Most companies have high-risk vulnerabilities on their network perimeter
Positive Technologies performed instrumental scanning of the network perimeter of selected corporate information systems. A total of 3,514 hosts were scanned, including …
PCI SSC updates standard for payment devices to protect cardholder data
The PCI Security Standards Council has updated the standard for payment devices to enable stronger protections for cardholder data. Meeting the accelerating changes of payment …
FIRST releases updated coordination principles for Multi-Party Vulnerability Coordination and Disclosure
The Forum of Incident Response and Security Teams (FIRST) has released an updated set of coordination principles – Guidelines for Multi-Party Vulnerability Coordination and …
Researchers design a tool to identify the source of errors caused by software updates
We’ve all shared the frustration when it comes to errors – software updates that are intended to make our applications run faster inadvertently end up doing just …
Most IT pros still haven’t migrated all their users to Windows 10
59% of IT professionals report that they still haven’t migrated all their users to Windows 10, despite the imminent end of regular support for Windows 7 on January 14, 2020, …
Windows 10: New update controls for end users, automatic removal of broken updates
It seems that last year’s Windows 10 updating troubles have spurred Microsoft to make some changes to the operating system’s update experience and the …
Fake Flash updaters deliver cryptominers AND update Flash
Cryptominers have dethroned ransomware as the top malware threat and cybercriminals are coming up with new ways to keep the mining activity secret from the victims. One of …
KeePass update check MitM flaw can lead to malicious downloads
Open source password manager KeePass sports a MitM vulnerability that could allow attackers to trick users into downloading malware disguised as a software update, security …
Tor Project exploring ways to keep its software and users safe
In view of the recent legal battle between the FBI and Apple regarding phone encryption, and this article revealing that there have been many instances where the US Department …
Critical Joomla RCE bug actively exploited, patch immediately!
An eight-year-old Joomla critical remote code execution vulnerability, which is being actively exploited in attacks in the wild, has been patched by the developers of the …