SSDP amplification attacks rose 639%
The Nexusguard Q3 2018 Threat Report has revealed the emergence of an extremely stealthy DDoS attack pattern targeting communications service providers (CSPs). Comparison …
Bug in widespread Wi-Fi chipset firmware can lead to zero-click code execution
A vulnerability in the firmware of a Wi-Fi chipset that is widely used in laptops, streaming, gaming and a variety of “smart” devices can be exploited to …
Microsoft launches Azure DevOps bug bounty program
Microsoft has launched yet another bug bounty program and is urging security researchers to look into the security of Azure DevOps, its cloud service for collaborating on code …
Beware the man in the cloud: How to protect against a new breed of cyberattack
One malicious tactic that has become quite prevalent in recent years is known as a ‘man in the cloud’ (MitC) attack. This attack aims to access victims’ accounts without the …
Machine learning trumps AI for security analysts
Machine learning is currently one of the biggest buzzwords in cybersecurity and the tech industry in general, but the phrase is often overused and misapplied, leaving many …
Cybercrime could cost companies trillions over the next five years
Companies globally could incur $5.2 trillion in additional costs and lost revenue over the next five years due to cyberattacks, as dependency on complex internet-enabled …
Researchers analyze DDoS attacks as coordinated gang activities
In a new report, NSFOCUS introduced the IP Chain-Gang concept, in which each chain-gang is controlled by a single threat actor or a group of related threat actors and exhibit …
Week in review: SD-WAN deployment, security DevOps, a new taxonomy for SCADA attacks
Here’s an overview of some of last week’s most interesting news and articles: Compromised ad company serves Magecart skimming code to hundreds of websites The …
Most Facebook users aren’t aware that Facebook tracks their interests
Too many Facebook users aren’t aware that the company uses the information provided by them and their actions on the platform and outside of it to create a list of their …
Mining malware evades agent-based cloud security solutions
Cloud infrastructures are a growing target for threat actors looking to mine cryptocurrency, as their vast computational power allows them to multiply the mining …
New infosec products of the week: January 18, 2019
XebiaLabs launches new DevOps risk and compliance capability for software releases The XebiaLabs DevOps Platform provides a single pane of glass for technical and business …
New requirements for the secure design and development of modern payment software
The PCI Security Standards Council (PCI SSC) published new requirements for the secure design and development of modern payment software. The PCI Secure Software Standard and …
Featured news
Sponsored
Don't miss
- Threat intelligence: A blessing and a curse?
- Why CISOs face greater personal liability
- Practical strategies to mitigate risk and secure SAP environments
- SMS Stealer malware targeting Android users: Over 105,000 samples identified
- Microsoft: DDoS defense error amplified attack on Azure, leading to outage