Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
FireEye’s M-Trends 2020 report says over 500 new malware families were identified last year and the global median dwell time has continued to drop. [Read More]
VMware has patched serious vulnerabilities, including remote code execution and authentication bypass issues, in vRealize Operations for Horizon Adapter. [Read More]
The U.S. Defence Information Systems Agency (DISA) has disclosed a 2019 data breach in which personal information may have been compromised. [Read More]
An active supply chain campaign that has been ongoing since late 2017 has infected at least 20,000 websites — likely much more — via trojanized WordPress themes and plugins. [Read More]
Georgian authorities on Thursday accused Russia’s military intelligence of launching a large-scale cyberattack that targeted the government and private organizations with the goal of destabilizing the ex-Soviet nation. [Read More]
Cisco has released patches for sixteen vulnerabilities across its products, including one rated critical, six high severity, and nine medium risk. [Read More]
Over 400 ICS vulnerabilities were disclosed in 2019 and more than a quarter of them had no patches when their existence was made public, according to industrial cybersecurity firm Dragos. [Read More]
Microsoft this week announced the general availability of Microsoft Threat Protection, its integrated security solution aimed at offering protection across users, email, applications, and endpoints. [Read More]
Britain and the United States on Thursday accused Russian military intelligence of orchestrating a "reckless" campaign of cyber attacks against Georgia last year. [Read More]
Wandera has warned that document management apps made by Cometdocs can expose users’ files, but the vendor has disputed the severity of the findings and has threatened legal action against reporters. [Read More]
FEATURES, INSIGHTS // Virus & Threats
By learning from the past there are many steps we can take to strength our approach to security as attackers continue to turn to email to help accomplish their mission.
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
By implementing these measures organizations can limit their exposure to remote access-based cyber threats, while supporting agile business models such as remote work and outsourced IT.
Recalculating and reevaluating priorities based on a continuous flow of new data, learnings and your risk profile, helps to ensure you’re staying focused on what matters in a highly dynamic environment.
Proper evaluation of business risk requires insight into the likelihood that a vulnerability will be exploited, and if exploited, how that vulnerability could impact the company on a macro level.
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Application Programming Interfaces (APIs) provide hackers with multiple venues to access an organization’s data and can even be used to cause massive business disruptions.
It is essential to understand exactly what is meant by machine learning so you can quickly differentiate between those solutions that actually provide the technology you need to stay ahead in the cyber war arms race, and those capitalizing on market hype.
Subscribe to the Daily Briefing
- Intel Announces New Hardware-based Security Capabilities
- FBI Official: Russia Wants to See US 'Tear Ourselves Apart'
- Massachusetts Electric Utility Hit by Ransomware
- OpenSMTPD Vulnerability Leads to Command Injection
- Is Conditional Access the Right Approach to Authentication? It Depends.
- UK Financial Regulator Admits to Data Breach
- Firefox Gets DNS-over-HTTPS as Default in U.S.
- Samsung Says it Leaked Data on Handful of UK Customers
- RSA Conference 2020: Product Announcement Summary (Day 2)
- Over 100 Vulnerabilities Patched in MyBB in Past 5 Years
Copyright © 2020 Wired Business Media. All Rights Reserved. Privacy Policy