Vulnerabilities

Vulnerabilities

Issued by: Kaspersky Blog

SAS postscript: Webinar on IT security vulnerabilities in healthcare

Each year, the Kaspersky Security Analyst Summit (SAS) brings together cybersecurity specialists from all over the world to share expertise, discuss new trends, and present their research. For those who can’t attend this year’s event but still want to get acquainted with the latest research, we’ve planned a series of webinars that will cover major SAS findings….

Vulnerabilities

Issued by: Security Week

Chip Cards Lead to 70% Drop in Counterfeit Fraud: Visa

The adoption of chip-and-PIN card technology by an increasing number of merchants in the United States has led to a significant drop in cases of counterfeit card fraud, according to Visa. The financial industry has been pushing for the adoption of EMV (Europay, MasterCard, Visa) card technology in the United States since 2011, and efforts…

Vulnerabilities

Issued by: Security Week

Cryptocurrency Fraud: In the Midst of a Gold Rush, Beware of Scammers

Bitcoin is the pioneer and obvious leader in the cryptocurrency market. But in 2017 alternative coins, or “altcoins,” began to transform the market. Nearly 1,500 cryptocurrencies are currently in circulation, and new altcoins emerge every week with Monero, Zcash and Ethereum among the top challengers to Bitcoin. But beware. Much like opportunists who devised various…

Vulnerabilities

Issued by: Security Week

Apple Fixes Indian Character Crash Bug in iOS, macOS

Updates released by Apple on Monday for iOS, macOS, tvOS and watchOS patch a flaw that causes applications to crash when rendering specific strings of Indian characters. Someone noticed recently that displaying a string written in India’s Telugu language (జ్ఞ‌ా) caused many apps on iOS and macOS to crash. The list of impacted apps includes…

Vulnerabilities

Issued by: Security Week

Over 30 Lawsuits Filed Against Intel for CPU Flaws

More than 30 lawsuits have been filed by Intel customers and shareholders against the chip giant following the disclosure of the Meltdown and Spectre attack methods. Three class action lawsuits were filed against Intel within a week of the Meltdown and Spectre flaws being disclosed, but the number had reached 32 by February 15, according to an annual…

Vulnerabilities

Issued by: Help Net Security

Intel offers to pay for Spectre-like side channel vulnerabilities

Intel is expanding the bug bounty program it started last March, and is raising considerably the awards it plans to give out for helpful vulnerability information. Where information about critical vulnerabilities in Intel software, firmware and hardware could have previously been rewarded with up to $7,500, $10,000 and $30,000, respectively, now the bounties in those same categories…

Vulnerabilities

Issued by: Help Net Security

7 steps security leaders can take to deal with Spectre and Meltdown

Security and risk management leaders must take a pragmatic and risk-based approach to the ongoing threats posed by an entirely new class of vulnerabilities, according to Gartner. Spectre and Meltdown are the code names given to different strains of a new class of attacks that target an underlying exploitable design implementation inside the majority of computer…

Vulnerabilities

Issued by: Security Week

Cisco Patches Critical Code Execution Flaw in Security Appliances

Cisco informed customers on Monday that updates released for its Adaptive Security Appliance (ASA) software patch a critical vulnerability that can be exploited to gain full control of devices or cause them to reload. The security hole, tracked as CVE-2018-0101 and assigned a CVSS score of 10, allows a remote and unauthenticated attacker to execute arbitrary code…