New infosec products of the week: February 16, 2018
ScramFS: Encryption system for safeguarding cloud data Scram Software has announced that ScramFS – an internationally peer-reviewed encryption system for safeguarding …
Intel offers to pay for Spectre-like side channel vulnerabilities
Intel is expanding the bug bounty program it started last March, and is raising considerably the awards it plans to give out for helpful vulnerability information. Where …
Still relying solely on CVE and NVD for vulnerability tracking? Bad idea
2017 broke the previous all-time record for the highest number of reported vulnerabilities. The 20,832 vulnerabilities cataloged during 2017 by Risk Based Security (VulnDB) …
UK government officially blames Russia for NotPetya attack
The UK government has officially attributed the June 2017 NotPetya cyber attack to the Russian government. The statement is backed by an assessment of the UK’s National Cyber …
IoT botnet bypasses firewalls to get to ZyXEL modems
NewSky Security’s honeypots have detected a new IoT botnet in the making. The botnet was named DoubleDoor, as it leverages two distinct backdoors to get to the target: …
7 steps security leaders can take to deal with Spectre and Meltdown
Security and risk management leaders must take a pragmatic and risk-based approach to the ongoing threats posed by an entirely new class of vulnerabilities, according to …
A five-year analysis of reported Windows vulnerabilities
Based on analysis of all disclosed Microsoft vulnerabilities in 2017, a new Avecto report shows a significant rise in the number of reported vulnerabilities. Last year, 685 …
Cryptomining malware continues to drain enterprise CPU power
Cryptomining malware continues to impact organizations globally as 23% were affected by the Coinhive variant during January 2018, according to Check Point’s latest Global …
Microsoft boosts Windows Analytics to help squash Meltdown and Spectre bugs
A day after Microsoft announced it will be adding Windows Defender ATP down-level support for older OSes comes the news that its Windows Analytics service is getting new …
How cybercriminals exploited Telegram flaw to deliver malware
A “vulnerability” in Telegram’s desktop instant messaging client for Windows was exploited for months by Russian cybercriminals to deliver malware to users. …
Microsoft, Adobe February 2018 security updates: An overview
The Microsoft February 2018 security updates are for Internet Explorer, Edge, Windows, Office, Office Services and Web Apps, Adobe Flash, and ChakraCore (the core part of the …
Here’s what keeps your CISO up at night
89.1 percent of all information security leaders are concerned about the rise of digital threats they are experiencing across web, social and mobile channels, according to the …