Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
The key fob of Tesla Model S and possibly other vehicles can be cloned in seconds using a new attack method disclosed this week by a team of researchers [Read More]
Zerodium discloses zero-day vulnerability in NoScript that can be exploited to execute arbitrary JavaScript in Tor Browser even if the security level is set to “Safest” [Read More]
VPN companies ProtonVPN and NordVPN have another go at patching a serious privilege escalation vulnerability for which fixes were first released in April [Read More]
The Mirai and Gafgyt IoT botnets are targeting vulnerabilities in Apache Struts and SonicWall Global Management System (GMS), Palo Alto Networks has discovered. [Read More]
Google has released its September 2018 security patches for Android, resolving over 50 vulnerabilities in the operating system. [Read More]
Microsoft revealed plans to offer paid Windows 7 Extended Security Updates (ESU) for three years after traditional support for the operating system officially ends. [Read More]
Effective this week, Windows XP is no longer supported in Firefox. More than four years after Microsoft stopped supporting the platform, Mozilla is making a similar move. [Read More]
A vulnerability affecting some of Schneider Electric’s Modicon controllers can be exploited by malicious actors to cause significant disruption in ICS networks, researchers warn [Read More]
Cisco patches critical and high severity vulnerabilities in its RV series, SD-WAN, Umbrella and other products [Read More]
Opsview recently addressed a series of remote code-execution, command-execution and local privilege-escalation vulnerabilities in the Opsview Monitor. [Read More]
FEATURES, INSIGHTS // Vulnerabilities
With a software composition analysis (SCA) tool in place, security teams can quickly scan an information repository and know where vulnerable software is being used.
The "Reaper" IoT botnet is holding itself up as a blinky light in front of our faces, reminding the InfoSec community that we really need to get ahead of IoT madness.
We need to consider whether traditional approaches to vulnerability management are still viable and if just upgrading existing methods or tools is sufficient.
Vendors, practitioners and security experts must all work closely together to combat the well-funded actors who pose a threat to medical devices.
Why are even the most security-conscious organizations being compromised, and what does it mean for everyone else?
DUHK and ROCA are both implementation-specific vulnerabilities concerning one of my favorite topics, random number generators.
The end user community is at the mercy of security researchers to act responsibly in order to limit the potential for their findings to be used for malicious purposes.
With greater awareness about POS system attacks, operations against third-party suppliers, and the vulnerabilities of public or semi-public Wi-Fi networks, companies can do a lot to mitigate risk and ensure safer journeys for travelers.
One of the crucial benefits of blockchain is its distributed capabilities, which mean there isn’t one centralized target to hack.
Given the observation that consumers still seem oblivious to the risks and the lack of awareness about basic security hygiene, the education push will fall short.
SecurityWeek Daily Briefing
- Adobe Patches Code Execution, Other Flaws in Acrobat and Reader
- Patching Not Enough; Organizations Must Adopt Zero-Trust Practices: Report
- NSA Leak Fuels Rise in Hacking for Crypto Mining: Report
- Click2Gov Attacks on U.S. Cities Attributed to Previously Unknown Group
- New Tool Helps G Suite Admins Uncover Security Threats
- Cloudflare Helps Boost DNSSEC Adoption as Key Rollover Nears
- Privacy Protection Means Encryption at the Application Layer
- Nation State Cyber Attacks on Rise, Says Europol
- Mirai Authors Avoid Prison After Working With FBI
- Fidelis Cybersecurity Raises $25 Million
Copyright © 2018 Wired Business Media. All Rights Reserved. Privacy Policy