vulnerability
21 vulnerabilities found in Exim, update your instances ASAP!
A code audit of Exim, a widely used mail transfer agent, has revealed 21 previously unknown vulnerabilities, some of which can be chained together to achieve unauthenticated …
Is it OK to publish PoC exploits for vulnerabilities and patches?
In the wake of the Microsoft Exchange ProxyLogon zero-day and F5 BIG-IP security exploits earlier this year, many are questioning if and when should researchers publish proof …
Defeating typosquatters: Staying ahead of phishing and digital fraud
It has become a mantra for businesses targeted by hackers to describe the incident as a “sophisticated cyber-attack”. Although true in some instances, the reality is that most …
Secure your cloud: Remove the human vulnerabilities
Training to increase employees’ security awareness and change risky behaviours among end users is important, particularly as the future workplace will be hybrid and many …
Healthcare organizations implementing zero trust to tackle cyberattacks
It is widely known that the healthcare industry is a primary target for cyberattack, with increasingly sophisticated and highly-motivated adversaries seeking to exploit both …
PCI SSC publishes PCI Secure Software Standard 1.1 and supporting program documentation
Version 1.1 of the PCI Secure Software Standard introduces the Terminal Software Module, a new security requirements module for payment software intended for deployment and …
What is threat modeling and why should you care?
While there is not one exact industry wide definition, threat modeling can be summarized as a practice to proactively analyze the cyber security posture of a system or system …
Researchers develop program that helps assess encryption systems’ vulnerabilities
Anastasia Malashina, a doctoral student at HSE University, has proposed a new method to assess vulnerabilities in encryption systems, which is based on a brute-force search of …
Penetration testing leaving organizations with too many blind spots
While organizations invest significantly and rely heavily on penetration testing for security, the widely used approach doesn’t accurately measure their overall security …
Middle market companies facing a record number of data breaches
Middle market companies possess a significant amount of valuable data but continue to lack appropriate levels of protective controls and staffing, according to a report from …
The next big thing in cloud computing? Shh… It’s confidential
The business-driven explosion of demand for cloud-based services has made the need to provide highly secure cloud computing more urgent. Many businesses that work with …
MFA spending on the rise, but organizations still unclear on best practices
While MFA adoption and spending is on the rise, organizations are still unclear on best practices and methodologies, Yubico and 451 Research reveal. The findings show that MFA …