A new report shows a high percentage of IaC template misconfigurations in cloud deployments that leave them vulnerable to attack.
Lucian Constantin |
06 Feb |
Read more
Cisco fixes vulnerabilities in its Cisco Discovery Protocol that could let remote attackers take over products without any user interaction.
Michael Cooney |
06 Feb |
Read more
Despite the distraction of an election year, Congress is expected to give the Department of Homeland Security tools to identify critical infrastructure threats and copyright exemptions to security researchers.
Cynthia Brumfield |
04 Feb |
Read more
New report from IOActive details implementation errors that expose LoRaWAN networks to attack and provides a framework for mitigating the risk.
Lucian Constantin |
29 Jan |
Read more
SASE model developed by Gartner ties into SD-WAN, edge computing and SD-Branch, so it warrants attention from networking teams.
Lee Doyle |
29 Jan |
Read more
The three individuals arrested represent only a small portion of the Magecart web-skimming group, but the investigation is ongoing.
Lucian Constantin |
28 Jan |
Read more
Researchers claim that the latest side-channel exploit against Intel processors can be used to leak a targeted set of data.
Mark Hachman |
28 Jan |
Read more
The six high-risk vulnerabilities result from hard-coded or no credentials in remote access software and the use of outdated applications.
Lucian Constantin |
24 Jan |
Read more
Software that writes more data to a memory buffer than it can hold creates vulnerabilities that attackers can exploit.
Lucian Constantin |
23 Jan |
Read more
The warning about Cisco Firepower management software is rated critical among 26 other less urgent security advisories it issued.
Michael Cooney |
23 Jan |
Read more
False flags are a favourite technique of cyber attackers connected to Russian intelligence, but they don't have a monopoly on the practice.
Josh Fruhlinger |
21 Jan |
Read more
With security regaining priority in digital strategies, CISOs are dispersing security responsibility throughout the organisation.
Stacy Collett |
17 Jan |
Read more
Microsoft and the NSA have confirmed that a flaw in the Windows 10 cryptography system could allow malware to pose as legitimate applications.
Mark Hachman |
15 Jan |
Read more
Researcher Brian Krebs is reporting that a major vulnerability affecting Windows' CryptoAPI service could allow malware to hide as a legitimate app.
Mark Hachman |
14 Jan |
Read more
Whether or not security executives lose their jobs in the wake of a major incident, security failure should be seen as a learning opportunity.
Dan Swinhoe |
13 Jan |
Read more
Mozilla has issued a patch for its Firefox browser after a bug was found that could give a hacker complete control over a user's PC.
Michael Simon |
11 Jan |
Read more
Cisco warns of vulnerabilities that can let attackers issue arbitrary actions with administrative permissions.
Michael Cooney |
04 Jan |
Read more
The attackers customised the Magecart code to the Macy's website to steal credit card information in the wallet and new registrations.
Lucian Constantin |
19 Dec |
Read more
A new report underscores the poor state of aviation security - and worse, how poorly understood the problem is within the industry.
J.M. Porup |
18 Dec |
Read more
Researchers have recently detected an advanced persistent threat campaign that targets critical infrastructure equipment manufacturers.
Lucian Constantin |
18 Dec |
Read more