Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
French President Emmanuel Macron leads a list of 14 current or former heads of state who may have been targeted for hacking by clients of the notorious Israeli spyware firm NSO Group, Amnesty International said Tuesday. [Read More]
A driver shipped to millions of computers with HP, Samsung and Xerox printers since 2005 is affected by a vulnerability that can be exploited for privilege escalation. [Read More]
Security updates released by Adobe for seven of its products patch a total of 21 vulnerabilities, including many rated critical. [Read More]
An unauthenticated remote attacker could send a specially crafted request to trigger the vulnerability and execute code as root. [Read More]
The U.S. government has attributed several past ICS attacks to Russian, Chinese and Iranian state-sponsored threat actors. [Read More]
A vulnerability affecting Rockwell Automation’s MicroLogix 1100 controllers can be exploited for remote DoS attacks that cause the device to enter a persistent fault condition. [Read More]
Microsoft is ready to offer up to $30,000 to researchers who discover vulnerabilities with high impact on customer privacy and security. [Read More]
Currently, the vulnerability can be exploited to crash the Wi-Fi functionality on any iPhone when connecting to an access point that has a specially crafted SSID. [Read More]
Microsoft secures a court order to take down malicious domains that impersonate legitimate organizations. [Read More]
Networking gear vendor Juniper Networks ships product updates to address critical security vulnerabilities. [Read More]
FEATURES, INSIGHTS // Virus & Threats
Performing gap analysis well and remediating findings appropriately can help reduce both the number of weak points within your enterprise and your susceptibility to attack at each of them.
Organizations must adopt a holistic approach to securing their distributed networked environment that enables them to see and manage their entire distributed network, including all attack vectors, through a single pane of glass.
With years of bug bounty programs now behind us, it is interesting to see how the information security sector transformed – or didn’t.
There are good and bad ways to make vulnerabilities known. A premature “full disclosure” of a previously unknown issue can unleash the forces of evil, and the “black hats” often move faster than vendors or enterprise IT teams.
Any bug hunter, security analyst, software vendor, or device manufacturer should not rely on CVSS as the pointy end of the stick for prioritizing remediation.
In a world of over-hyped bugs, stunt hacking, and branded vulnerability disclosures, my advice to CISOs is to make security lemonade by finding practical next steps to take.
Architects and IT security teams are looking for technology evolutions to help them manage real problems in endpoint storage and messaging.
Regardless of which framework you use, it’s crucial to operationalize it in the context of your organization’s unique environment and risk factors.
Devon Kerr explains what happened when a municipality inadvertently deployed a brand-new endpoint protection technology across a small part of their production network.
Organizations may not be able to mitigate BEC scams entirely; however, tightening up processes will ensure data exposure is kept to a minimum.
Get the Daily Briefing
- Amnesty Urges Moratorium on Surveillance Technology in Pegasus Scandal
- What We Learn from MITRE's Most Dangerous Software Weaknesses List
- 'Holy Moly!': Inside Texas' Fight Against a Ransomware Hack
- Leading Threat to Industrial Security is Not What You Think
- GitLab Releases Open Source Tool for Hunting Malicious Code in Dependencies
- Enterprises Warned of New PetitPotam Attack Exposing Windows Domains
- Threat Actors Target Kubernetes Clusters via Argo Workflows
- House Passes Several Critical Infrastructure Cybersecurity Bills
- TikTok fined €750,000 for Violating Children's Privacy
- Dutch Police Arrest Alleged Member of 'Fraud Family' Cybercrime Gang
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy