Month: May 2021

Vulnerabilities

Issued by: Dark Reading

The ubiquitous Wi-Fi standard has at least three design flaws that allow a local attacker to intercept and exfiltrate wireless traffic, while additional implementation flaws enable more serious attacks for some wireless traffic, a well-known security researcher revealed this week. The design flaws in the IEEE 802.11 standard — more commonly known as Wi-Fi —…

Software Security

Issued by: Dark Reading

Cisco today confirmed plans to acquire Kenna Security, provider of vulnerability management technology, with plans to integrate its capabilities into the SecureX platform. Kenna Security’s technology uses machine learning to analyze threat data and identify which risks organizations should prioritize – a useful technology to have at a time when organizations are struggling with a…

Network Security

Issued by: Security Week

The funding came from ClearSky Security, DNX Ventures, and South Dakota Equity Partners, and Query.AI says it will be used to accelerate adoption of its product. Query.AI has developed what it describes as a security investigations control plane designed to help security teams investigate and respond to incidents by giving them real-time access and centralized insights…

Malware & Threats

Issued by: Security Week

The attacks start with spear-phishing messages that employ lures relevant to the targeted organizations, such as aviation, travel, and cargo, and deliver an image that pretends to be a PDF file and which contains an embedded link. The attackers abuse legitimate web services and they leverage a newly identified loader dubbed Snip3 for the delivery…

Network Security

Issued by: Security Week

he vulnerabilities, dubbed FragAttacks (fragmentation and aggregation attacks), were discovered by researcher Mathy Vanhoef, who was also involved in the discovery of the Key Reinstallation Attack (KRACK) vulnerabilities back in 2017. FragAttacks can be leveraged by an attacker who is within range of the targeted Wi-Fi connection to hack devices and steal sensitive user information….

Cloud Security

Issued by: Security Week

“We are going to have to assess where we are in regards to the ongoing litigation and determine what the best path forward is for the department,” deputy Pentagon press secretary Jamal Brown said, citing remarks by Deputy Defense Secretary Kathleen Hicks at a public forum late last month. Hicks said then that she could…

Cloud Security

Issued by: Security Week

It’s time. If they weren’t already invested, the events of the last year have clearly forced the hands of organizations to embrace the world of cloud-delivered services. The global rise in remote work is a big driver; it has forced organizations to think more progressively about everything from their office space to their infrastructure. It’s…