Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Microsoft warns users that Windows servers running IIS are vulnerable to DoS attacks that cause CPU usage to spike to 100%. Similar flaw discovered by the same researcher recently in nginx. [Read More]
A vulnerability in WinRAR, the archiver used by over 500 million users worldwide, can be exploited to execute arbitrary code by getting the target to open a specially crafted ACE file. [Read More]
Updates released for the Drupal CMS patch a “highly critical” vulnerability that can be exploited for remote code execution (CVE-2019-6340). [Read More]
Armorblox emerges from stealth mode with a platform that uses natural language understanding to detect threats hidden in emails and documents. The company also announced a $16.5 million Series A funding round. [Read More]
Rockwell Automation is working on patches for two vulnerabilities affecting its Allen-Bradley PowerMonitor 1000 power monitors. Details of the flaws and proof-of-concept (PoC) code are publicly available. [Read More]
A security breach suffered by PoS solutions provider North Country Business Products resulted in the exposure of payment cards used at over 130 restaurants and hotels in the US. [Read More]
After paying out $250,000 in bug bounties in 2018, GitHub has decided to increase rewards and expand the scope of its program. [Read More]
It takes Russian state-sponsored hackers less than 20 minutes to start moving laterally within a network after the initial breach, CrowdStrike says in its latest Global Threat Report. [Read More]
A privilege escalation vulnerability that allows attackers to elevate privileges to SYSTEM has been found in the LG Device Manager application. [Read More]
Proof-of-concept (PoC) code is now publicly available for a recently disclosed container escape vulnerability impacting popular products, including AWS, Google Cloud, and numerous Linux distributions. [Read More]
- 1 of 506
- ››
FEATURES, INSIGHTS // Virus & Threats
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
By implementing these measures organizations can limit their exposure to remote access-based cyber threats, while supporting agile business models such as remote work and outsourced IT.
Recalculating and reevaluating priorities based on a continuous flow of new data, learnings and your risk profile, helps to ensure you’re staying focused on what matters in a highly dynamic environment.
Proper evaluation of business risk requires insight into the likelihood that a vulnerability will be exploited, and if exploited, how that vulnerability could impact the company on a macro level.
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Application Programming Interfaces (APIs) provide hackers with multiple venues to access an organization’s data and can even be used to cause massive business disruptions.
It is essential to understand exactly what is meant by machine learning so you can quickly differentiate between those solutions that actually provide the technology you need to stay ahead in the cyber war arms race, and those capitalizing on market hype.
Microservices and containers enable faster application delivery and improved IT efficiency. However, the adoption of these technologies has outpaced security.
- 1 of 25
- ››
SecurityWeek Daily Briefing
- New Service From Cisco's Duo Labs Analyzes Chrome Extensions
- Report: Apps Give Facebook Sensitive Health and Other Data
- Warning Issued Over Attacks on Internet Infrastructure
- Bug Allows Bypass of WhatsApp Face ID, Touch ID Protection
- Entrust to Acquire Hardware Security Module Maker nCipher
- Cybercriminals Promise Millions to Skilled Black Hats: Report
- DrainerBot SKD Sucks Data and Battery From Android Devices
- Pulse Secure Unveils Software Defined Perimeter Solution
- Researcher Earns $10,000 for Another XSS Flaw in Yahoo Mail
- Mexican Privacy Watchdog Criticizes Government Over Spyware
Copyright © 2019 Wired Business Media. All Rights Reserved. Privacy Policy