi networks, companies can do a lot to mitigate risk and ensure safer journeys for travelers.
Jennifer Blatnik's picture
One of the crucial benefits of blockchain is its distributed capabilities, which mean there isn’t one centralized target to hack.
Jim Ivers's picture
Given the observation that consumers still seem oblivious to the risks and the lack of awareness about basic security hygiene, the education push will fall short.
David Holmes's picture
Security researchers found 26 vulnerabilities within ISP network devices that would have given them remote admin access to the majority of home networks in the United States.
David Holmes's picture
A manufacturer of a meter may have a different threat model involving the physical aspects of the device itself: device memory, firmware interface, ecosystem communications.
Jim Ivers's picture
These recommendations will help your organization reduce risk and save real money on the cost of resolving defects. It is not often you get such a clear win-win scenario.
Dan Cornell's picture
Being able to properly defend applications requires organizations to first identify their attack surfaces before meaningful risk management can take place.
Marie Hattar's picture
When done successfully, continuous testing and training prevents bugs and performance issues from going out the door, while enabling developers to better spot problems in the future.
Travis Greene's picture
To reduce exposure to malware, security teams need to learn the DevOps techniques that are being adopted across the rest of the IT organization.
Jim Ivers's picture
Medical devices are indeed vulnerable to attack, but the industry is waking up to the breadth of the problems, and several organizations are forming a vanguard to show the way forward.