Week in review: DDoS attack trends, WannaCry lessons, new issue of (IN)SECURE
Here’s an overview of some of last week’s most interesting news and articles: Zero-day flaws in widespread TCP/IP library open millions of IoT devices to remote …
Drupal fixes three vulnerabilities, including one RCE
Drupal’s security team has fixed three vulnerabilities in the popular content management system’s core, one of which (CVE-2020-13663) could be exploited to achieve …
Data Protection Officer independence: Ethical and practical considerations
In light of recent regulator action regarding Data Protection Officer (DPO) independence, this article considers the ethical and practical considerations surrounding the …
How the pandemic affected DDoS attack patterns, global internet traffic
There has been a shift in internet traffic patterns coinciding with an increase in DDoS and other types of network attacks in recent months as organizations across industries …
The smaller the business, the smaller the focus on cybersecurity
With 89% of small businesses moving to a remote workforce, there remains a significant gap between the perceived importance of cybersecurity protections for businesses with …
How much is your data worth on the dark web?
Credit card details, online banking logins, and social media credentials are available on the dark web at worryingly low prices, according to Privacy Affairs. Online banking …
How will a return to work impact cloud usage and strategy?
In the wake of COVID-19, enabling remote work has required IT teams to rapidly lean into cloud technologies to keep their businesses operating smoothly. A survey suggests that …
Using Cisco Webex for your video conferencing needs? Go patch!
Cisco has released security updates for Cisco Webex Meetings and Cisco Webex Meetings Server that fix several remotely exploitable vulnerabilities, as well as one less severe …
Vulnerable platform used in power plants enables attackers to run malicious code on user browsers
Otorio’s incident response team identified a high-score vulnerability in OSISoft’s PI System. They immediately notified OSIsoft Software of the vulnerability, which …
Most COVID-19 contact-tracing apps are not adequately secured
Security researchers have analyzed contact-tracing mobile apps from around the globe and found that their developers have generally failed to implement suitable security and …
End-to-end encryption will be offered to all Zoom users
Zoom Video Communications has decided to extend the benefits of end-to-end encryption (E2EE) not only to paying Zoom customers, but to those who create free accounts, as well. …
Building relationships: The key to becoming a true cybersecurity leader
Slowly but surely, organizations are starting to view information security as a business problem, not an IT problem, and as everybody’s responsibility. “The CISO …
Featured news
Resources
Don't miss
- Deploying AI at the edge: The security trade-offs and how to manage them
- Cybercrime forums Cracked and Nulled seized, operators arrested
- SimpleHelp RMM vulnerabilities may have been exploited to breach healthcare orgs
- Zscaler CISO on balancing security and user convenience in hybrid work environments
- ExtensionHound: Open-source tool for Chrome extension DNS forensics