Apple delivers security patches, plugs an RCE achievable via FaceTime
Apple has released a new set of updates for its various products, plugging a wide variety of vulnerabilities. WatchOS, tvOS, Safari and iCloud Let’s start with …
Cybercriminals increasingly taking aim at businesses
2018 has been the year when cryptominers first dethroned ransomware as the most prevalent threat due to a meteoric spike in Bitcoin value in late 2017, then slowly trailed off …
Debunking conventional wisdom to get out of the security and privacy rut
Given the unprecedented rate of technological change, the dizzying news cycle, and an always-on social media mentality, it may be surprising to learn that when it comes to …
Should enterprises delay efforts to remediate most vulnerabilities?
Companies today appear to have the resources needed to address all of their high-risk vulnerabilities. The research demonstrates that companies are getting smarter in how they …
Most out of date applications exposed: Shockwave, VLC and Skype top the list
More than half (55%) of PC applications installed worldwide are out-of-date, making PC users and their personal data vulnerable to security risks. Avast’s PC Trends Report …
0patch releases micropatch for Windows Contacts RCE zero-day
ACROS Security, the creators of 0patch, have released a micropatch for a recently revealed zero-day RCE flaw affecting Windows. About the vulnerability and the micropatch …
Industry reactions to Google’s €50 million GDPR violation fine
On 21 January 2019, the French National Data Protection Commission (CNIL) imposed a financial penalty of €50 million against Google, in accordance with the GDPR. This is the …
Business resilience should be a core company strategy, so why are businesses struggling to take action?
A recent survey showed that only 51% of U.S. business decision makers say their organization is definitely as resilient as it needs to be against disruptions such as cyber …
Agents of disruption: Four testing topics argue the case for agentless security
Let me introduce myself. I’m a set of flaws in your otherwise perfect, agent-based security world. Like all disruptive agents, I derail your best-laid plans with expensive …
SSDP amplification attacks rose 639%
The Nexusguard Q3 2018 Threat Report has revealed the emergence of an extremely stealthy DDoS attack pattern targeting communications service providers (CSPs). Comparison …
Bug in widespread Wi-Fi chipset firmware can lead to zero-click code execution
A vulnerability in the firmware of a Wi-Fi chipset that is widely used in laptops, streaming, gaming and a variety of “smart” devices can be exploited to …
Microsoft launches Azure DevOps bug bounty program
Microsoft has launched yet another bug bounty program and is urging security researchers to look into the security of Azure DevOps, its cloud service for collaborating on code …
Featured news
Resources
Don't miss
- Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys
- Self-sovereign identity could transform fraud prevention, but…
- Ghidra 11.3 released: New features, performance improvements, bug fixes
- Ransomware payments plummet as more victims refuse to pay
- The overlooked risks of poor data hygiene in AI-driven organizations