vulnerability
CISOs say a distributed workforce has critically increased security concerns
73% of security and IT executives are concerned about new vulnerabilities and risks introduced by the distributed workforce, Skybox Security reveals. The report also uncovered …
Critical vulnerabilities in Cisco Security Manager fixed, researcher discloses PoCs
Cisco has patched two vulnerabilities in its Cisco Security Manager solution, both of which could allow unauthenticated, remote attackers to gain access to sensitive …
Healthcare organizations are sitting ducks for attacks and breaches
Seventy-three percent of health system, hospital and physician organizations report their infrastructures are unprepared to respond to attacks. The survey results estimated …
Stop thinking of cybersecurity as a problem: Think of it as a game
COVID-19 changed the rules of the game virtually overnight. The news has covered the broader impacts of the pandemic, particularly the hit to our healthcare, the drops in our …
New side-channel attacks allow access to sensitive data on Intel CPUs
An international team of security researchers is presenting new side-channel attacks (CVE-2020-8694 and CVE-2020-8695), which use fluctuations in software power consumption to …
End-to-end encrypted communication mitigates enterprise security risk and ensures compliance
It is a mathematical certainty that data is more protected by communication products that provide end-to-end encryption (E2EE). Yet, many CISOs are required to prioritize …
Quantum computers: How to prepare for this great threat to information security
The race is on to build the world’s first reliable and truly useful quantum computer, and the finish line is closer than you might think – we might even reach it this …
Git LFS vulnerability allows attackers to compromise targets’ Windows systems (CVE-2020-27955)
A critical vulnerability (CVE-2020-27955) in Git Large File Storage (Git LFS), an open source Git extension for versioning large files, allows attackers to achieve remote code …
Google fixes two actively exploited Chrome zero-days (CVE-2020-16009, CVE-2020-16010)
For the third time in two weeks, Google has patched Chrome zero-day vulnerabilities that are being actively exploited in the wild: CVE-2020-16009 is present in the desktop …
Google discloses actively exploited Windows zero-day (CVE-2020-17087)
Google researchers have made public a Windows kernel zero day vulnerability (CVE-2020-17087) that is being exploited in the wild in tandem with a Google Chrome flaw …
Easily exploitable RCE in Oracle WebLogic Server under attack (CVE-2020-14882)
A critical and easily exploitable remote code execution vulnerability (CVE-2020-14882) in Oracle WebLogic Server is being targeted by attackers, SANS ISC has warned. Oracle …
Most companies have high-risk vulnerabilities on their network perimeter
Positive Technologies performed instrumental scanning of the network perimeter of selected corporate information systems. A total of 3,514 hosts were scanned, including …
Featured news
Resources
Don't miss
- The modern CISO is a cornerstone of organizational success
- Best practices for ensuring a secure browsing environment
- Kata Containers: Open-source container runtime, building lightweight VMs
- Why software is the key to FI risk management
- Hottest cybersecurity open-source tools of the month: December 2024