Month: May 2020

Vulnerabilities

Issued by: Security Week

Flaw in WordPress Plugin Grants Access to Google Search Console

The plugin, Site Kit by Google, was designed to provide site admins with information on how people find and use their websites, providing insights from critical Google tools, straight to the WordPress dashboard. The plugin has over 400,000 active installations. The recently identified security flaw, which has already been patched by Google, is rated critical…

Cloud Security

Issued by: Help Net Security

How to implement least privilege in the cloud

According to a recent survey of 241 industry experts conducted by the Cloud Security Alliance (CSA), misconfiguration of cloud resources is a leading cause of data breaches. The primary reason for this risk? Managing identities and their privileges in the cloud is extremely challenging because the scale is so large. It extends beyond just human…

Vulnerabilities

Issued by: Help Net Security

Global remote work transitions fail to consider security gaps

Security measures and password best practices have not taken priority in many regions during the shift to remote work due to the COVID-19 pandemic, according to a survey by OneLogin. Nearly 1 in 5 (17.4%) global respondents have shared their work device password with either their spouse or child, potentially exposing corporate data. External threats…

Vulnerabilities

Issued by: Help Net Security

Entrust Datacard released the findings of its survey which highlights the critical need to address data security challenges for employees working from home as a result of the pandemic based on responses from 1,000 US full-time professionals. As social distancing mandates took effect in March 2020, employers found themselves in a massive remote work experiment,…

Malware & Threats

Issued by: Help Net Security

Ransomware on the rise, companies prioritizing disaster recovery

The rampant rise of ransomware persists, with 100% of respondents – who include ITOps, backup, disaster recovery and storage admins, application and workload owners in the U.S. – reporting that their company experienced a ransomware attack in the last 12 months, Datrium reveals. With the evermore heightened threat of ransomware during the COVID-19 pandemic, companies…

Network Security

Issued by: Help Net Security

Leveraging automation to maximize security budgets

With the economic impact of COVID-19 increasingly looking like an imminent recession and the way we do work altered perhaps forever, CIOs and CISOs will most likely be managing reduced budgets and a vastly different threat landscape. With the average cost of a breach continuing to skyrocket, the already slim margin for error will shrink…

Mobile Security

Issued by: Security Week

Czech, US to Cooperate on Security of 5G Networks

The Czech government office said the document was signed remotely by Czech Prime Minister Andrej Babis and U.S. Secretary of State Mike Pompeo. The signing comes amid a global battle between the U.S. and China’s Huawei, the world’s biggest maker of network infrastructure equipment. Huawei has become the target of U.S. security concerns because of…

Malware & Threats

Issued by: CSO

Attackers are using this time of crisis to go after victims with targeted campaigns. The biggest threats are phishing attacks related to COVID-19. Attackers are also setting up COVID-19-related domain names and enticing people to click on them. Anomali recently released a report that identified at least 15 distinct COVID-19-related campaigns associated with 11 threat…