Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Key negotiation attack (KNBO) gives attackers the ability to decrypt all of the traffic between vulnerable Bluetooth devices during a session. [Read More]
SAP on Tuesday patched three critical (Hot News) vulnerabilities in its products, the highest number of critical flaws fixed on the same day since 2014. [Read More]
British Airways (BA) has been criticized for allowing hackers easy access to customer flight information via a vulnerability affecting its e-ticketing system. [Read More]
Microsoft alerts users that its latest security updates patch more BlueKeep-like, wormable vulnerabilities affecting Remote Desktop Services. [Read More]
Researchers at Google and Netflix discover 8 DoS vulnerabilities affecting various HTTP/2 implementations, including from Amazon, Apple, Facebook and Microsoft. [Read More]
Siemens SCALANCE X industrial switches are vulnerable to DoS attacks, but patches have yet to be released. [Read More]
More than 750,000 systems remain vulnerable to the BlueKeep vulnerability as patching rate has decreased by around 85%, a new report from security firm BitSight reveals. [Read More]
Microsoft’s August 2019 Patch Tuesday updates fix over 90 vulnerabilities, but none of them have been exploited in attacks or disclosed publicly before the patches were released. [Read More]
Adobe has patched 118 vulnerabilities across its After Effects, Character Animator, Premiere Pro, Prelude, Creative Cloud, Acrobat and Reader, Experience Manager and Photoshop products. [Read More]
Researchers have demonstrated serious SQLite vulnerabilities by hacking an iPhone and a C&C server used by malware. [Read More]
- 1 of 372
- ››
FEATURES, INSIGHTS // Vulnerabilities
Regardless of which framework you use, it’s crucial to operationalize it in the context of your organization’s unique environment and risk factors.
Recalculating and reevaluating priorities based on a continuous flow of new data, learnings and your risk profile, helps to ensure you’re staying focused on what matters in a highly dynamic environment.
Proper evaluation of business risk requires insight into the likelihood that a vulnerability will be exploited, and if exploited, how that vulnerability could impact the company on a macro level.
Application Programming Interfaces (APIs) provide hackers with multiple venues to access an organization’s data and can even be used to cause massive business disruptions.
Microservices and containers enable faster application delivery and improved IT efficiency. However, the adoption of these technologies has outpaced security.
We can’t rely on our own governments to practice responsible full disclosure. Full Disclosure is compromised. We can’t really blame them. Either everyone discloses, or no-one does.
By understanding and easing the cultural shift this entails, you can save time and money and sleep better at night with security occupying a seat at the DevOps table.
As DevOps and agile development methodologies take greater root in the enterprise, the traditional tools and approaches for eliminating vulnerabilities in code will no longer be able to keep pace.
When planning a testing strategy for an application, it is important to evaluate the applicability and likely effectiveness of the various testing approach options.
Several tech vendors have been added to the list of vendors vulnerable to a variation on the Bleichenbacher attack called the ROBOT attack.
- 1 of 17
- ››
SecurityWeek Daily Briefing
- AWS: No Significant Issues at Other Alleged Targets of Capital One Hacker
- Data Protection and Privacy: Think 360, Demand 360
- UK Hacker Sentenced to 20 Months in Prison
- Organizations Expose Sensitive Data via Malware Analysis Sandboxes
- Ransomware Hits Texas Local Governments
- Uganda, Zambia Deny Huawei Helped Spy on Political Opponents
- Iowa Grocery Chain Investigating Possible Hack of Payment Processing Systems
- Apple Sues Corellium Over Security Research Tool
- Uganda Slams Report Huawei Helped Spy on Opposition Leader
- Many Users Don't Change Unsafe Passwords After Being Warned: Google
Copyright © 2019 Wired Business Media. All Rights Reserved. Privacy Policy