Latest WinRAR, Drupal flaws under active exploitation
CVE-2018-20250, a WinRAR vulnerability that allows attackers to extract a malicious executable to one of the Windows Startup folder to be executed every time the system is …
OSSPatcher: Automated mobile application patching for bugs in open source libraries
Researchers from the Georgia Tech and Peking University are working on OSSPatcher, a system for automatic patching of vulnerable open source libraries included in mobile …
Many computers are vulnerable to hacking through common plug-in devices
Attackers can compromise an unattended machine in a matter of seconds through devices such as chargers and docking stations. Vulnerabilities were found in computers with …
Most IoT devices are being compromised by exploiting rudimentary vulnerabilities
Cybercriminals are looking for ways to use trusted devices to gain control of Internet of Things (IoT) devices via password cracking and exploiting other vulnerabilities, such …
Healthcare industry: Key trends and cybersecurity challenges
Each year, Bitglass analyzes data from the U.S. Department of Health and Human Services’ “Wall of Shame,” a database containing information about breaches of protected health …
New privacy-breaking attacks against phones on 4G and 5G cellular networks
Three new attacks can be used to track the location and intercept calls of phone users connected to 4G and 5G cellular networks, researchers from Purdue University and The …
ICANN calls for wholesale DNSSEC deployment
In light of the recent DNS hijacking attacks, the Internet Corporation for Assigned Names and Numbers (ICANN) is urging domain owners and DNS services to implement DNSSEC …
How to combat delivery ramifications after a data breach
Following Marriott’s data breach, FTC regulations required the hotel chain to reach out to its entire email list of customers, informing them of a potential leak of their …
Businesses believe they should be patching their Android devices more frequently
The use of Android tablets and handhelds are on the rise in business but security remains a concern. On average, 72% of tablets and handheld devices in businesses (excluding …
Blocking compromised passwords from the Collection leaks
It all started with Collection #1, a monster breach dubbed as the biggest data dump in history with its 773 million unique email addresses, and 22 million unique passwords. …
Accidental data breaches are often compounded by a failure to encrypt
83 percent of security professionals believe that employees have accidentally exposed customer or business sensitive data at their organization. Accidental data breaches are …
Don’t miss these keynotes at RSAC 2019
RSA Conference keynotes look a little different this year. We’ve dedicated two stages to keynotes this year instead of the usual one, and we’ve got more presenters speaking to …
Featured news
Resources
Don't miss
- Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys
- Self-sovereign identity could transform fraud prevention, but…
- Ghidra 11.3 released: New features, performance improvements, bug fixes
- Ransomware payments plummet as more victims refuse to pay
- The overlooked risks of poor data hygiene in AI-driven organizations