Since IBM X-Force published its report, “Security Attacks on Industrial Control Systems,” last year, we have observed a startling increase in the number of attacks against these systems. According to IBM Managed Security Services (MSS) data, attacks targeting industrial control systems (ICS) increased over 110 percent in 2016 over last year’s numbers, as of Nov….

The developers of PHPMailer have patched a critical vulnerability that can be exploited by a remote attacker for arbitrary code execution, a researcher said on Sunday. With millions of installations, PHPMailer is considered the world’s most popular email creation and transfer class for PHP. It has been used by several major open-source projects, including WordPress,…

On Dec. 1, 2016, the Commission on Enhancing National Cybersecurity delivered its report to the President of the United States, providing six Imperatives and a number of associated recommendations and action items to improve the overall security posture of the nation’s public and private infrastructures. These recommendations cover the gamut of both technical and non-technical…

2016 was a big year for cyber-security news, most of it not terribly encouraging. Still, the year did present the cyber-security industry with several teachable moments that I believe all security professionals should heed as we move into a new year. Accordingly, I’ve made four New Year’s resolutions for the cyber-security industry in 2017. If…

Visitors to the U.S. under a visa waiver program are being asked by the Department of Homeland Security for information on their social media accounts, a plan that had drawn criticism from civil rights groups for its potential encroachment on privacy. The U.S. Customs and Border Protection unit of the DHS asked for written comments…

Apps are an integral part of any business today. Radware, a security and availability solutions provider, is protecting the organizations globally from cybercrime, including DDoS attacks. “We have a phenomenal track record of innovating in security and bringing great partnerships on the table for our end customers. Also we lead the availability solutions area which…

Cisco has warned customers about a critical privilege escalation vulnerability that has been exploited against Cisco CloudCenter Orchestrator (CCO) systems. Cisco CloudCenter is a hybrid cloud management platform with two primary components: CloudCenter Manager, the interface utilized by users and administrators, and CloudCenter Orchestrator, which automates application deployment and infrastructure provisioning and configuration. CCO was…