November 2018 - Page 2 of 3 - Cyber Security Minute

66.1% of vulnerabilities published through Q3 2018 have a documented solution

Issued by: Help Net Security

There have been 16,172 vulnerabilities disclosed through October 29th, which is a 7% decrease from the high record reported last year at this time. The 16,172 vulnerabilities cataloged through Q3 2018 by Risk Based Security’s research team eclipsed the total covered by the CVE and National Vulnerability Database (NVD) by over 4,800. It’s also worth…

Vulnerabilities

Helping researchers with IoT firmware vulnerability discovery

Issued by: Help Net Security

John Toterhi, a security researcher with IoT security company Finite State, believes that many of the security problems plaguing IoT devices are solvable problems through transparency. “Manufacturers who make their firmware public and follow GPL practices are doing themselves a huge favor: by making firmware public, manufacturers are enabling a world-wide network of the best…

Malware & Threats

Vaporworms: New breed of self-propagating fileless malware to emerge in 2019

Issued by: Help Net Security

WatchGuard Technologies’ information security predictions for 2019 include the emergence of vaporworms, a new breed of fileless malware with wormlike properties to self-propagate through vulnerable systems, along with a takedown of the internet itself and ransomware targeting utilities and industrial control systems. “Cyber criminals are continuing to reshape the threat landscape as they update their…

Vulnerabilities

60% of firms believe a major security event will hit in the next few years

Issued by: Help Net Security

Only 30 percent of 1,250 senior executives, management and security practitioners in the U.S., U.K. and Canada are confident their business will avoid a major security event in the coming two years and 60 percent believe an attack will hit in the next few years, according to eSentire. In terms of cyberattack preparedness in global…

Vulnerabilities

Consumers would stop engaging with a brand online following a breach

Issued by: Help Net Security

Ping Identity surveyed more than 3,000 people across the United States, United Kingdom, France and Germany to find out what they expect from brands when it comes to the safekeeping of personal information. The survey reveals many consumers are making drastic changes to the ways they interact with companies and secure their own personal data…

Network Security

Reported breaches in the first 9 months of 2018 exposed 3.6 billion records

Issued by: Help Net Security

There have been 3,676 publicly disclosed data compromise events through September 30. Breach activity continues at a consistent pace for 2018, which although significant in level, will likely not reach the numbers we saw in 2017, according to the 2018 Q3 Data Breach QuickView report by Risk Based Security. “The number of reported breaches shows…

Malware & Threats

How email fraud tactics continue to find new life

Issued by: Help Net Security

Almost as soon as email became widely used, crooks and scammers began using it as a means to defraud people. In today’s world, malicious fake emails continue to be a huge problem for individuals and businesses. Businesses make lucrative targets Losses due to BEC scams are escalating, and criminals are targeting organizations with emails that,…

Vulnerabilities

Data revolution backlash: Consumers prepared to take decisive action if organizations mishandle data

Issued by: Help Net Security

US consumers believe technological advancements pose a risk to their data privacy; believe it is the responsibility of organisations to make the purpose of data use clear and say organisations that fail to protect people’s data should face immediate penalties from regulators, according to a survey conducted by Edelman Intelligence. The research found that the…

Vulnerabilities

Google Removes Vulnerable Library from Android

Issued by: Security Week

The addressed issues include remote code execution bugs, elevation of privilege flaws, and information disclosure vulnerabilities, along with a denial of service. Impacted components include Framework, Media framework, System, and Qualcomm components. “The most severe vulnerability in this section could enable a proximate attacker using a specially crafted file to execute arbitrary code within the…