LoJax: First-ever UEFI rootkit detected in a cyberattack
ESET researchers have discovered a cyberattack that used a UEFI rootkit to establish a presence on the victims’ computers. Dubbed LoJax, this rootkit was part of a campaign …
Apple DEP vulnerability lets attackers access orgs’ resources, info
An authentication weakness in Apple’s Device Enrollment Program (DEP) may allow attackers to enroll any device into an organization’s Mobile Device Management …
The state of network security in organizations with 1000+ employees
Security team size at the largest organizations does not scale with the number of overall employees, but they are more likely to include staff with specialized roles, say the …
You should prepare for the next mega data breach
As of September 2018, it’s been one year since the historical Equifax mega data breach that impacted nearly half of all consumers in the U.S. Since this monumental invasion of …
Downloads of known vulnerable open source components increase 120%
Sonatype today released its fourth annual State of the Software Supply Chain Report, which reveals the widespread use of vulnerable software components by businesses around …
Most enterprises now running Windows 10, security hygiene no longer optional
Security is galvanizing around the move to Windows 10, the operating system that the majority of companies now run in their organizations, according to the 2018 Enterprise …
Firefox Monitor tells you whether your email was compromised in a data breach
After a few months of user testing, Mozilla has launched Firefox Monitor, a free online service that allows users to check whether their email address was involved in a …
Cybersecurity has a diversity problem: Here’s why
I’ve gotten really good at listing really depressing and disheartening stats over the years. It’s not what I want to be good at, but I’ve found that it’s necessary to help …
New tactics subvert traditional security measures and strike organizations of all sizes
Alert Logic released its latest cybersecurity analysis, “Critical Watch Report: The State of Threat Detection 2018,” which shows attackers are gaining vastly greater scale …
Full compliance with the PCI DSS drops for the first time in six years
After documenting improvements in Payment Card Industry Data Security Standard (PCI DSS) compliance over the past six years (2010 – 2016), Verizon’s 2018 Payment Security …
Cryptocurrency mining malware increases 86%
McAfee released its McAfee Labs Threats Report September 2018, examining the growth and trends of new cyber threats in Q2 2018. In the second quarter, they saw the surge in …
Security and privacy improvements in macOS Mojave
Apple has released macOS Mojave, which comes with a new Dark Mode, a redesigned Mac App Store, and many new and modified features. It also sports changes aimed at enhancing …
Featured news
Sponsored
Don't miss
- Threat intelligence: A blessing and a curse?
- Why CISOs face greater personal liability
- Practical strategies to mitigate risk and secure SAP environments
- SMS Stealer malware targeting Android users: Over 105,000 samples identified
- Microsoft: DDoS defense error amplified attack on Azure, leading to outage