Managing third-party risk: Dominant trends
One in five organizations has faced significant risk exposure due to a third party in the last 18 months. Of those who shared loss data, 25% said that the loss impact was …
Even a cybersecurity firm can fall for a W-2 phishing scam
US Tax Day (April 18) is quickly approaching, and scammers are hard at work to get what they can before the set tax season deadline. The US IRS is warning about last-minute …
Hijacking Windows user sessions with built-in command line tools
Did you know that by using built-in command line tools, any user with system rights and permissions (usually a local administrator) can hijack the session of any logged-in …
Organizations still vulnerable to brute force attacks
While increases in malware are clearly a major threat to both enterprises and service providers, network complexity is creating its own vulnerability, according to Ixia. The …
300+ Cisco switches affected by critical bug found in Vault 7 data dump
While combing through WikiLeaks’ Vault 7 data dump, Cisco has unearthed a critical vulnerability affecting 300+ of its switches and one gateway that could be exploited …
Cybersecurity today: Turning positive with new thinking and innovation
In this podcast recorded at RSA Conference 2017, Melanie Ensign, Co-Chair for WISP and Head of Security & Privacy Communications at Uber, and Ajay Arora, CEO and founder …
How to harmonize IT GRC controls in your environment
In this podcast recorded at RSA Conference 2017, Tim White, Director of Product Management, Policy Compliance at Qualys, talks about about achieving uniform compliance in risk …
Week in review: WhatsApp flaw, lip motion passwords, reinventing software patching
Here’s an overview of some of last week’s most interesting news, podcasts and articles: Vulnerability in WhatsApp and Telegram allowed complete account takeover …
Unpatched flaw opens Ubiquiti Networks devices to compromise
A critical vulnerability in many of Ubiquiti Networks’ networking devices can be exploited by attackers to take over control of the device and, if that device acts as a …
Fileless attack framework was used in many recent attacks
In the last month or so, a number of security companies spotted attackers targeting a variety of organizations around the world with spear-phishing emails delivering …
Intel is offering up to $30,000 for bugs in its hardware
Intel has become the latest tech company to launch a bug bounty program. Intel bug bounty program: What’s in scope and what is not Intel is looking for bug hunters to …
New infosec products of the week: March 17, 2017
Capture, process, analyze data generated by IoT devices MapR Technologies announced MapR Edge, a small footprint edition of the MapR Converged Data Platform. Addressing the …
Featured news
Sponsored
Don't miss
- ITSM concerns when integrating new AI services
- Scaling data security solutions: What you need to know
- Whitepaper: Tools to tackle the multicloud environment
- Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856)
- Chinese hackers compromised an ISP to deliver malicious software updates