In October 2020, Microsoft patched a set of vulnerabilities that included critical networking bugs CVE-2020-16898 and CVE-2020-16899. Known as “Bad Neighbor” or “Ping of Death Redux,” these flaws lurk in the TCP/IP networking implementation in Windows in how incoming ICMPv6 packets are handled under certain conditions. Both CVE-2020-16898 and CVE-2020-16899 represent the Bad Neighbor vulnerability,…

While almost 95 percent of cybersecurity issues can be traced back to human error, such as accidentally clicking on a malicious link, most governments have not invested enough to educate their citizens about the risks, according to a report from the Oliver Wyman Forum. Cyber risk literacy of the population Cyber literacy, along with financial…

The machine identity attack surface is exploding, with a rapid increase in all types of machine identity-related security events in 2018 and 2019, according to Venafi. For example, the number of reported machine identity-related cyberattacks grew by over 400% during this two-year period. “We have seen machine use skyrocket in organizations over the last five…

A failing cybersecurity market is contributing to ineffective performance of cybersecurity technology, a Debate Security research reveals. Based on over 100 comprehensive interviews with business and cybersecurity leaders from large enterprises, together with vendors, assessment organizations, government agencies, industry associations and regulators, the research shines a light on why technology vendors are not incentivized to…

For the second straight quarter this year, Oracle’s latest critical patch update (CPU) released this week contained more than 400 security patches addressing vulnerabilities in a wide range of the company’s product sets. With 402 patches, Oracle’s October 2020 CPU was slightly smaller than its previous one in July, which contained a record-breaking 444 security…

Trustwave released a report which depicts how technology trends, compromise risks and regulations are shaping how organizations’ data is stored and protected. Data protection strategy The report is based on a recent survey of 966 full-time IT professionals who are cybersecurity decision makers or security influencers within their organizations. Over 75% of respondents work in…

Many companies tend to jump into the cloud before thinking about security. They may think they’ve thought about security, but when moving to the cloud, the whole concept of security changes. The security model must transform as well. Moving to the cloud and staying secure Most companies maintain a “castle, moat, and drawbridge” attitude to…