Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
An updated version of Chrome 66 is now available, which addresses a Critical security vulnerability that could allow an attacker to take over a system. [Read More]
Rockwell Automation patches vulnerabilities in Arena simulation software and FactoryTalk Activation Manager [Read More]
Kaspersky researchers find a significant number of vulnerabilities in OPC UA, a widely used industrial communications protocol [Read More]
Firefox 60 allows IT administrators to customize the browser for employees, and is also the first browser to feature support for the Web Authentication (WebAuthn) standard. [Read More]
Update released by LG for its Android smartphones patches two serious keyboard vulnerabilities that can be exploited for remote code execution [Read More]
SAP this week released its May 2018 set of security patches to address over a dozen vulnerabilities across its product portfolio, including four bugs in Internet Graphics Server. [Read More]
Siemens patches remotely exploitable DoS vulnerabilities affecting several of its SINAMICS medium voltage converters [Read More]
The developers of several major operating systems and hypervisors misinterpreted Intel documentation and introduced a potentially serious vulnerability in their products [Read More]
Google released additional mitigations for the Meltdown attack that impacts microprocessors from Intel, AMD, and other vendors. [Read More]
Lenovo has released patches for a High severity vulnerability impacting the Secure Boot function on some System x servers. [Read More]
FEATURES, INSIGHTS // Vulnerabilities
Being able to properly defend applications requires organizations to first identify their attack surfaces before meaningful risk management can take place.
When done successfully, continuous testing and training prevents bugs and performance issues from going out the door, while enabling developers to better spot problems in the future.
To reduce exposure to malware, security teams need to learn the DevOps techniques that are being adopted across the rest of the IT organization.
Medical devices are indeed vulnerable to attack, but the industry is waking up to the breadth of the problems, and several organizations are forming a vanguard to show the way forward.
If the WannaCry incident taught us anything, it’s that global, widespread ransomware can and will impact organizations without any notice. The time to prepare is now.
Hackers are exploiting known vulnerabilities and are betting on the fact that organizations don’t know how to fix what really matters.
With the advent of connected devices, privacy and security have become tightly linked because theft of private data is often the goal of malicious attacks.
If we agree that quality and security problems are both a form of defect, then we must sufficiently address both to produce software of the highest integrity.
As with anything new, you need to prepare and plan for IoT devices being in your environment to maximize the value they provide, while minimizing the inherent risk of these network-enabled devices.
Gaining an understanding of the tools that development teams use provides security teams with valuable insight into how developers work, how they make decisions, and the incentives that drive them.
SecurityWeek Daily Briefing
- Fitting Forward Secrecy into Today's Security Architecture
- GRIMM Opens Security Research Lab for ICS, Connected Vehicles
- Okta Adds Threat Intel to Network Context to Eliminate Passwords
- Agari Employs Active Defense to Probe Nigerian Email Scammers
- Massive Russia-Linked Botnet Raises Concerns of New Attack on Ukraine
- Senator Asks DoD to Secure Its Websites
- Vulnerabilities Found in RTUs Used by European Energy Firms
- FBI Inflated Numbers on Unhackable Devices
- Best Practices in Securing DevOps
- 'I'm sorry', Facebook Boss Tells European Lawmakers
Copyright © 2018 Wired Business Media. All Rights Reserved. Privacy Policy | Terms of Use