Month: February 2021

Cloud Security, Network Security

Issued by: Security Week

Managed security services are undergoing a timely and significant transformation, armed with new hyperscalable technology stacks, hybrid enterprise and cross-cloud protection complexities, and a demand to evolve from 24/7 eyes-on-glass into hands-on customer-integrated early warning and response. If it wasn’t a tired industry cliché we’d probably be adding “next-generation” or NG prefixes to many of…

Software Security

Issued by: Security Week

Based in Melbourne, Australia, and established more than two decades ago, SitePoint provides users with access to tutorials and books that can help them learn the basics of web development. Last week, the company started informing users that some data was accessed by a third-party during a cyber-attack that was “recently confirmed.” The culprit, SitePoint…

Vulnerabilities

Issued by: Security Week

OSV should make it easier for the users of open source software to find out which vulnerabilities impact them. It can also help maintainers of open source software accurately identify all versions and commits impacted by a flaw across all their branches. Google OSVFor consumers, Google says OSV provides a database that can be easily…

Network Security

Issued by: Help Net Security

Before the recent pandemic, many executives began appreciating the risks and opportunities associated with cybersecurity. A 2019 survey on cybersecurity priorities from Optiv Security found that 96% of CISOs are taking “a more strategic approach to cybersecurity,” and many were even willing to slow business development to account for cybersecurity-related risks. This was great news…

Vulnerabilities

Issued by: Help Net Security

Despite the uncertainties of the last year, the transformation of the transportation sector forged ahead, dominated by the prevailing trend of CASE (Connected, Autonomous, Shared, Electrified) technologies. Despite small setbacks caused by COVID-19 that impacted the automotive industry at large, analysts predict electric vehicle (EV) demand will continue on its upward trajectory in 2021, driven…

Vulnerabilities

Issued by: Security Week

The low-power Wi-Fi module is designed for use in embedded devices, and is being used in a broad range of industries, including automotive, agriculture, energy, healthcare, industrial, and security. The RTL8195A chip supports WEP, WPA and WPA2 authentication modes, and Vdoo discovered that the WPA2 handshake mechanism is prone to stack overflow and out-of-bounds read…

Network Security

Issued by: Security Week

Stormshield provides network security, endpoint security and data security solutions. The company describes itself as a “European leader in digital infrastructure security” and claims to have a presence in more than 40 countries. In a security incident notice posted on its website, Stormshield said it recently detected unauthorized access to a technical portal used by…

Vulnerabilities

Issued by: Security Week

SolarWinds was recently targeted in a sophisticated supply chain attack that resulted in thousands of organizations receiving malicious updates for the company’s Orion monitoring product, and a few hundred — ones that presented an interest to the attackers — getting other malware that may have given the hackers deep access into their networks. Following the…

Network Security, Software Security

Issued by: CSO

Microsoft recently changed how it presents and explains its security vulnerabilities in its products. The new security guide aligns itself with security and industry standards by describing the vulnerabilities with the Common Vulnerability Scoring System (CVSS), which presents a vulnerability’s key characteristics and assigns a numerical score to its severity. The intent of that score…