Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
While investigating a flaw that exposed phone number country codes and account locking information, Twitter discovered an attack coming from IPs possibly linked to state-sponsored actors. [Read More]
Several Shamoon 3 samples have been identified and there appear to be targets in more sectors than initially believed. Researchers also found some links to Iran. [Read More]
The Irish data watchdog on Friday launched an investigation into Facebook, after the social media titan admitted a "bug" may have exposed unposted photos from up to 6.8 million users. [Read More]
SQLite vulnerability dubbed Magellan can be exploited for remote code execution, information leaks and DoS attacks. Chrome and other popular applications using SQLite are affected. [Read More]
Facebook discovered a vulnerability in the Photo API that could have allowed third-party apps to access all of a user’s photos. Up to 6.8 million users and 1,500 apps are impacted. [Read More]
Siemens SINUMERIK controllers are affected by DoS, privilege escalation and code execution vulnerabilities, including several flaws rated critical. [Read More]
Facebook has paid out over $1.1 million through its bug bounty program in 2018, which brings the total paid by the social media giant since the launch of its program to $7.5 million. [Read More]
A wave of bomb threats emailed to hundreds of schools, businesses and government buildings across the U.S. triggered searches, evacuations and fear — but there were no signs of explosives, and authorities said the scare appeared to be a crude extortion attempt. [Read More]
Italian oil services company Saipem has confirmed that its systems were hit by a new variant of Shamoon, but the malware has also reportedly been used against other energy firms operating in the Middle East. [Read More]
As U.S. President Donald Trump re-imposed harsh economic sanctions on Iran last month, hackers scrambled to break into personal emails of American officials tasked with enforcing them. [Read More]
- 1 of 491
- ››
FEATURES, INSIGHTS // Virus & Threats
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
By implementing these measures organizations can limit their exposure to remote access-based cyber threats, while supporting agile business models such as remote work and outsourced IT.
Recalculating and reevaluating priorities based on a continuous flow of new data, learnings and your risk profile, helps to ensure you’re staying focused on what matters in a highly dynamic environment.
Proper evaluation of business risk requires insight into the likelihood that a vulnerability will be exploited, and if exploited, how that vulnerability could impact the company on a macro level.
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Application Programming Interfaces (APIs) provide hackers with multiple venues to access an organization’s data and can even be used to cause massive business disruptions.
It is essential to understand exactly what is meant by machine learning so you can quickly differentiate between those solutions that actually provide the technology you need to stay ahead in the cyber war arms race, and those capitalizing on market hype.
Microservices and containers enable faster application delivery and improved IT efficiency. However, the adoption of these technologies has outpaced security.
We can’t rely on our own governments to practice responsible full disclosure. Full Disclosure is compromised. We can’t really blame them. Either everyone discloses, or no-one does.
- 1 of 25
- ››
SecurityWeek Daily Briefing
- Backdoor Targeting Malaysian Government a "Mash-up" of Malware
- Serious Flaws Found in ABB Safety PLC Gateways
- Untangle Partners With Malwarebytes to Bring Layered Security to SMBs
- Oath Paid Out $5 Million in Bug Bounties in 2018
- Data Protection Firm Egress Raises $40 Million
- WordPress Patches Privilege Escalation Vulnerabilities
- OT Incident Response: Is it Mission Impossible?
- Testing Security Products: Third-Party Standards vs. In-House Testing
- Czech Warning Over Huawei, ZTE Security 'Threat'
- Twitter Warns of Possible State-Sponsored Attack
Copyright © 2018 Wired Business Media. All Rights Reserved. Privacy Policy