Vulnerabilities

Vulnerabilities

Issued by: CIO Security

After a cyberattack, companies remain vulnerable. What CIOs can do to protect their brands

Here’s a security scenario that’s all too common: A company suffers from a cyberattack, then responds to it promptly and alerts its customers, warning them to change their passwords. But the company remains vulnerable through the very means it uses to alert those customers: Email. In fact, attackers can exploit that vulnerability using email that…

Vulnerabilities

Issued by: Security Week

Philippine Bank Chaos as Money Goes Missing From Accounts

A major Philippine bank shut down online transactions and cash machines on Wednesday after money went missing from accounts, triggering fears it had been hacked even as company officials said it was an internal computer error. Customers of Bank of the Philippine Islands (BPI) were shocked on Wednesday morning to see unauthorized withdrawals and deposits…

Vulnerabilities

Issued by: CSO

China continues to steal high-tech trade secrets

Those who have followed China’s technology acquisition over the last 30-plus years will recognize the latest pilfering of high-tech trade secrets as par for the course. It all started with Project 863, which was the methodical acquisition of western technology. The most recent incident, in support of China’s Ministry of Industry and Information Technology (CMIIT),…

Vulnerabilities

Issued by: Blog Malwarebytes

5 Unsettling cyberthreats

Cyberthreats are typically boring, repetitive, and require a reasonably predictable remediation process. A SQL injection is a SQL injection, no matter who’s trying it.  But what about the outliers? What about threats that impact you, but you can’t remediate, or establish a policy to cover? Here are 5 cyberthreats that if you’re not frightened by,…

Vulnerabilities

Issued by: Help Net Security

Number of HTTPS phishing sites triples

When, in January 2017, Mozilla and Google made Firefox and Chrome flag HTTP login pages as insecure, the intent was to make phishing pages easier to recognize, as well as push more website owners towards deploying HTTPS. But while the latter aim was achieved, and the number of phishing sites making use of HTTPS has…

Vulnerabilities

Issued by: Help Net Security

Who are we kidding? WannaCry is not a first

On Friday, May 12, 2017, the world was alarmed to discover that cybercrime has reached a new record, in a widespread ransomware attack dubbed WannaCry that is believed to have caused the biggest attack of its kind ever recorded. The details of the attack are all being reported as we go, as security teams scramble…

Vulnerabilities

Issued by: Help Net Security

Apple issues security updates for macOS, iDevices

It’s time to patch your Mac, iDevices and software again: Apple has released security updates for MacOS (all the way back to Yosemite), iOS, watchOS, tvOS, iTunes, iCloud for Windows, and Safari. The iTunes and iCloud for Windows updates fix one vulnerability in WebKit each. But both of these are critical, as they can be…

Vulnerabilities

Issued by: Help Net Security

Microsoft to governments: Stop hoarding vulnerabilities

Microsoft is full of surprises lately: first they issued patches for unsupported versions of Windows, then they publicly criticized the NSA for hoarding knowledge about critical software vulnerabilities (and exploits for them). “We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers…