communication Archives - Cyber Security Minute

Transport Layer Security (TLS): Issues & Protocol

Issued by: Trend Micro Blog

Transport layer security (TLS) is the modern version of the now-deprecated secure socket layer (SSL) protocol. Due to multiple vulnerabilities within SSL, organizations require a more robust protocol to coincide with the increasing number of web-based technologies. For example, unlike SSL, TSL allows you to negotiate encryption on regular ports and protocols such as IMAP…

Cloud Security

3 factors impacting your cloud security

Issued by: CIO Security

The move to the cloud has forced many CIOs to change how they think about security. Since much of the responsibility to secure infrastructure is now outsourced to cloud providers, CIOs need to focus higher in the stack to ensure that configurations are correct and data is not inadvertently exposed. As you assess your operations…

Vulnerabilities

Nearly 100 TCP/IP Stack Vulnerabilities Found During 18-Month Research Project

Issued by: Security Week

The research, named Project Memoria, was conducted by enterprise device security firm Forescout in collaboration with others. It resulted in the discovery of the vulnerabilities tracked as Ripple20, AMNESIA:33, NUMBER:JACK, NAME:WRECK, INFRA:HALT, and NUCLEUS:13. TCP/IP stacks are leveraged by a wide range of devices for communication, including medical products, industrial control systems (ICS), printers, and…

Vulnerabilities

Cybersecurity awareness is one of the skills needed for a post-pandemic economy

Issued by: Help Net Security

“Digital collaboration” and “critical thinking” are among the modern skills workers need for the post-pandemic economy, according to a new report. Questionmark is calling on employers to measure strengths and weaknesses across the workforce. The report explores what workers need to thrive in a modern environment. Such is the scale of the shift required, that…

Malware & Threats

Hacker Dubbed ‘Mr White Hat’ to Return Entire Stolen Crypto Fortune

Issued by: Security Week

Poly Network had put out word previously that nearly half of the digital assets swiped early this week had been returned. “As our communication with Mr. White Hat is going on, the remaining user assets on Ethereum are gradually transferred,” Poly Network said in a tweet. “We look forward to Mr. White returning all the…

Vulnerabilities

Cisco Working on Patch for Code Execution Vulnerability in VPN Product

Issued by: Security Week

The Cisco AnyConnect Secure Mobility Client is designed to provide secure VPN access for remote workers. According to the networking giant, the product is affected by a flaw, tracked as CVE-2020-3556, that can be exploited by a local, authenticated attacker to cause an AnyConnect user to execute a malicious script. The vulnerability is related to…

Mobile Security

Twitter Temporarily Disables Tweeting via SMS After CEO Hack

Issued by: Security Week

“We’re taking this step because of vulnerabilities that need to be addressed by mobile carriers and our reliance on having a linked phone number for two-factor authentication (we’re working on improving this),” Twitter said. It added, “We’ll reactivate this in markets that depend on SMS for reliable communication soon while we work on our longer-term…