New infosec products of the week: April 21, 2017
ThreadFix integrates application security into DevOps pipelines Denim Group release of the latest version of ThreadFix, the company’s application vulnerability resolution …
Attacks exploiting software vulnerabilities are on the rise
Attacks conducted with the help of exploits are among the most effective as they generally do not require any user interaction, and can deliver dangerous code without arousing …
Linksys Smart Wi-Fi routers full of flaws, but temporary fix is available
Over 20 models of Linksys Smart Wi-Fi routers have been found to have vulnerabilities that, if exploited, could allow attackers to overload a router and force a reboot, deny …
Mastercard introduces cards that work with fingerprints instead of PINs
Mastercard has added fingerprint sensors to its payment cards, in an attempt to make face-to-face payments more convenient and more secure. How does it work? “A …
Flashlight app on Google Play delivered highly adaptable banking Trojan
A modified version of the Charger mobile ransomware has been downloaded from Google Play by up to 5,000 users. This new variant of the malware was shipped inside a …
Microsoft users can ditch password-based logins for phone sign-in 2FA
Microsoft added a new feature to its authenticator app, allowing users to sign into their Microsoft account without having to enter their password. “With phone sign-in, …
Organizations are not effectively dealing with open source security threats
Black Duck conducts hundreds of open source code audits annually, primarily related to Merger & Acquisition transactions. Its Center for Open Source Research & …
How secure are banks and financial services firms?
Many senior bank executives are confident about their cybersecurity strategy, yet a lack of comprehensive, practical testing is leaving gaps in their defense. Accenture …
Oracle fixes Solaris 10 flaw targeted by leaked NSA exploit
Oracle has pushed out a record-breaking 299 fixes for vulnerabilities in its many, many products, and among them is a Solaris 10 bug whose existence has been revealed through …
Hajime IoT worm infects devices to head off Mirai
Mirai is the name of the worm that has taken control of many IoT devices around the world and used them to mount DDoS attacks, the most high-profile of which was directed …
InterContinental confirms card data breach at over 1,000 locations
InterContinental Hotels Group (IHG) has reported last week that a huge number of their hotels in the US and Puerto Rico have been compromised with payment card …
Cyber risk issues resonating in boardrooms
The Cyentia Institute used in-depth surveys and interviews with corporate board members and CISOs to identify specific cyber risk issues resonating in boardrooms. More talk of …
Featured news
Resources
Don't miss
- Avoiding vendor lock-in when using managed cloud security services
- The CISO’s dilemma of protecting the enterprise while driving innovation
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)
- Account takeover detection: There’s no single tell
- Man vs. machine: Striking the perfect balance in threat intelligence