Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Siemens SCALANCE X industrial switches are vulnerable to DoS attacks, but patches have yet to be released. [Read More]
More than 750,000 systems remain vulnerable to the BlueKeep vulnerability as patching rate has decreased by around 85%, a new report from security firm BitSight reveals. [Read More]
Microsoft’s August 2019 Patch Tuesday updates fix over 90 vulnerabilities, but none of them have been exploited in attacks or disclosed publicly before the patches were released. [Read More]
Adobe has patched 118 vulnerabilities across its After Effects, Character Animator, Premiere Pro, Prelude, Creative Cloud, Acrobat and Reader, Experience Manager and Photoshop products. [Read More]
Researchers have demonstrated serious SQLite vulnerabilities by hacking an iPhone and a C&C server used by malware. [Read More]
Researchers have demonstrated how malicious actors could launch ransomware attacks on DSLR cameras. [Read More]
Apple is making its bug bounty program public, it’s expanding it to cover macOS and other products, and it’s increasing the top reward to $1 million. [Read More]
Researchers have analyzed device drivers from major vendors and found that 40 drivers from 20 different companies have vulnerabilities that can be exploited to deploy persistent malware. [Read More]
Exploitation of a coding bug in F5's BIG-IP load balancer could be as simple as submitting a command or piece of code as part of a web request. [Read More]
Hackers can use rogue engineering stations to take control of Siemens PLCs while hiding the attack from the engineer monitoring the system, researchers demonstrate. [Read More]
FEATURES, INSIGHTS // Vulnerabilities
Several tech vendors have been added to the list of vendors vulnerable to a variation on the Bleichenbacher attack called the ROBOT attack.
Laws to support swift and automatic updates for all devices, and consequence to organizations that fail to ensure their IoT devices are secure, would be a big step forward for IoT security.
With a software composition analysis (SCA) tool in place, security teams can quickly scan an information repository and know where vulnerable software is being used.
The "Reaper" IoT botnet is holding itself up as a blinky light in front of our faces, reminding the InfoSec community that we really need to get ahead of IoT madness.
We need to consider whether traditional approaches to vulnerability management are still viable and if just upgrading existing methods or tools is sufficient.
Vendors, practitioners and security experts must all work closely together to combat the well-funded actors who pose a threat to medical devices.
Why are even the most security-conscious organizations being compromised, and what does it mean for everyone else?
DUHK and ROCA are both implementation-specific vulnerabilities concerning one of my favorite topics, random number generators.
The end user community is at the mercy of security researchers to act responsibly in order to limit the potential for their findings to be used for malicious purposes.
With greater awareness about POS system attacks, operations against third-party suppliers, and the vulnerabilities of public or semi-public Wi-Fi networks, companies can do a lot to mitigate risk and ensure safer journeys for travelers.
SecurityWeek Daily Briefing
- Internet-Exposed Sphinx Servers at Risk of Attacks
- Attacking Tor: What it Takes to Disrupt the Popular Onion Routing Network
- Romania Mulls Excluding Huawei From its 5G Network
- Facebook Announces 2019 Internet Defense Prize Winners
- Chinese Cyber-Spies Target US-Based Research University
- Facebook Launches Tool to Let Users Control Data Flow
- New YubiKey 5Ci Has Both USB-C and Lightning Connectors
- Twitter Shuts Chinese Accounts Targeting Hong Kong Protests
- Twitter Flexing its Muscles Against State Misinformation
- VideoLAN Patches Dozen Vulnerabilities in VLC
Copyright © 2019 Wired Business Media. All Rights Reserved. Privacy Policy