Vulnerabilities
Vulnerabilities news, information, and how-to advice
Russia is hacking routers in global cyber attacks, US and UK warn
In a first-of-its-kind advisory, the U.S. and U.K. warned of malicious cyber activity by state-sponsored Russian hackers who are targeting network infrastructure devices.
Allscripts: Ransomware, recovery, and frustrated customers
The actors behind SamSam launched an attack against Allscripts in January 2018, leaving the company’s customers without access to the services needed to run their medical practices — some for more than a week.
Hackers abused Cisco flaw to warn Iran and Russia: 'Don't mess with our elections'
Hackers exploited a flaw in Cisco Smart Install Client in a cyber attack against Iran and Russia, enabling them to leave the US flag and 'Don't mess with our elections' on screens.
Open source software security challenges persist
Using open source components saves developers time and companies money. In other words, it's here to stay. Here's a look at what it will take to improve open source security.
How a vulnerability disclosure policy lets hackers help you
Does your company have a vulnerability disclosure policy (VPD)? And if not, what might it mean for your security?
SamSam ransomware attacks have earned nearly $850,000
First emerging in late 2015, the group believed to be responsible for the SamSam ransomware family has targeted small and large businesses, healthcare, governments, and education. To date, the group has made nearly $850,000 USD
Researchers find 13 critical flaws in AMD's Ryzen and Epyc chips
Researchers accused of ignoring responsible disclosure claim AMD chips are riddled with critical flaws and backdoors; AMD says it is investigating.
Ransomware: Coming to a robot near you soon?
A a proof-of-concept hack at the Kaspersky Security Analyst Summit showed how robots could be infected with ransomware.
Homeland Security's IT security continues to fall short
Another year, another audit, another set of failings when it comes to the Department of Homeland Security’s IT systems.
Insecure by design: What you need to know about defending critical infrastructure
Patching is useless most of the time, industrial control systems (ICS) security expert tells Senate committee.
Has responsible disclosure won the debate?
The debate in the security community about disclosure shows no signs of abating. This article explores both sides of the argument and puts forward suggestions for organizations looking to improve their transparency and responsiveness...
Hackers exploit Jenkins servers, make $3 million by mining Monero
Hackers exploiting Jenkins servers made $3 million in one of the biggest malicious cryptocurrency mining operations ever.
North Korea hacking group is expanding operations, researchers say
A group of hackers from North Korea (DPRK), recently connected to the usage of an Adobe Flash zero-day vulnerability (CVE-2018-4878), has expanded its operations in both scope and sophistication, FireEye says.
The victim notification conundrum
Now is the time for the security ecosystem to take stronger action to identify and address compromised computers – sharing lists of known compromises and simply observing the problem is not enough
4 reasons forensics will remain a pillar of cybersecurity
When protection fails, forensics can still prevail.
The future: it ain’t what it used to be
The problem with the future—as baseball legend Yogi Berra, the founders of the internet and any CISO or CTO can assure you—is that, increasingly, it ain’t what it used to be.
Becoming vulnerability agnostic
Don't let the constant barrage of vulnerability announcements play with your emotions and drive up your stress levels.
3 leaked NSA exploits work on all Windows versions since Windows 2000
The EternalSynergy, EternalRomance, and EternalChampion exploits have been reworked to work on all vulnerable Windows versions: Windows 2000 -- Server 2016.
-
White Paper
-
White Paper
-
Video/Webcast
Sponsored -
Data Sheet
Sponsored -
White Paper
Sponsored Links