Chrome will tag FTP sites as “Not secure”
Google Chrome 63, expected to be released sometime around December, will label resources delivered over the FTP protocol as “Not secure”, a member of the Chrome …
New infosec products of the week: September 15, 2017
FinalCode 5.3 extends the types of applications traditional IRM can support FinalCode updated its persistent, file-centric information rights management (IRM) solution. …
Organizations struggle to maximize the value of threat intelligence
Amidst growing concerns of large-scale cyber attacks, 84 percent of organizations participating in a Ponemon Institute survey indicated threat intelligence is “essential …
Finance is moving to the cloud faster than expected
A major shift is taking place in how enterprises select their financial management applications, with a migration to cloud applications happening faster than expected. A …
Unsecured Elasticsearch servers turned into PoS malware C&Cs
Security researchers have discovered over 4,000 Elasticsearch servers compromised to distribute and control PoS malware. 99 percent of them are hosted by Amazon. What is …
User-targeted threats at all-time high despite rising education spend
The cost of security education for large enterprises at an all-time-high of $290,033 per year per organization, and user education is rocketing up the CIO’s priority list. Yet …
Equifax breach happened because of a missed patch
The attackers who breached Equifax managed to do so by exploiting a vulnerability in its US website, the company has finally confirmed. The vulnerability – CVE-2017-5638 …
Confusion and lack of preparation in the face of looming GDPR deadline
With the GDPR deadline set for 25 May next year, many organisations are ill-prepared due to uncertainty about the criteria for compliance. 37 percent of respondents to a …
European Commission wants ENISA to introduce EU-wide cybersecurity certification scheme
“Cyber security attacks know no borders and no one is immune,” European Commission President Jean-Claude Juncker noted in his State of the Union Speech on …
Managing the fragmented cloud world
Enterprise IT environments are becoming more heterogeneous and complex, with fragmentation permeating cloud infrastructure, tooling and culture. However, enterprises find …
Patch Tuesday: 80+ vulnerabilities fixed, one exploited in the wild
As part of its regular, monthly Patch Tuesday update, Microsoft has released patches for 81 new vulnerabilities, including a zero-day in the .NET Framework. The September …
Phishers targeting LinkedIn users via hijacked accounts
A new phishing campaign has been spotted hitting LinkedIn users via direct messages and the LinkedIn InMail feature. They are sent from legitimate LinkedIn Premium accounts …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility