vulnerability
Vulnerabilities in ICS-specific backup solution open industrial facilities to attack
Claroty researchers have found and privately disclosed nine vulnerabilities affecting Rockwell Automation’s FactoryTalk AssetCentre, an ICS-specific backup solution. All of …
Massive increase in endpoint attacks, rising rate of encrypted malware and new exploits targeting IoT
Fileless malware and cryptominer attack rates grew by nearly 900% and 25% respectively, while unique ransomware payloads plummeted by 48% in 2020 compared to 2019, according …
5 key cybersecurity risks in 2021, and how to address them now
With an unexpected year of massive change behind us, many organizations have now an extensive remote workforce, new technologies in use, and digital transformation under way …
VMware patches critical vRealize Operations flaws that could lead to RCE
Two vulnerabilities (CVE-2021-21975, CVE-2021-21983) recently patched by VMware in its vRealize Operations platform can be chained together to achieve unauthenticated remote …
The growing threat to CI/CD pipelines
Before the pandemic, most modern organizations had recognized the need to innovate to support developers’ evolving workflows. Today, rapid digitalization has placed a …
Nearly 40% of new ransomware families use both data encryption and data theft in attacks
Data-stealing ransomware attacks, information harvesting malware, and supply chain attacks are among the critical threats to organizations, according to F-Secure. One of the …
Using memory encryption in web applications to help reduce the risk of Spectre attacks
There’s nothing quite like an actual proof-of-concept to make everyone listen. I was pleased by the PoC released by Google security engineers Stephen Röttger and Artur Janc …
5G network slicing vulnerability leaves enterprises exposed to cyberattacks
AdaptiveMobile Security today publicly disclosed details of a major security flaw in the architecture of 5G network slicing and virtualized network functions. The fundamental …
Hidden areas of security and the future of hybrid working
The pandemic has changed how many companies operate in a short period of time. Over the last year we’ve witnessed most organizations with office-based workforces having to …
Total combined fraud losses climbed to $56 billion in 2020
While total combined fraud losses climbed to $56 billion in 2020, identity fraud scams accounted for $43 billion of that cost. Traditional identity fraud losses totaled $13 …
80% of security leaders would like more control over their API security
There are major gaps in API security based on insights from over 100 senior security leaders at large enterprises in the United States and Europe, an Imvision report reveals. …
How to stay ahead of the rise of synthetic fraud
While banks have been successful in reducing card fraud in recent years, a new and rising threat has emerged: synthetic identity fraud. By combining real and falsified …
Featured news
Resources
Don't miss
- March 2025 Patch Tuesday forecast: A return to normalcy
- Hetty: Open-source HTTP toolkit for security research
- How to safely dispose of old tech without leaving a security risk
- Who’s in your digital house? The truth about third-party access
- Can AI-powered gamified simulations help cybersecurity teams keep up?