Millions of smartphones, IoT devices risk compromise due to 3-year-old bug
Can you believe that an estimated 6.1 million smart phones, routers, and smart TVs are vulnerable to remote code execution attacks due to security bugs that have been fixed …
Tips for managing and securing SSH keys
A new NIST report raises awareness of the major vulnerabilities associated with SSH user key management and provides concrete steps for securing and protecting SSH systems and …
Strong passwords don’t matter if employees don’t secure them
The line between personal and professional use of apps and devices continues to blur, and while employees claim to prioritize online security, data fro Ping Identity shows …
Exposed: New toolset of the Sofacy cyber-espionage group
Kaspersky Lab has spotted new attacks by the Sofacy group which make use of several upgraded techniques designed for aggressive persistency and greater invisibility of …
Week in review: Information the FBI can collect with NSLs revealed, VPN protocol flaw gives away users’ true IP address
Here’s an overview of some of last week’s most interesting news and articles:Human element of security to the fore at IRISSCON 2015Training people to take more …
Signal secure messaging app now available on the desktop
The Open Whisper Systems nonprofit has released the beta version of their Signal secure messaging app for desktop computers.Signal is often recommended by privacy-minded …
Simply Secure offers free usability design help to developers of privacy, security tools
It is a truth universally acknowledged that privacy and security tools that are easy to use will be more popular that those that aren’t. Another such truth is that being …
A deadly campaign delivers Pony info-stealer followed by Cryptowall ransomware
After the tech support scam paired with ransomware, another deadly combination has been seen targeting PC users: info-stealer coupled with ransomware. According to Heimdal …
86% of PHP-based apps contain at least one XSS vulnerability
Four out of five applications written in PHP, Classic ASP and ColdFusion that were assessed by Veracode failed at least one of the OWASP Top 10. Given the volume of PHP …
High-impact DoS flaw patched in Node.js, update as soon as possible
The Node.js Foundation has pushed out a patch for its eponymous open source, cross-platform runtime environment for developing server-side web applications. The fix plugs two …
Apple’s Swift programming language is now open source
Apple announced that its Swift programming language is now open source. Swift is a powerful and intuitive programming language that gives developers the freedom and …
Infosec pros have little confidence in UK’s cybersecurity readiness
Tenable Network Security asked information security practitioners from the UK about confidence in their respective organizations’ abilities to assess risk, invest in …
Featured news
Sponsored
Don't miss
- Critical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218)
- “0.0.0.0-Day” vulnerability affects Chrome, Safari and Firefox
- NIS2: A catalyst for cybersecurity innovation or just another box-ticking exercise?
- Microsoft 365 anti-phishing alert “erased” with one simple trick
- “Perfect” Windows downgrade attack turns fixed vulnerabilities into zero-days