“People make mistakes” is a common and relatable phrase, but it’s also a malicious one in the hands of cybercriminals, more of whom are exploiting simple human errors to launch successful attacks. The Information Security Forum (ISF) explored the topic in “Human-Centered Security: Addressing Psychological Vulnerabilities,” a new report published today. Human vulnerabilities, whether triggered…

Consumers are more worried now about their protected health information (PHI) being compromised, thanks to high-profile breaches like Anthem and Allscripts. The recent RSA Data Privacy Report surveyed 7,500 consumers in Europe and the US. It showed that 59 percent of the respondents were concerned about their medical data being compromised. Thirty-nine percent were worried…

Cyberattackers’ interest in healthcare organizations continues to increase. In 2018, there were 284 breaches reported on the US Department of Health and Human Services (HHS) breach portal and 27 so far in 2019. According to InfoSec Institute, “nearly 95 percent of all medical and health care institutions have been victims of some form of cyberattack.”…

Risk Based Security uncovered multiple vulnerabilities in the AK-EM 800 product from SCADA vendor Danfoss. The discovered vulnerabilities Researchers found two critical vulnerabilities. One is effectively a backdoor into highly privileged functionality to manage the software. Although this backdoor was likely created to help the vendor’s support team log into systems to assist their clients,…

While digital transformation helps companies work smarter, there is a risk that the ongoing digitization may unlock a host of security vulnerabilities that can cost companies money, time, intellectual property, and customer trust, according to a Canon survey. All organizations surveyed across a range of verticals experienced an alarming amount of cyber threats over the…

Security researchers found a remotely exploitable critical vulnerability in a building management system used by businesses, hospitals, factories and other organizations to control things like ventilation, temperature, humidity, air pressure, lighting, secure doors and more. The vendor has released a firmware update, but hundreds of these systems are still exposed on the internet, highlighting the…

Enterprise organizations are scanning more applications for security vulnerabilities than ever before, but, troublingly, they are remediating fewer of their discoveries because of the sheer volume. As it has for the past 13 years, WhiteHat Security recently analyzed data from the results of application security tests the company performed at customer locations last year. The…

This year’s Sonatype report reveals the best practices exhibited by exemplary open source software projects and commercial application development teams. As in years past, it also examines the rapidly expanding supply and continued exponential growth in consumption of open source components. For the fifth anniversary report, Sonatype collaborated with Gene Kim from IT Revolution, and…