Equifax breach happened because of a missed patch
The attackers who breached Equifax managed to do so by exploiting a vulnerability in its US website, the company has finally confirmed. The vulnerability – CVE-2017-5638 …
Confusion and lack of preparation in the face of looming GDPR deadline
With the GDPR deadline set for 25 May next year, many organisations are ill-prepared due to uncertainty about the criteria for compliance. 37 percent of respondents to a …
European Commission wants ENISA to introduce EU-wide cybersecurity certification scheme
“Cyber security attacks know no borders and no one is immune,” European Commission President Jean-Claude Juncker noted in his State of the Union Speech on …
Managing the fragmented cloud world
Enterprise IT environments are becoming more heterogeneous and complex, with fragmentation permeating cloud infrastructure, tooling and culture. However, enterprises find …
Patch Tuesday: 80+ vulnerabilities fixed, one exploited in the wild
As part of its regular, monthly Patch Tuesday update, Microsoft has released patches for 81 new vulnerabilities, including a zero-day in the .NET Framework. The September …
Phishers targeting LinkedIn users via hijacked accounts
A new phishing campaign has been spotted hitting LinkedIn users via direct messages and the LinkedIn InMail feature. They are sent from legitimate LinkedIn Premium accounts …
Why end-to-end encryption is about more than just privacy
The question of whether regular people need end-to-end encryption will surely be debated for quite some time. But for Alan Duric, CEO and co-founder of Wire, the question can …
Billions of Bluetooth-enabled devices vulnerable to new airborne attacks
Eight zero-day vulnerabilities affecting the Android, Windows, Linux and iOS implementations of Bluetooth can be exploited by attackers to extract information from, execute …
Organizations are uncovering a cloud security paradox
The characteristics of modern applications in the cloud are changing, requiring software and IT architects to shift priorities. Businesses of all sizes are transforming in …
DOE invests $50 million to improve critical energy infrastructure security
Today, the Department of Energy (DOE) is announcing awards of up to $50 million to DOE’s National Laboratories to support early stage research and development of …
Google Dashboard becomes mobile-friendly
Google Dashboard, a privacy tool through which users can see what Google has learned about them through their use of the company’s products, has been redesigned. …
Equifax attackers got in through an Apache Struts flaw?
Have the attackers responsible for the Equifax data breach exploited a vulnerability in Apache Struts, a popular open source framework for developing web applications, to …
Featured news
Resources
Don't miss
- Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812)
- Where policy meets profit: Navigating the new frontier of defense tech startups
- Four arrested in connection with M&S, Co-op ransomware attacks
- Ruckus network management solutions riddled with unpatched vulnerabilities
- What EU’s PQC roadmap means on the ground