Help Net Security
mHealth apps consistently expose PII and PHI through APIs
All of the 30 popular mHealth apps that were tested are vulnerable to API attacks that can allow unauthorized access to full patient records including protected health …
2020 vulnerability disclosures on track to exceed those from 2019
2020 vulnerability disclosures are on track to exceed 2019 despite a sharp decrease of 19.2% observed earlier in the year, according to Risk Based Security. The team …
Researchers spot massive increase in RDP attack attempts
The COVID-19 pandemic continued to influence the cybercrime landscape in 2020, ESET reveals. Most notably, the new attack surface created by the shift to work from home …
Big Tech will try to pre-empt harsh privacy laws by writing their own
Over the past decade, the firms that make up the so-called Big Tech have captured enough of the global economy to resemble industrial cartels from a bygone era. Amazon, Apple, …
Protecting productivity within the disappearing perimeter
During the past year, business leaders have seen first-hand the benefits of adopting an everywhere enterprise model of working and are now carefully considering its role in …
Credential spill incidents nearly doubled since 2016
The number of annual credential spill incidents nearly doubled from 2016 to 2020, according to F5 research. There was a 46% downturn in the number of spilled credentials …
People are often the collateral damage of attacks on corporations
Thanks to cyberattacks making regular headlines in the news, it’s no secret that massive data breaches are a significant threat to organizations. However, a report from …
5G experimentation and security grows in govt, military sectors
Spirent Communications released its 5G outlook report, based on analysis and takeaways from over 600 global 5G engagements in 2020. The report provides insights from across …
IPCDump: Open-source tool for tracing interprocess communication on Linux
Guardicore released IPCDump, a new open source tool for tracing interprocess communication on Linux. The tool covers most interprocess communication (IPC) mechanisms, …
Whitepaper: A new approach to help you achieve least privilege at cloud scale
How can enterprises reduce their risk in the cloud? They need to understand the attack surface has changed and operate under the assumption that the number one risk to their …
Dark web analysis shows high demand for hackers
Positive Technologies’ experts have analyzed the ten most active forums on the dark web, which offer services for hacking websites, buying and selling databases, and accessing …
When it comes to vulnerability triage, ditch CVSS and prioritize exploitability
When it comes to software security, one of the biggest challenges facing developers today is information overload. Thanks in part to the widespread proliferation and use of …