Are we chasing the wrong zero days?
Zero days became part of mainstream security after the world found out that Stuxnet malware was used to inflict physical damage on an Iranian nuclear facility. After the …
For recent big data software vulnerabilities, botnets and coin mining are just the beginning
The phrase “with great power comes great responsibility” was excellent advice when Ben Parker said it to his nephew Peter, aka Spiderman. It is even more …
Internal negligence to blame for most data breaches involving personal health information
Your personal identity may fall at the mercy of attackers on many websites, but when it comes to health data breaches, hospitals, doctors offices and even insurance companies …
Week in review: The lessons of Conficker, holiday season cybercrime, IoT vulnerability discovery
Here’s an overview of some of last week’s most interesting news and articles: Don’t accept risk with a pocket veto No security professional wants to accept risk. …
Don’t accept risk with a pocket veto
We who live risk management know there are four responses when confronted with a credible risk to our organizations. We can treat the risk to reduce it. We can avoid the risk …
Losses from online payment fraud to reach $48 billion annually
A new study from Juniper Research has found that annual online payment fraud losses from eCommerce, airline ticketing, money transfer and banking services, will reach $48 …
Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent
Adobe has released a Flash Player update that plugs a critical vulnerability (CVE-2018-15981) that could lead to remote code execution, and is urging users to implement it as …
Conficker: A 10-year retrospective on a legendary worm
This November marked the 10-year anniversary of Conficker, a fast-spreading worm targeting Microsoft systems that went on to claim one of the highest levels of infection in …
The holiday season and cybercrime: 8 ways to protect yourself
The holiday season has become an unbridled online spending extravaganza, and threat actors have taken notice. For shoppers, what starts out as an attempt to fulfill their …
Should government officials complete basic cyber security training?
Venafi announced the results of a survey of 515 IT security professionals’ views on the cyber security literacy of government officials. The survey was conducted August 4-9, …
The state of BYOD and mobile device security
Bitglass has released its 2018 BYOD Security Report. The analysis is based on a survey of nearly 400 enterprise IT experts who revealed the state of BYOD and mobile device …
Make-A-Wish website compromised to serve cryptojacking script
Visitors of the international website of the US-based non-profit Make-A-Wish Foundation have had their computing power misused to covertly mine cryptocurrency, Trustwave …