CISOs are looking for more integration and automation
Enterprise CISOs are looking for more integration and automation among their existing IT security tools, and that most are only periodically monitoring and mitigating events …
Fragmented approaches to PKI don’t always follow best practices
Independent research by the Ponemon Institute reveales increased reliance on public key infrastructures (PKIs) in today’s enterprise environment, supporting a growing …
500 million users at risk of compromise via unpatched WinRAR bug
A critical vulnerability has been found in the latest version of WinRAR, the popular file archiver and compressor utility for Windows, and can be exploited by remote attackers …
Scammers use Google AdWords, fake Windows BSOD to steal money from users
Faced with the infamous Windows Blue Screen of Death (BSOD), many unexperienced computer users’ first reaction is panic. If that screen contains a toll free number …
Attackers posing as legitimate insiders still an enormous security risk
Cyber attacks that exploit privileged and administrative accounts – the credentials used to manage and run an organization’s IT infrastructure – represent the greatest …
Companies leave vulnerabilities unpatched for up to 120 days
Kenna studied the proliferation of non-targeted attacks and companies’ ability to mitigate these threats through the timely remediation of security vulnerabilities in their …
Women represent only 10% of the infosec workforce
Surveying nearly 14,000 global professionals, a new (ISC)2 report focuses on the lack of gender diversity in the information security workforce despite a cyber landscape that …
File insecurity: the final data leakage frontier
The growth of cloud and mobile computing, the ease at which files can be shared and the diversity of collaboration methods, applications and devices have all contributed to …
VBA malware is back!
“VBA malware is far from dead. In fact, as Sophos researchers recently noted, approximately 50 to 100 new VBA malware samples are spotted each day. For those who …
Too many vulnerable medical systems can be found online
How many critical medical systems can be found on the Internet, accessible to and hackable by remote attackers? According to security researchers Scott Erven and Mark Collao, …
XOR DDoS botnet launching attacks from compromised Linux machines
Attackers have developed a botnet capable of 150+ Gbps DDoS attack campaigns using XOR DDoS, a Trojan malware used to hijack Linux systems, according to Akamai.What is XOR …
Do security flaws with life-threatening implications need alternative disclosure?
If security researchers get no response from manufacturers when disclosing vulnerabilities with life-threatening implications, the majority of IT security professionals (64%) …
Featured news
Resources
Don't miss
- How board members think about cyber risk and what CISOs should tell them
- Popular code formatting sites are exposing credentials and other secrets
- Fake “Windows Update” screens fuels new wave of ClickFix attacks
- Microsoft cracks down on malicious meeting invites
- How an AI meltdown could reset enterprise expectations