Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
More than 600 vulnerabilities were disclosed in the first half of 2021 and more than 60% are critical or high severity. [Read More]
Critical- and high-severity vulnerabilities in Cisco’s data center management console could lead to command execution and sensitive information leaks. [Read More]
Apple's security response team has pushed out software fixes for at least 39 software vulnerabilities haunting the macOS Catalina, iOS and iPadOS platforms. [Read More]
A critical vulnerability in Netwrix Auditor can allow attackers to execute arbitrary code on the server and possibly compromise the Active Directory domain. [Read More]
Google has addressed 11 vulnerabilities with the latest Chrome 103 update, including several high-severity use-after-free issues reported by external researchers. [Read More]
Oracle’s July 2022 CPU includes 349 new security patches, 230 of which address vulnerabilities that can be exploited remotely, without authentication. [Read More]
British startup Push Security has banked $4 million in early-stage funding to help secure SaaS app deployments. [Read More]
MDR platform provider Huntress has shelled out $22 million to acquire Curricula, a startup in the growing security awareness business. [Read More]
Microsoft releases Azure Storage SDK update to address a padding oracle vulnerability in client-side encryption. [Read More]
Widely used Micodus vehicle GPS trackers are affected by critical vulnerabilities that can be exploited by hackers to stalk people and remotely disable cars. [Read More]
FEATURES, INSIGHTS // Vulnerabilities
Given the observation that consumers still seem oblivious to the risks and the lack of awareness about basic security hygiene, the education push will fall short.
Security researchers found 26 vulnerabilities within ISP network devices that would have given them remote admin access to the majority of home networks in the United States.
A manufacturer of a meter may have a different threat model involving the physical aspects of the device itself: device memory, firmware interface, ecosystem communications.
These recommendations will help your organization reduce risk and save real money on the cost of resolving defects. It is not often you get such a clear win-win scenario.
Being able to properly defend applications requires organizations to first identify their attack surfaces before meaningful risk management can take place.
When done successfully, continuous testing and training prevents bugs and performance issues from going out the door, while enabling developers to better spot problems in the future.
To reduce exposure to malware, security teams need to learn the DevOps techniques that are being adopted across the rest of the IT organization.
Medical devices are indeed vulnerable to attack, but the industry is waking up to the breadth of the problems, and several organizations are forming a vanguard to show the way forward.
If the WannaCry incident taught us anything, it’s that global, widespread ransomware can and will impact organizations without any notice. The time to prepare is now.
Hackers are exploiting known vulnerabilities and are betting on the fact that organizations don’t know how to fix what really matters.
Get the Daily Briefing
- Twitter Breach Exposed Anonymous Account Owners
- Ghost Security Snags $15M Investment for API Security Tech
- Slack Forces Password Resets After Discovering Software Flaw
- FEMA Urges Patching of Emergency Alert Systems, But Some Flaws Remain Unfixed
- F5 Fixes 21 Vulnerabilities With Quarterly Security Patches
- Traffic Light Protocol 2.0 Brings Wording Improvements, Label Changes
- Zimbra Credential Theft Vulnerability Exploited in Attacks
- Disruptive Cyberattacks on NATO Member Albania Linked to Iran
- SMBs Exposed to Attacks by Critical Vulnerability in DrayTek Vigor Routers
- The Secret to Automation? Eat the Elephant in Chunks.
Copyright © 2022 Wired Business Media. All Rights Reserved. Privacy Policy