vulnerability

Application Security

Issued by: Dark Reading

Open-source software projects continue to struggle with handling sensitive information, according to automated scans of hundreds of millions of commits to code repositories. Software-security toolmaker DeepCode found that four of the seven vulnerabilities classes with the greatest impact on the security of software projects had to do with failures to protect data. The categories of…

Cloud Security

Issued by: Help Net Security

IT executives have rising SaaS security fears, and worry about cloud security, proprietary data encryption, as well as the loss of independent control due to access limitations, according to Archive360. SaaS security fears The research surveyed more than 100 enterprise IT executives worldwide, to identify the leading security challenges they face with their SaaS vendors….

Network Security

Issued by: Help Net Security

Amid significant increases in both malware and network attacks, multiple Apache Struts vulnerabilities – including one used in the devastating Equifax data breach – appeared for the first time on WatchGuard’s list of most popular network attacks in Q3 2019. Massive fallout from the Equifax breach The report also highlights a major rise in zero…

Vulnerabilities

Issued by: Help Net Security

Expect unprecedented levels of online data theft this holiday season due to a lack of deployed client-side security measures. Disturbing lack of security measures Tala Security highlights the widespread vulnerability resulting from integrations that enable and enhance website functionality. These integrations, which exist on nearly every modern website operating today, allow attackers to target PII…

Vulnerabilities

Issued by: Help Net Security

Enterprises are slow to abandon manual processes, despite being short staffed, as the lack of automation, coupled with increasing network complexity risk and lack of visibility contribute to costly misconfigurations and increased risk, a FireMon report reveals. The report features feedback from nearly 600 respondents, including 20% from the executive ranks, detailing ongoing firewall operations…

Cloud Security, Vulnerabilities

Issued by: Help Net Security

Although the total number of IaaS cloud vulnerabilities is still small and the technology relatively young, volumes are increasing year-over-year at a steady rate, an expected to hit 50-percent growth by the end of 2019, Skybox reveals. Key findings of the report include: Vulnerabilities affecting cloud IaaS solutions likely to increase 50% over 2018 figures…

Vulnerabilities

Issued by: Dark Reading

Som old Amazon devices contain an even older Wi-Fi vulnerability that can be exploited in man-in-the-middle attacks. The vuln – KRACK, or Key Reinstallation Attack – is a flaw in the four-way WPA2 handshake that begins the protected transaction. The vulnerability leaves the wireless traffic encrypted, but routed through a malicious middle actor that decrypts…

Vulnerabilities

Issued by: Help Net Security

Cybercrime is continuing to mature and becoming more and more bold, shifting its focus to larger and more profitable targets as well as new technologies. Data is the key element in cybercrime, both from a crime and an investigate perspective. These key threats demonstrate the complexity of countering cybercrime and highlight that criminals only innovate…

Vulnerabilities

Issued by: Help Net Security

Insider threats expose companies to breaches and put corporate data at risk. New research from Code42 questions whether the right data security solutions are being funded and deployed to stop insider threats and asserts that legacy data loss prevention solutions fall short in getting the job done. Today, 79% of information security leaders believe that…