Vulnerabilities

Vulnerabilities | News, how-tos, features, reviews, and videos

stealing a password
risk assessment - safety analysis - security audit

binary code matrix broken / breached / failed / hacked / security risk / threat / vulnerability

Hackers get into National Republican Congressional Committee's email system

The National Republican Congressional Committee's email system was hacked leading up to midterm elections.

eye binary retina scanner security identity access management

Microsoft, Mastercard propose universal digital identity program

Microsoft and Mastercard say the “single, reusable digital identity” could solve identity verification issues and help with fraud prevention.

artificial intelligence brain machine learning digital transformation world networking

Risk-based vulnerability management a better form of cyber defense

By consolidating vulnerability management tools and adding AI, risk-based vulnerability management protects the entire attack surface.

phishing hacker binary keyboard privacy security breach

Hacker adds malicious bitcoin-stealing code to popular JavaScript library

An NPM package with 2 million weekly downloads had malicious code injected into it. Plus, more problems arise from the Windows 10 October 2018 Update.

amazon sign

Amazon 'technical error' exposes undisclosed number of customer names and emails

Amazon isn't saying how many customers had their names and email addresses exposed due to a data leak caused by an unexplained technical error.

spearfishing trap

Russian Cozy Bear APT 29 hackers may be impersonating State Department

Russian Cozy Bear hackers may be impersonating the U.S. State Department in a large, new spear-phishing campaign, plus other cybersecurity news.

hacker

Cyber criminals abuse US Postal Service Informed Delivery for ID theft

Criminals are abusing the US Postal Service's Informed Delivery for ID theft and fraud. Meanwhile, vulnerabilities were found in Oracle's VirtualBox, WordPress and Adobe ColdFusion servers.

cyber attack virus meltdown

Meaner, more violent Stuxnet variant reportedly hits Iran

Iran admitted its “infrastructure and strategic networks” were hit by a meaner version of Stuxnet. Plus, Iran used Google to find CIA communication channels.

a clock half-submerged in water

Cyber security relics: 4 older technologies still plaguing the infosec world

Understanding the issues of the past can help us be better equipped to deal with seemingly new issues in the present.

1 network internet connected grid earth power satellite view

Thousands of critical energy and water systems exposed online for anyone to exploit

Critical functions such as starting or stopping a system can be accessed online by anyone, be it nation-state attackers or script kiddies.

a digital brain and circuit board

Flaws in brain stimulation tech could let hackers erase or hold memories for ransom

If security flaws in brain stimulation tech are not fixed, researchers warn that hackers will be able to target your memories, erase them or hold them for ransom in the future.

intro data breach circuit board technology security

Another government system breached; 75,000 people affected

The Centers for Medicare & Medicaid Service confirmed a breach. Apple CEO Tim Cook wants Bloomberg to retract the spychip story. A Connecticut city paid a ransom to unlock 23 servers.

man typing on laptop search internet web browswer

What is Shodan? The search engine for everything on the internet

Defenders find this simple tool valuable for finding vulnerable devices attached to the web that need to be secured.

hand holding magnifying glass over contract

What are blockchain’s smart contracts? And how to secure them

Smart contracts are moving into the enterprise, but they aren’t bulletproof. These are the vulnerabilities and best practices for securing them.

windows bug

Microsoft patch for JET flaw zero-day is ‘incomplete,’ Windows still vulnerable

Microsoft's fix for the zero-day JET flaw only limits the vulnerability, doesn't eliminate it. Meanwhile, a Pentagon breach affects 30,000 workers, and a vigilante hacker is patching vulnerable MikroTik routers.

missiles

Pentagon's new weapon systems are easy to hack, GAO report finds

A recent GAO report revealed that some US Department of Defense weapon systems use default passwords and that a port scan can cause weapon systems to fail.

phishing hacker binary keyboard privacy security breach

Facebook security and privacy issues revealed

Last week saw Facebook dealing with security and privacy issues, while the Port of San Diego got hit with a ransomware attack and researchers discovered two Linux kernel bugs.

shadowy attacker hooded

7,500 MikroTik routers compromised, traffic forwarded to attackers

Attackers have exploited a flaw in thousands of unpatched MikroTik routers, sending traffic to unknown attacker-controlled IPs.

Load More