Google found over 1,000 bugs in 47 open source projects
In the last five months, Google’s OSS-Fuzz program has unearthed over 1,000 bugs in 47 open source software projects, and it’s ready to integrate even more of …
Microsoft plugs crazy bad bug with emergency patch
On Monday night, Microsoft released a critical out-of-band security update for the Microsoft Malware Protection Engine, to plug an easily exploitable bug that could allow …
What healthcare CISOs should know
“Are we more secure today than yesterday?” is the question every healthcare organization needs to asks itself every day. in order to develop a more effective security posture, …
SOCs are maturing, but need more automation
Security operations centers (SOCs) are growing up, according to a new SANS survey. Respondents indicate the SOC’s primary strengths are flexibility of response and …
Spectacular phishing attack pushes Google to improve defenses
The most recent Google-themed phishing attack shouldn’t have come as a surprise, but it did – and has affected around a million Gmail users. As Google succinctly …
Security awareness is good, but good security culture is better
As an efficient mechanism to influence employee behavior, security culture is one of the most important, yet most overlooked, aspects of organizational security. “A …
Viral phishing scams and vulnerabilities: What to watch out for this Patch Tuesday
I am about to head to Las Vegas for Ivanti’s Interchange 2017 at The Mirage hotel and feeling a bit in a gambling mood, so I am going to take a shot at this month’s forecast …
SharePoint houses sensitive data, but organizations are not keeping it safe
A new report from The Ponemon Institute is focused on how organizations are keeping sensitive or confidential data safe in collaboration and file sharing environments such as …
If you downloaded HandBrake for Mac, you could be infected with Proton RAT
A mirror download server of HandBrake, a popular open source video conversion app for Mac, has been compromised, and the legitimate app .dmg file switched with a Trojanized …
Rudimentary attacks pose the greatest risk to midsized organizations
Rudimentary attacks, such as intrusion attempts, information gathering, and policy violations pose the greatest risk to midsized organizations, according to eSentire. Attacks …
Week in review: Hacking industrial robots, criminals exploit SS7 flaws to empty bank accounts
Here’s an overview of some of last week’s most interesting news and articles: Three cybersecurity threat trends that organizations should address today The …
Malware framework using legitimate utilities lobbed at government agencies
Bitdefender researchers have unearthed a previously unknown malware framework that, unlike those used by most APTs, contains many legitimate utilities. Dubbed Netrepser, the …