enterprise
Netflix releases desktop versions of device security app Stethoscope
In early 2017, the Netflix team open sourced Stethoscope, an application that collects information about users’ devices and provides them with recommendations for securing …
Safeguarding hybrid-cloud infrastructures through identity privilege management
Most enterprises have embraced the advantages a cloud infrastructure can bring to their computing, storage, network or other needs, and many are juggling multiple cloud …
Oracle CPU October 2018: 301 vulnerabilities patched
Oracle has released its Critical Patch Update for October 2018, fixing 301 vulnerabilities across a wide range of its products, including Oracle Database Server, Oracle …
Phorpiex bots target remote access servers to deliver ransomware
Threat actors are brute-forcing their way into enterprise endpoints running server-side remote access applications and attempting to spread the GandCrab ransomware onto other …
Chronicle announces VirusTotal Enterprise with greater search and analysis capabilities
Chronicle, the cybersecurity subsidiary of Google’s parent company Alphabet, has announced VirusTotal Enterprise, which is aimed at helping enterprises protect their own …
Apple DEP vulnerability lets attackers access orgs’ resources, info
An authentication weakness in Apple’s Device Enrollment Program (DEP) may allow attackers to enroll any device into an organization’s Mobile Device Management …
The state of network security in organizations with 1000+ employees
Security team size at the largest organizations does not scale with the number of overall employees, but they are more likely to include staff with specialized roles, say the …
Data breaches make companies underperform the market in the long run
While the share prices of companies that experienced a sizeable/huge data breach suffer just a temporary hit, in the long term breached companies underperformed the market, an …
Preventing exfiltration of sensitive docs by flooding systems with hard-to-detect fakes
A group of researchers from Queen’s University (Canada) have proposed a new approach for keeping important documents safe: creating so many believable fakes that …
Critical Apache Struts flaw opens enterprises to compromise, patch ASAP!
A critical remote code execution vulnerability (CVE-2018-11776) in Apache Struts, the popular open source framework for developing Java-based web apps, could allow remote …
Retail and finance top the list of vulnerable industries, increasingly targeted with credential threat campaigns
The finance, professional, and information sectors had the highest volume and most variety of malicious activity in Q2 2018, says Rapid7, and the manufacturing sector is …
Criminals can compromise company networks by sending malicious faxes
Check Point has revealed details about the two critical remote code execution vulnerabilities (CVE-2018-5924, CVE-2018-5925) it discovered in the communication protocols used …
Featured news
Resources
Don't miss
- Contextal Platform: Open-source threat detection and intelligence
- Using cognitive diversity for stronger, smarter cyber defense
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws
- Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591)
- Malicious actors’ GenAI use has yet to match the hype