news

Vulnerabilities

Issued by: Help Net Security

Researchers have unearthed 11 vulnerabilities affecting Nagios XI, a widely used enterprise IT infrastructure/network monitoring solution, some of which can be chained to allow remote code execution with root privileges on the underlying system. Attackers are likely to try to exploit vulnerabilities in network management systems like Nagios because their oversee critical network components and…

Vulnerabilities

Issued by: Help Net Security

“Digital collaboration” and “critical thinking” are among the modern skills workers need for the post-pandemic economy, according to a new report. Questionmark is calling on employers to measure strengths and weaknesses across the workforce. The report explores what workers need to thrive in a modern environment. Such is the scale of the shift required, that…

Malware & Threats

Issued by: Help Net Security

While it’s true that threat hunting, incident response, and threat research all have their foundations in science (operating system theory and architecture, computer language and compilation, protocols, hardware and memory architecture, logic, etc.), throughout my entire career I have found it is also fundamentally true that the most successful threat hunters, incident responders, and threat…

Network Security

Issued by: Help Net Security

Alert overload still plagues the cybersecurity industry, according to Critical Start. Forty-seven percent of respondents reported personally investigating 10 to 20 alerts each day, a 12% increase from 2019. Moreover, 25% of respondents said they investigate 21 to 40 alerts each day, up from 14% the year prior. “Just like businesses and organizations from both…

Network Security

Issued by: Help Net Security

Before the recent pandemic, many executives began appreciating the risks and opportunities associated with cybersecurity. A 2019 survey on cybersecurity priorities from Optiv Security found that 96% of CISOs are taking “a more strategic approach to cybersecurity,” and many were even willing to slow business development to account for cybersecurity-related risks. This was great news…

Vulnerabilities

Issued by: Help Net Security

Despite the uncertainties of the last year, the transformation of the transportation sector forged ahead, dominated by the prevailing trend of CASE (Connected, Autonomous, Shared, Electrified) technologies. Despite small setbacks caused by COVID-19 that impacted the automotive industry at large, analysts predict electric vehicle (EV) demand will continue on its upward trajectory in 2021, driven…

Vulnerabilities

Issued by: Security Week

SolarWinds was recently targeted in a sophisticated supply chain attack that resulted in thousands of organizations receiving malicious updates for the company’s Orion monitoring product, and a few hundred — ones that presented an interest to the attackers — getting other malware that may have given the hackers deep access into their networks. Following the…

Mobile Security

Issued by: Help Net Security

Apple has release a new batch of security updates and has fixed three iOS zero-days that “may have been actively exploited” by attackers. The three zero-days Two of the zero-day vulnerabilities (CVE-2021-1870 and CVE-2021-1871) are logic issues affecting the WebKit browser engine, which may allow a remote attacker to achieve code execution on devices running…