Week in review: Critical flaw in Cisco switches, Saks breach, closing the security update gap
Here’s an overview of some of last week’s most interesting news and articles: Establishing covert communication channels by abusing GSM AT commands Security …
Malicious actors used Facebook’s own tools to scrape most users’ public info
Facebook has disabled a search tool that allowed anyone to enter a person’s phone number or email address into Facebook and find their account, along with all the information …
Security teams are under resourced, overwhelmed by attackers
A new report conducted by the Ponemon Institute uncovered security’s “patching paradox” – hiring more people does not equal better security. While security teams plan to hire …
Delta and Sears suffer data breach, credit card information compromised
US-based Delta Air Lines and Sears Holdings, the owners of Sears and Kmart, have announced that the breach suffered by chatbot company [24]7.ai has resulted in the compromise …
IT audit best practices: Technological changes give rise to new risks
IT security and privacy, IT governance and risk management, regulatory compliance, emerging technology and cloud computing are the key issues impacting IT audit plans in 2018, …
Cyber attacks are becoming more organized and structured
Trustwave released the 2018 Trustwave Global Security Report which reveals the top security threats, breaches by industry, and cybercrime trends from 2017. The report is …
Inbox placement improving, spam placement remains the same
The global trend of delivery data increased over the last eight quarters, with a growth of 4 percent inbox placement, according to 250ok. Missing emails saw a decrease of 5 …
Easily exploited flaw in Microsoft Malware Protection Engine allows total system compromise
A critical and extremely easily exploitable vulnerability in the Microsoft Malware Protection Engine (MMPE) has been patched through an out-of-band security update pushed out …
ShiftLeft: Fully automated runtime security solution for cloud applications
When talking about data loss prevention, the first thing that comes to mind are solutions aimed at stopping users from moving sensitive documents/data out of a network. But …
Establishing covert communication channels by abusing GSM AT commands
Security research often starts as a hobby project, and Alfonso Muñoz’s and Jorge Cuadrado’s probe into mobile privacy is no exception. The duo, who’s …
Fewer records breached: Cybercriminals focus on ransomware, destructive attacks
According to the 2018 IBM X-Force Threat Intelligence Index, the number of records breached dropped nearly 25 percent in 2017, as cybercriminals shifted their focus on …
What’s new at RSAC 2018?
With the most significant global information security event just around the corner, we caught up with Sandra Toms, VP and Curator, RSA Conference, to find out what attendees …
Featured news
Resources
Don't miss
- It’s time to secure the extended digital supply chain
- SysReptor: Open-source penetration testing reporting platform
- Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391)
- 8Base ransomware group leaders arrested, leak site seized
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200)