Security Experts:
IT Security News Headlines
More Security Headlines
Pulse Secure unveils Software Defined Perimeter (SDP) solution designed to help enterprises securely access their applications and resources. [Read More]
A researcher has discovered a third critical XSS vulnerability in Yahoo Mail that earned him $10,000. The flaw can be exploited to steal messages and attach malicious code to outgoing emails. [Read More]
Mexico’s privacy watchdog says the federal Attorney General’s Office stonewalled it for more than a year as it tried to investigate the government’s use of powerful Israeli spyware against journalists, lawyers and activists. [Read More]
Google said it forgot to mention that it included a microphone in its Nest Secure home alarm system, the latest privacy flub by one of the tech industry’s leading collectors of personal information. [Read More]
Cisco this week released patches for more than a dozen vulnerabilities across its product portfolio, including high severity flaws in HyperFlex, Prime Infrastructure, and Prime Collaboration Assurance. [Read More]
Adobe releases second patch for the Reader vulnerability tracked as CVE 2019-7089 after the researcher who found it managed to bypass the first fix. [Read More]
Microsoft warns users that Windows servers running IIS are vulnerable to DoS attacks that cause CPU usage to spike to 100%. Similar flaw discovered by the same researcher recently in nginx. [Read More]
While investigating the Netyksho case -- specifically investigating Russian involvement in the release of the stolen DNC documents -- search warrants allegedly discovered "Stone's communications with Guccifer 2.0 and with Organization 1." [Read More]
A vulnerability in WinRAR, the archiver used by over 500 million users worldwide, can be exploited to execute arbitrary code by getting the target to open a specially crafted ACE file. [Read More]
Updates released for the Drupal CMS patch a “highly critical” vulnerability that can be exploited for remote code execution (CVE-2019-6340). [Read More]
- 1 of 1473
- ››
SecurityWeek Experts
As industrial environments become more complex, data-type and data-source agnostic technologies need to be employed. Both IT and OT teams should be able to quickly access and analyze all data relevant to their needs.
Organizations’ perimeters will continue to erode as their digital footprints expand, but with the right risk protection strategy any organization can succeed in the age of digital transformation.
Companies in China are facing many of the same threats that your organization faces today, but they are addressing these threats at a massive scale, on emerging platforms, and with innovative approaches that we can learn from.
Automation tools have changed the way that security teams turn information into action, with the ability to automatically search and collect threat intelligence from a variety of third-party sources.
Network Segmentation can prevent lateral movement and effectively improve security, and is a continuous journey that every organization should take.
The ability to customize threat intelligence scores allows you to prioritize threats to your organization and reevaluate and reprioritize as new data and context becomes available.
Security frameworks need to see and adapt to network changes, share and correlate threat intelligence, and respond to threats as a unified system.
In the United States, it is consumers’ responsibility to opt out of sharing their information with the services they join—and figuring out how to do so.
The abundance of compromised card data and other assets available online continues to hinder the fight against card-not-present (CNP) fraud.
Since multi-factor authentication requires several elements for identity verification, it’s one of the best ways to prevent unauthorized users from accessing sensitive data and moving laterally within the network.
- 1 of 208
- ››
SecurityWeek Daily Briefing
- Warning Issued Over Attacks on Internet Infrastructure
- Bug Allows Bypass of WhatsApp Face ID, Touch ID Protection
- Entrust to Acquire Hardware Security Module Maker nCipher
- Cybercriminals Promise Millions to Skilled Black Hats: Report
- DrainerBot SKD Sucks Data and Battery From Android Devices
- Pulse Secure Unveils Software Defined Perimeter Solution
- Researcher Earns $10,000 for Another XSS Flaw in Yahoo Mail
- Mexican Privacy Watchdog Criticizes Government Over Spyware
- Google's Nest Hub Has a Microphone It Forgot to Mention
- Cisco Patches High Severity Flaws in HyperFlex, Prime Infrastructure
Copyright © 2019 Wired Business Media. All Rights Reserved. Privacy Policy