Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
ZombieLoad, RIDL and Fallout: Intel processors are vulnerable to more speculative execution side-channel attacks that can allow malware to obtain sensitive data. [Read More]
Twitter warned that a bug in Twitter for iOS led to the company inadvertently collecting location data and sharing it with a third-party. [Read More]
Adobe patches a critical vulnerability in Flash Player and over 80 flaws in its Acrobat products. [Read More]
Facebook will soon kick off its first global Capture the Flag (CTF) competition, set to take place between June 1 and 3, 2019, [Read More]
Security updates Apple released this week for iOS, macOS, Safari, tvOS and watchOS include patches for 21 vulnerabilities that affect open source web browser engine WebKit. [Read More]
A use-after-free vulnerability in SQLite could be exploited by an attacker to remotely execute code on a vulnerable machine, Cisco Talos security researchers warn. [Read More]
Siemens’ May 2019 Patch Tuesday advisories address over a dozen vulnerabilities, including serious flaws affecting LOGO and SINAMICS Perfect Harmony products. [Read More]
Facebook patches a serious WhatsApp zero-day vulnerability (CVE-2019-3568) that can and has been exploited to remotely install spyware on phones by calling the targeted device. [Read More]
Kaspersky patched a serious remote code execution vulnerability affecting products with antivirus databases. [Read More]
NVIDIA has released patches to address High severity vulnerabilities in its NVIDIA GPU Display Driver that could allow an attacker to escalate privileges or execute code on vulnerable systems. [Read More]
FEATURES, INSIGHTS // Vulnerabilities
With a software composition analysis (SCA) tool in place, security teams can quickly scan an information repository and know where vulnerable software is being used.
The "Reaper" IoT botnet is holding itself up as a blinky light in front of our faces, reminding the InfoSec community that we really need to get ahead of IoT madness.
We need to consider whether traditional approaches to vulnerability management are still viable and if just upgrading existing methods or tools is sufficient.
Vendors, practitioners and security experts must all work closely together to combat the well-funded actors who pose a threat to medical devices.
Why are even the most security-conscious organizations being compromised, and what does it mean for everyone else?
DUHK and ROCA are both implementation-specific vulnerabilities concerning one of my favorite topics, random number generators.
The end user community is at the mercy of security researchers to act responsibly in order to limit the potential for their findings to be used for malicious purposes.
With greater awareness about POS system attacks, operations against third-party suppliers, and the vulnerabilities of public or semi-public Wi-Fi networks, companies can do a lot to mitigate risk and ensure safer journeys for travelers.
One of the crucial benefits of blockchain is its distributed capabilities, which mean there isn’t one centralized target to hack.
Given the observation that consumers still seem oblivious to the risks and the lack of awareness about basic security hygiene, the education push will fall short.
SecurityWeek Daily Briefing
- Siemens Teams With Chronicle on Cybersecurity Solutions for Energy Industry
- NATO Warns Russia of 'Full Range' of Responses to Cyberattack
- Best Practices for Securely Moving Workloads Into the Cloud
- Comodo Issued Most Certificates for Signed Malware on VirusTotal
- Authorities Take Down Cryptocurrency Mixing Service Bestmixer.io
- PoC Exploits Created for Wormable Windows RDS Flaw
- Moody's Downgrades Equifax Outlook to Negative Over 2017 Data Breach
- 5 Things Every SMB Should Know to Strengthen Defenses
- UK Has Warned 16 NATO Allies of Russia Hacking Attempts: Foreign Minister
- Amazon Shareholders Support Selling Face Recognition Tech to Police
Copyright © 2019 Wired Business Media. All Rights Reserved. Privacy Policy