Vulnerabilities

Vulnerabilities

Issued by: Help Net Security

Researchers develop cybersecurity system to test for vulnerabilities in technologies that use GPS

Southwest Research Institute has developed a cybersecurity system to test for vulnerabilities in automated vehicles and other technologies that use GPS receivers for positioning, navigation and timing. “This is a legal way for us to improve the cyber resilience of autonomous vehicles by demonstrating a transmission of spoofed or manipulated GPS signals to allow for…

Vulnerabilities

Issued by: Help Net Security

Hacking our way into cybersecurity for medical devices

Hospitals are filled with machines connected to the internet. With a combination of both wired and wireless connectivity, knowing and managing which devices are connected has become more complicated and, consequently, the institutions’ attack surface has expanded. When did these devices get smart? A brief timeline shows the FDA didn’t start regulating the connectivity of…

Vulnerabilities

Issued by: Security Week

Oracle, Gemalto Downplay Java Card Vulnerabilities

In March, Poland-based Security Explorations reported identifying nearly 20 vulnerabilities in the latest version of Oracle Java Card (version 3.1), including weaknesses that can be exploited to compromise the security of chips using this technology. The firm has continued analyzing the software and it now claims to have found 34 issues. Java Card technology is…

Vulnerabilities

Issued by: Dark Reading

When Every Attack Is a Zero Day

The collective efforts of hackers have fundamentally changed the cyber defense game. Today, adversarial automation is being used to create and launch new attacks at such a rate and volume that every strain of malware must now be considered a zero day and every attack considered an advanced persistent threat. That’s not hyperbole. According to…

Vulnerabilities

Issued by: Help Net Security

Backdoors inevitably create vulnerabilities that can be exploited by malicious actors

73 percent of IT security professionals believe countries with government-mandated encryption backdoors are more susceptible to nation-state attacks. The Venafi survey on government-mandated encryption backdoors evaluated the opinions of 517 IT security professionals attending the RSA Conference 2019. “This is a tense moment for industry professionals because they know backdoors make our critical infrastructure more…

Vulnerabilities

Issued by: Help Net Security

How to build an effective vulnerability management program

The concept of vulnerability management has undergone a number of changes in the last few years. It is no longer simply a synonym for vulnerability assessment, but has grown to include vulnerability prioritization, remediation and reporting. It has also grown in scope: vulnerabilities don’t just affect IT networks and databases, but also applications, cloud infrastructures,…

Vulnerabilities

Issued by: Security Week

Multiple Security Flaws Discovered in Visitor Management Systems

The analyzed systems include Lobby Track Desktop (Jolly Technologies), EasyLobby Solo (HID Global), eVisitorPass (Threshold Security), Envoy Passport (Envoy), and The Receptionist (The Receptionist). A total of 19 vulnerabilities were discovered in these systems, and their successful exploitation could lead to exfiltration of data such as visitor logs, contact information, or corporate activities; complete takeover…

Vulnerabilities

Issued by: Dark Reading

There May be A Ceiling on Vulnerability Remediation

Security has no shortage of metrics — everything from the number of vulnerabilities and attacks to the number of bytes per second in a denial-of-service attack. Now a new report focuses on how long it takes organizations to remediate vulnerabilities in their systems — and just how many of the vulnerabilities they face they’re actually…