software

What is a security data lake?
The concepts of the data lake and the specialized security data lake are relatively new. While data lakes have a bit of a head start in adoption – largely among data science …

Lenovo Fingerprint Manager Pro is full of fail
Lenovo Fingerprint Manager Pro, a piece of software that allows users to log into their PCs or authenticate to configured websites using fingerprint recognition, has been …

Security in the enterprise: Things are looking up!
Cybersecurity is quickly becoming the number one business priority, says identity and access management company Okta. Based on the results of an analysis of authentication and …

Abandoned by Microsoft, Equation Editor gets “security-adopted” by micropatch pros
Last week, Microsoft did away with Equation Editor, a tool that has been part of Microsoft Office for over 17 years. The reason behind the move? A remote code execution …

Researchers uncover major security vulnerabilities in ICS mobile applications
IOActive and Embedi researchers found 147 cybersecurity vulnerabilities in 34 mobile applications used in tandem with SCADA systems. Proof-of-concept Attack on Victim HMI …

Apps most frequently blacklisted by enterprise security teams
Appthority released its Enterprise Mobile Security Pulse Report for Q4 2017, which details the apps most frequently blacklisted by enterprise mobility and security teams. Most …

An analysis of 120 mobile app stores uncovers plethora of malicious apps
RiskIQ analyzed 120 mobile app stores and more than 2 billion daily scanned resources. In listing and analyzing the app stores hosting the most malicious mobile apps and the …

OpenEMR flaw leaves millions of medical records exposed to attackers
A vulnerability in the free, open source electronic medical record and medical practice management software OpenEMR can be exploited to steal patients’ medical records …

Safeguard mobile devices: VPNs and personal firewalls are vital
As mobile devices have permeated every aspect of private and professional lives, users have become increasingly dependent on connecting to public hotspots – especially when …

Critical flaw in Cisco collaboration products plugged
A critical vulnerability in a dozen Cisco collaboration products based on the Cisco Voice Operating System (VOS) could allow unauthenticated, remote attackers to gain access …

Sneaky malware downloader found in apps on Google Play
Google has removed from Google Play eight apps that have served as downloaders for Android banking malware. The malware The packages – a mixture of Android cleaners and …

Data exfiltration tool PTP-RAT encodes data in pixel colour values
How to exfiltrate data from a machine that doesn’t have file transfer capabilities or whose Remote Desktop Protocol (RDP) connection has been locked down, making it …