Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Over a dozen vulnerabilities, including remote code execution and DoS flaws, have been found in FreeRTOS. The microcontroller OS is used for consumer products, B2B solutions and industrial automation [Read More]
Several vulnerabilities patched in Drupal 7 and 8, including two ‘critical’ remote code execution vulnerabilities [Read More]
Several vulnerabilities, including ones rated high severity, have been patched in Splunk Enterprise and Splunk Light [Read More]
Celia/VGo telepresence robots from Vecna are affected by several vulnerabilities [Read More]
NFCdrip attack shows that NFC can be used for long-range exfiltration. Passwords and other data can be quickly stolen over tens of meters [Read More]
Tumblr has patched a vulnerability that could have been exploited to obtain user account information, including email addresses and protected passwords [Read More]
Many servers may be exposed to attacks due to an authentication bypass vulnerability affecting the libssh SSH library [Read More]
Google released Chrome 70 on Tuesday and the latest version brings updated sign-in options and patches for 23 vulnerabilities [Read More]
Researchers find critical vulnerabilities that can be exploited to take full control of D-Link routers. Serious flaws also discovered in Linksys routers [Read More]
Oracle’s October 2018 Critical Patch Update (CPU) includes 301 security fixes, bringing the total number of patches released this year to 1,119 [Read More]
- 1 of 323
- ››
FEATURES, INSIGHTS // Vulnerabilities
Recalculating and reevaluating priorities based on a continuous flow of new data, learnings and your risk profile, helps to ensure you’re staying focused on what matters in a highly dynamic environment.
Proper evaluation of business risk requires insight into the likelihood that a vulnerability will be exploited, and if exploited, how that vulnerability could impact the company on a macro level.
Application Programming Interfaces (APIs) provide hackers with multiple venues to access an organization’s data and can even be used to cause massive business disruptions.
Microservices and containers enable faster application delivery and improved IT efficiency. However, the adoption of these technologies has outpaced security.
We can’t rely on our own governments to practice responsible full disclosure. Full Disclosure is compromised. We can’t really blame them. Either everyone discloses, or no-one does.
By understanding and easing the cultural shift this entails, you can save time and money and sleep better at night with security occupying a seat at the DevOps table.
As DevOps and agile development methodologies take greater root in the enterprise, the traditional tools and approaches for eliminating vulnerabilities in code will no longer be able to keep pace.
When planning a testing strategy for an application, it is important to evaluate the applicability and likely effectiveness of the various testing approach options.
Several tech vendors have been added to the list of vendors vulnerable to a variation on the Bleichenbacher attack called the ROBOT attack.
Laws to support swift and automatic updates for all devices, and consequence to organizations that fail to ensure their IoT devices are secure, would be a big step forward for IoT security.
- 1 of 17
- ››
SecurityWeek Daily Briefing
- Japan Orders Facebook to Improve Data Protection
- Cisco, F5 Networks Investigate libssh Vulnerability Impact
- Flaw in Media Library Impacts VLC, Other Software
- Hackers Deface Website of Saudi Investment Forum
- Securing the Vote Against Increasing Threats
- Recent Branch.io Patch Creates New XSS Flaw
- Cyberbit Launches Portable ICS Security Assessment Solution
- Google Boosts Android Security with Protected Confirmation
- Hackers Breach HealthCare.gov System, Get Data on 75,000
- NSA-Linked 'DarkPulsar' Exploit Tool Detailed
Copyright © 2018 Wired Business Media. All Rights Reserved. Privacy Policy