vulnerability Archives - Page 13 of 24

Black Duck continues to expand vulnerability prioritization methods

Issued by: Black Duck

Black Duck has always recognized the importance of prioritizing open source security tasks by providing several key data points to help customers focus on what’s most critical. After all, with over 40 new software vulnerabilities being uncovered every day, it’s easy to become overwhelmed. In addition to offering detailed descriptions, expanded severity scoring, exploit information,…

Vulnerabilities

How to secure vulnerable printers on a Windows network

Issued by: CSO

At the recent Black Hat conference, Peleg Hadar and Tumar Bar of SafeBreach Labs pointed out that the way to a network’s heart is often through its printers. In 2010, one of the vulnerabilities Stuxnet used was a remote code execution on a computer with printer sharing enabled. To reach Iran’s centrifuges, Stuxnet exploited a…

Network Security

16 top endpoint protection platforms

Issued by: CSO

Endpoint security has long been an important part of cybersecurity within any enterprise’s overall security architecture, particularly to provide protection for remote devices that connect to an enterprise network. When laptops, smartphones, or desktop computers connect to a network, they establish network nodes and create points of vulnerability. Endpoint security might also be used with…

Network Security

4 best practices for managing and tracking SSL and TLS certificates

Issued by: CSO

Most of us take Secured Sockets Layer (SSL) and Transport Layer Security (TLS) for granted, but over time the use of SSL and TLS certificates has dramatically changed. Once, only websites that handled secure transactions provided protection with an SSL certificate. Now search engines demand everything is protected with certificates. Because attackers have used weaknesses…

Vulnerabilities

TeamViewer flaw could be exploited to crack users’ password

Issued by: Help Net Security

A high-risk vulnerability (CVE-2020-13699) in TeamViewer for Windows could be exploited by remote attackers to crack users’ password and, consequently, lead to further system exploitation. About TeamViewer TeamViewer is an application developed by German company TeamViewer GmbH and is available for Windows, macOS, Linux, Chrome OS, iOS, Android, Windows RT Windows Phone 8 and BlackBerry…

Vulnerabilities

20,000+ new vulnerability reports predicted for 2020, shattering previous records

Issued by: Help Net Security

Over 9,000 new vulnerabilities have been reported in the first six months of 2020, and we are on track to see more than 20,000 new vulnerability reports this year — a new record, Skybox Security reveals. Reshaping the way that people work 50% increase in mobile vulnerabilities highlights dangers of blurring line between corporate and…

Vulnerabilities

Microsoft fixes two RCE flaws affecting Windows 10 machines

Issued by: Help Net Security

Microsoft has released fixes for two remote code execution (RCE) vulnerabilities in the Microsoft Windows Codecs Library on Windows 10 machines. The vulnerabilities Both flaws – CVE-2020-1425 and CVE-2020-1457 – arose because of the way the Microsoft Windows Codecs Library handled objects in memory. CVE-2020-1425 could allow attackers to obtain information to further compromise the…

Malware & Threats

Most malware in Q1 2020 was delivered via encrypted HTTPS connections

Issued by: Help Net Security

67% of all malware in Q1 2020 was delivered via encrypted HTTPS connections and 72% of encrypted malware was classified as zero day, so would have evaded signature-based antivirus protection, according to WatchGuard. These findings show that without HTTPS inspection of encrypted traffic and advanced behavior-based threat detection and response, organizations are missing up to…

Network Security

How the pandemic affected DDoS attack patterns, global internet traffic

Issued by: Help Net Security

There has been a shift in internet traffic patterns coinciding with an increase in DDoS and other types of network attacks in recent months as organizations across industries quickly transitioned to remote workforces and individuals under stay-at-home orders began relying on the internet more heavily, according to Neustar. Growing reliance on the internet The pandemic…

Vulnerabilities

Because IT security and the C-suite are misaligned, digital transformation increases cyber risk

Issued by: Help Net Security

While digital transformation is understood to be critical, its rapid adoption, as seen with cloud providers, IoT and shadow IT, is creating significant cyber risk for most organizations. Today, these vulnerabilities are only exacerbated by misalignment between IT security professionals and the C-suite. The research by CyberGRX and Ponemon Institute surveyed 900 IT security professionals…