GitHub starts alerting developers of security vulnerabilities in dependencies
Popular Git repository hosting service GitHub has introduced a new feature to help developers keep their projects safer: security alerts for vulnerabilities in software …
Criminals leverage unsecured IoT devices, DDoS attacks surge
Organizations experienced an average of 237 DDoS attack attempts per month during Q3 2017 – equivalent to 8 DDoS attack attempts every day – as hackers strive to take their …
German government bans children’s smartwatches, tells parents to destroy them
The Federal Network Agency (Bundesnetzagentur), Germany’s regulatory agency for public utility companies, has categorized children’s smartwatches as spying …
Sad state of enterprise cloud infrastructure governance
A new survey of more than 300 IT professionals, conducted by Propeller Insights in October 2017, revealed that the state of enterprise cloud infrastructure governance is …
Week in review: Risk assessment, fileless attacks, and the most hackable holiday gifts
Here’s an overview of some of last week’s most interesting news and articles: Review: EU GDPR Documentation Toolkit The General Data Protection Regulation (GDPR) …
Poor security habits are the ideal recipe for a breach
A Preempt survey of more than 200 employees (management level or above) from enterprise companies of 1000 or more people, found that businesses are left exposed by employees …
New infosec products of the week: November 17, 2017
Yoti launches digital identity app The free app is available for Apple and Android phones and takes less than five minutes to set up. People take a selfie and scan a passport …
A third of US businesses do not feel prepared for GDPR deadline
New research by Censuswide captures the preparedness levels of organizations in Europe and the United States for the May 2018 GDPR compliance deadline, as well as their …
Critical flaw in Cisco collaboration products plugged
A critical vulnerability in a dozen Cisco collaboration products based on the Cisco Voice Operating System (VOS) could allow unauthenticated, remote attackers to gain access …
Half of organizations do not audit SSH entitlements
Cybercriminals, such as malicious insiders, use SSH keys to access systems from remote locations, evade security tools and escalate privileges, according to a study conducted …
High-Tech Bridge unveils free application discovery and inventory service
High-Tech Bridge announce the public launch of ImmuniWeb Discovery. The free service is a part of the ImmuniWeb Application Security Testing (AST) Platform. ImmuniWeb …
Free security tool protects Internet users through DNS
IBM Security, Packet Clearing House (PCH) and The Global Cyber Alliance (GCA) launched a free service designed to give consumers and businesses added privacy and security …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility