The 4 Top Barriers To Effective Incident Response
Responding to cyberattacks is straightforward in some ways, difficult in others. Here are four ways that the process can get tripped up. Cyberattacks are getting worse, growing in frequency and impact. This probably isn’t a surprising statement for anyone reading Dark Reading. Most organizations understand this and are taking measures to prevent and detect threats….
Facebook Awards $40,000 Bounty for ImageTragick Hack
A researcher claims to have received a $40,000 bounty from Facebook for finding a remote code execution vulnerability introduced by the ImageMagick image processing suite. The said ImageMagick flaw, tracked as CVE-2016-3714 and dubbed “ImageTragick,” was disclosed in May 2016. The security hole had already been exploited in the wild and security firms soon started…
These Were the Most Common Passwords Used in 2016
Although weak and commonly used passwords have long been one of the most used venues to compromise accounts, they remain at the top of the most popular passwords charts, a recent Keeper Security report reveals. Last year’s mega-breaches once again brought to the spotlight the long-lasting issue of weak passwords, but users remained deaf to…
IP Theft: How Often Does Your IP Walk Out the Door?
It happens — employees leave. Sometimes they find growth opportunities and are encouraged, even cheered, by their employers to go for it. Other times, they are let go due to downsizing or performance issues, recruited by rivals or otherwise lured to greener pastures. In all scenarios, the employer’s intellectual property (IP) is at risk. Revenge,…
Eight Vulnerabilities Patched in WordPress
Eight security flaws and 62 bugs have been addressed with the release of WordPress 4.7.1 on Wednesday. The latest update for the content management system (CMS) has been classified as a security release. The list of vulnerabilities fixed this week includes the recently disclosed remote code execution flaw affecting PHPMailer. While WordPress Core and the…
Is your Windows 10 migration strategy leaving you vulnerable?
Despite enhanced security being a key driver in the move to Windows 10, many organizations are putting their security at risk with their choice of migration strategy, according to new research by 1E. The report found that, by taking an in-place upgrade option, many organizations are missing the opportunity to enable advanced security features.
Android Vulnerabilities: Attacking Nexus 6 and 6P Custom Boot Modes
In recent months, the X-Force Application Security Research Team has discovered several previously undisclosed Android vulnerabilities. The November 2016 and January 2017 Android Security Bulletins included patches to one high-severity vulnerability, CVE-2016-8467, in Nexus 6 and 6P. Our new paper, “Attacking Nexus 6 & 6P Custom Bootmodes,” discusses this vulnerability as well as CVE-2016-6678.
7 tips for better security awareness training sessions
At their worst, security awareness training sessions are boring wastes of time, both for employees and the IT people responsible for them. At their best, however, they are interactive, discussion-driven, and genuinely helpful opportunities to raise security issues and lay the groundwork for better habits. How do you steer your own training sessions closer to…
54% of organizations have not advanced their GDPR compliance readiness
More than half of organizations have failed to begin any work on meeting minimum General Data Protection Regulation (GDPR) compliance, according to a study conducted by Vanson Bourne. Intended to harmonize data security, retention and governance legislation across European Union (EU) member states, GDPR requires greater oversight of where and how sensitive data—including personal, credit…
IDG Contributor Network: Best and worst online retailers for security
The holiday shopping season is over, but the quest for improved security continues Image by Thinkstock A majority of consumers chose to skip the crowds and knocked out their shopping list online this year. The bargain-seeking shoppers were in full force, according to Adobe, which noted that consumers spent more than $5 billion online by…