China allegedly infiltrated US companies through implanted hardware backdoors
Many US companies, including Amazon and Apple, have been the victims of a clever supply chain attack that resulted in compromised hardware (servers) being installed at some of …
Jigsaw releases Intra, an Android app that encrypts DNS queries to thwart online censorship
Alphabet subsidiary and tech incubator Jigsaw, which concentrates on creating solutions for “the toughest geopolitical challenges,” has released Intra, an Android …
APTs are targeting IT service providers
Managed service providers (MSPs) and cloud service providers (CSPs) are under attack by advanced persistent threat (APT) groups, the U.S. Department of Homeland Security …
Cisco plugs critical flaws in DNA Center and Prime Infrastructure
A new batch of vulnerabilities in various Cisco products has been fixed, three of which are critical. Cisco DNA Center vulnerabilities Two vulnerabilities affect Cisco Digital …
Even with internal focus, most companies utilize external resources for cybersecurity
A greater reliance on metrics to measure success combined with enhancing skills across security teams can help organizations boost their cybersecurity effectiveness, according …
Bridging the priority gap between IT and security in DevOps
Let’s start with a test. Suppose that you manage a corporate network gateway across which a critical programmed transaction is scheduled to occur in exactly one hour. Suppose …
Most organizations believe hackers can penetrate their network
Radware released findings from its second annual web application security report, Radware 2018 State of Web Application Security. The report shares an in-depth view of the …
For some cloud services more than 75% of accounts are utilized by hackers
Researchers found that 21.57% percent of accounts originating from cloud service IP ranges appear to be fraudulent. Malicious accounts are eight times more likely to originate …
Emerging technologies lag in criticality while key skills remain a barrier
TEKsystems released the results of its 2018 Forecast Reality Check. The survey is designed to measure the current impact of market conditions on IT initiatives, hiring, …
The ultimate fallout from the Facebook data breach could be massive
Less than a week ago, Facebook announced that unknown attackers have managed to string together three bugs affecting the social media platform, which allowed them to steal …
Regularly updating your wireless router is not enough to ward off attacks
Wireless routers are the most often attacked and exploited type of IoT device. They are also one of the rare IoT devices that most of us can’t do without. We need them …
Popular TP-Link wireless home router open to remote hijacking
By concatenating a known improper authentication flaw with a newly discovered CSRF vulnerability, remote unauthenticated attackers can obtain full control over TP-Link …
Featured news
Resources
Don't miss
- Why we must go beyond tooling and CVEs to illuminate security blind spots
- Making security and development co-owners of DevSecOps
- Review: Passwork 7.0, self-hosted password manager for business
- What a mature OT security program looks like in practice
- Machine unlearning gets a practical privacy upgrade