Apple fixes FaceTime eavesdropping bug, two iOS zero-days
Apple has pushed out critical security updates for iOS and macOS, which fix the “Facepalm” FaceTime eavesdropping bug but also two zero-day flaws that, according …
New infosec products of the week: February 8, 2019
Masergy launches Secure Wi-Fi and extends protection into the customer LAN Masergy has launched Masergy Secure Wi-Fi as the latest feature in the ongoing evolution of the …
Mild to medium volume expected for February 2019 Patch Tuesday
If you look at the recent Patch Tuesday lineups, we have seen the usual updates for the Microsoft Windows OS, browsers, and Office. In the last two months we have seen updates …
DevOps and DevSecOps developments to watch in 2019
Some predictions are more accurate than others. Last year, I was sure that serverless would finally overtake containers—but then 2018 turned out to be the year of Kubernetes. …
Infosec pros believe data isn’t secure in the cloud, despite desire for mass adoption
65 percent of infosecurity professionals would like to store object data in the cloud, but 47 percent either don’t believe or are not sure if data in the cloud is as …
How today’s workforce stays secure and what apps it prefers
User-focused security apps KnowBe4, LastPass, and Proofpoint dominate the list of fastest growing apps within enterprises, according to Okta. “KnowBe4 in particular is …
What do successful pentesting attacks have in common?
In external penetration testing undertaken for corporate clients in industrial, financial, and transport verticals in 2018, Positive Technologies found that, at the vast …
8 months of GDPR: 59,000+ reported breaches, 91 fines
A little over eight months have passed since the EU General Data Protection Regulation (GDPR) became enforceable, but it’s becoming clear that sweeping data breaches …
Lookalike domains: Artificial intelligence may come to the rescue
In the world of network security, hackers often use lookalike domains to trick users to unintended and unwanted web sites, to deliver malicious software into or to send data …
Malicious macros can trigger RCE in LibreOffice, OpenOffice
Achieving remote code execution on systems running LibreOffice or Apache OpenOffice might be as easy as tricking users into opening a malicious ODT (OpenDocument) file and …
The problem with vulnerable IoT companion apps
There’s no shortage of exploitable security holes in widely used Internet of Things devices, so it shouldn’t come as a surprise that the communication between many …
Google’s new Chrome extension flags insecure passwords
As the number of compromised and leaked credentials rises inexorably with each passing day, Google has decided to help users choose safe combinations for all their online …
Featured news
Resources
Don't miss
- How to map and manage your cyber attack surface with EASM
- Google is making sending end-to-end encrypted emails easy
- North Korean IT workers set their sights on European organizations
- Balancing data protection and clinical usability in healthcare
- BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework