Sword GRC canvassed amost 150 risk managers from highly risk-aware organizations worldwide for their opinions. Overall, cybersecurity was seen as the biggest risk to business by a quarter of organizations. In the UK, Brexit and the resulting potential economic fall-out was cited as the biggest risk to business by 14% of risk managers. The most…

Globally, organizations have spent millions on security solutions; however, these purchasing decisions often are not based on fact or data — just hunches, expenditures, and market trends. Senior executives struggle to have complete visibility into their own company’s security posture as well as the current threat environment. There is a lack of comprehensive, near-real-time information…

A Washington State University research team has uncovered significant and previously unknown vulnerabilities in high-performance computer chips that could lead to failures in modern electronics. The researchers found they could damage the on-chip communications system and shorten the lifetime of the whole computer chip significantly by deliberately adding malicious workload. Led by Partha Pande, assistant…

The vulnerabilities impact the Windows and macOS versions of Acrobat and Acrobat Reader DC (Continuous and Classic 2015 tracks), and Acrobat and Acrobat Reader 2017 products. The list of security holes includes various types of critical bugs that can lead to arbitrary code execution, including buffer errors, untrusted pointer dereference, use-after-free, and heap overflow. The…

The winter holidays offer big potential for retailers, with some companies earning around 30 percent of their annual revenue during the season, according to the National Retail Federation. Big sales numbers, however, also drive increased risks of fraud and theft, and businesses are now spending on extra security measures to keep physical stores safe. But…

The phrase “with great power comes great responsibility” was excellent advice when Ben Parker said it to his nephew Peter, aka Spiderman. It is even more applicable to any organization using open source software to manage their big data analysis. This is especially true since, in 2018, significant vulnerabilities were identified and disclosed for both…

According to Facebook, researchers can earn up to $40,000 if they report an account hijacking flaw that does not require any user interaction, and $25,000 if minimum user interaction is required for the exploit to work. The bounty applies to Facebook and other services owned by the company, including Instagram, WhatsApp and Oculus. “By increasing…

John Toterhi, a security researcher with IoT security company Finite State, believes that many of the security problems plaguing IoT devices are solvable problems through transparency. “Manufacturers who make their firmware public and follow GPL practices are doing themselves a huge favor: by making firmware public, manufacturers are enabling a world-wide network of the best…