Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Nearly a dozen vulnerabilities, including critical code execution flaws, patched in Advantech’s WebAccess HMI/SCADA product [Read More]
A critical vulnerability in the DHCP client in Red Hat Enterprise Linux could allow an attacker to execute arbitrary commands on impacted systems. [Read More]
Researchers came across a malicious PDF file that exploited zero-day vulnerabilities in Adobe Reader and Windows [Read More]
High severity vulnerability discovered in Siemens SIMATIC S7-400 PLCs can be exploited remotely to cause devices to enter a DoS condition [Read More]
As the adoption of open source components soars, vulnerabilities in this type of software have become increasingly common and they can pose a serious risk to applications, Synopsys study shows [Read More]
Critical vulnerability in the Signal desktop app allowed remote code execution with no user interaction. Researchers show how hackers could have stolen conversations and more [Read More]
Adobe patches nearly 50 vulnerabilities in its Acrobat and Reader products, including critical code execution flaws [Read More]
The integration of new IT networks with older operational technology (OT) networks is introducing new security risks to old technology and old technology practices. [Read More]
EFAIL: researchers say they’ve found ways to steal plain text from emails encrypted with OpenPGP and S/MIME, but some believe the claims are overblown [Read More]
The Electron framework, which has been used to build several highly popular applications, is affected by a flaw that can allow remote code execution [Read More]

FEATURES, INSIGHTS // Vulnerabilities

rss icon

Jalal Bouhdada's picture
Vendors, practitioners and security experts must all work closely together to combat the well-funded actors who pose a threat to medical devices.
Jim Ivers's picture
Why are even the most security-conscious organizations being compromised, and what does it mean for everyone else?
David Holmes's picture
DUHK and ROCA are both implementation-specific vulnerabilities concerning one of my favorite topics, random number generators.
Torsten George's picture
The end user community is at the mercy of security researchers to act responsibly in order to limit the potential for their findings to be used for malicious purposes.
Alastair Paterson's picture
With greater awareness about POS system attacks, operations against third-party suppliers, and the vulnerabilities of public or semi-public Wi-Fi networks, companies can do a lot to mitigate risk and ensure safer journeys for travelers.
Jennifer Blatnik's picture
One of the crucial benefits of blockchain is its distributed capabilities, which mean there isn’t one centralized target to hack.
Jim Ivers's picture
Given the observation that consumers still seem oblivious to the risks and the lack of awareness about basic security hygiene, the education push will fall short.
David Holmes's picture
Security researchers found 26 vulnerabilities within ISP network devices that would have given them remote admin access to the majority of home networks in the United States.
David Holmes's picture
A manufacturer of a meter may have a different threat model involving the physical aspects of the device itself: device memory, firmware interface, ecosystem communications.
Jim Ivers's picture
These recommendations will help your organization reduce risk and save real money on the cost of resolving defects. It is not often you get such a clear win-win scenario.