Vulnerabilities
Vulnerabilities | News, how-tos, features, reviews, and videos
How automation enables a proactive security culture at Bank of England
The Bank of England security team uses automation to build intellectual capital, freeing up time to be more proactive and to better explain security to business units.
Twitter bug may have been exploited by state-sponsored hackers
A flaw in Twitter support forum API may have been exploited by state-sponsored hackers. Meanwhile, other hackers embedded code in memes posted on Twitter to give infected PCs instructions.
Researchers find over 40,000 stolen logins for government portals
A phishing operation led to the theft of more than 40,000 login credentials for government services in 30 countries.
Cyber risk management continues to grow more difficult
Primary reasons why cyber risk management is more difficult include increasing workloads, sophisticated threats, and more demanding business executives.
Hackers get into National Republican Congressional Committee's email system
The National Republican Congressional Committee's email system was hacked leading up to midterm elections.
Microsoft, Mastercard propose universal digital identity program
Microsoft and Mastercard say the “single, reusable digital identity” could solve identity verification issues and help with fraud prevention.
Risk-based vulnerability management a better form of cyber defense
By consolidating vulnerability management tools and adding AI, risk-based vulnerability management protects the entire attack surface.
Hacker adds malicious bitcoin-stealing code to popular JavaScript library
An NPM package with 2 million weekly downloads had malicious code injected into it. Plus, more problems arise from the Windows 10 October 2018 Update.
Amazon 'technical error' exposes undisclosed number of customer names and emails
Amazon isn't saying how many customers had their names and email addresses exposed due to a data leak caused by an unexplained technical error.
Russian Cozy Bear APT 29 hackers may be impersonating State Department
Russian Cozy Bear hackers may be impersonating the U.S. State Department in a large, new spear-phishing campaign, plus other cybersecurity news.
Cyber criminals abuse US Postal Service Informed Delivery for ID theft
Criminals are abusing the US Postal Service's Informed Delivery for ID theft and fraud. Meanwhile, vulnerabilities were found in Oracle's VirtualBox, WordPress and Adobe ColdFusion servers.
Meaner, more violent Stuxnet variant reportedly hits Iran
Iran admitted its “infrastructure and strategic networks” were hit by a meaner version of Stuxnet. Plus, Iran used Google to find CIA communication channels.
Cyber security relics: 4 older technologies still plaguing the infosec world
Understanding the issues of the past can help us be better equipped to deal with seemingly new issues in the present.
Thousands of critical energy and water systems exposed online for anyone to exploit
Critical functions such as starting or stopping a system can be accessed online by anyone, be it nation-state attackers or script kiddies.
Flaws in brain stimulation tech could let hackers erase or hold memories for ransom
If security flaws in brain stimulation tech are not fixed, researchers warn that hackers will be able to target your memories, erase them or hold them for ransom in the future.
Another government system breached; 75,000 people affected
The Centers for Medicare & Medicaid Service confirmed a breach. Apple CEO Tim Cook wants Bloomberg to retract the spychip story. A Connecticut city paid a ransom to unlock 23 servers.
What is Shodan? The search engine for everything on the internet
Defenders find this simple tool valuable for finding vulnerable devices attached to the web that need to be secured.
What are blockchain’s smart contracts? And how to secure them
Smart contracts are moving into the enterprise, but they aren’t bulletproof. These are the vulnerabilities and best practices for securing them.
Microsoft patch for JET flaw zero-day is ‘incomplete,’ Windows still vulnerable
Microsoft's fix for the zero-day JET flaw only limits the vulnerability, doesn't eliminate it. Meanwhile, a Pentagon breach affects 30,000 workers, and a vigilante hacker is patching vulnerable MikroTik routers.
Pentagon's new weapon systems are easy to hack, GAO report finds
A recent GAO report revealed that some US Department of Defense weapon systems use default passwords and that a port scan can cause weapon systems to fail.
-
White Paper
-
White Paper
-
Video/Webcast
Sponsored -
White Paper
-
Solution Brief
Sponsored
Most Popular
Sponsored Links