cybersecurity Archives - Page 34 of 108

Google Discloses Details of Remote Code Execution Vulnerability in Windows

Issued by: Security Week

The flaw, tracked as CVE-2021-24093, was patched by Microsoft on February 9 with its Patch Tuesday updates. Dominik Röttsches of Google and Mateusz Jurczyk of Google Project Zero have been credited for reporting the issue to Microsoft. A CVSS score of 8.8 has been assigned to the vulnerability, but Microsoft has rated it critical for…

Network Security

Suspected Russian Hack Fuels New US Action on Cybersecurity

Issued by: Security Week

Jolted by a sweeping hack that may have revealed government and corporate secrets to Russia, U.S. officials are scrambling to reinforce the nation’s cyber defenses and recognizing that an agency created two years ago to protect America’s networks and infrastructure lacks the money, tools and authority to counter such sophisticated threats. The breach, which hijacked…

Network Security

CISO Conversations: Princeton, Cal State and Ohio State CISOs Talk Higher Ed Cybersecurity

Issued by: Security Week

A few weekends ago, I went to a birthday party for a buddy of mine. The theme was “Lord of the Rings.” When I arrived, I could see that many of my friends were already there, bunched up in groups of five or six, as the host circulated among them. I said hi to the…

Software Security

SecurityWeek to Host Supply Chain Security Summit on March 10, 2021

Issued by: Security Week

In the wake of the SolarWinds mega-hack that continues to unravel, software supply chain security and fragility is again on the front-burner for enterprise security decision makers. The complexity and opaqueness of the software supply chain has led to nation-state compromises and major worries that we’re only seeing the tip of the iceberg. Free to…

Network Security

Data loss prevention strategies for long-term remote teams

Issued by: Help Net Security

Before the recent pandemic, many executives began appreciating the risks and opportunities associated with cybersecurity. A 2019 survey on cybersecurity priorities from Optiv Security found that 96% of CISOs are taking “a more strategic approach to cybersecurity,” and many were even willing to slow business development to account for cybersecurity-related risks. This was great news…

Vulnerabilities

The transportation sector needs a standards-driven, industry-wide approach to cybersecurity

Issued by: Help Net Security

Despite the uncertainties of the last year, the transformation of the transportation sector forged ahead, dominated by the prevailing trend of CASE (Connected, Autonomous, Shared, Electrified) technologies. Despite small setbacks caused by COVID-19 that impacted the automotive industry at large, analysts predict electric vehicle (EV) demand will continue on its upward trajectory in 2021, driven…

Vulnerabilities

SolarWinds Product Vulnerabilities Allow Hackers to Take Full Control of Systems

Issued by: Security Week

SolarWinds was recently targeted in a sophisticated supply chain attack that resulted in thousands of organizations receiving malicious updates for the company’s Orion monitoring product, and a few hundred — ones that presented an interest to the attackers — getting other malware that may have given the hackers deep access into their networks. Following the…

Network Security, Software Security

What you need to know about changes to Microsoft’s Security Update Guide

Issued by: CSO

Microsoft recently changed how it presents and explains its security vulnerabilities in its products. The new security guide aligns itself with security and industry standards by describing the vulnerabilities with the Common Vulnerability Scoring System (CVSS), which presents a vulnerability’s key characteristics and assigns a numerical score to its severity. The intent of that score…

Application Security, Network Security

Strengthening Zero-Trust Architecture

Issued by: Dark Reading

Organizations that want to stay ahead of cybercriminals will find that going beyond user trust and device trust is critical for oThe invention of the term “zero trust” is generally credited to former Forrester analyst John Kindervag more than a decade ago. Although it’s not new, the concept has received renewed interest and market traction…

Network Security, Vulnerabilities

Attacks on Individuals Fall as Cybercrime Shifts Tactics

Issued by: Security Week

The nonprofit, which supports victims of identity crime, found that the number of U.S. data breaches fell 19% in 2020 to 1,108. But the number of individual victims of such cybercrimes fell 66% compared with the year prior. Ransomware and phishing attacks are now the preferred form of data theft because they require less effort…