news

Vulnerabilities

Issued by: Help Net Security

Industry reactions to Trump’s executive order on cybersecurity

On Thursday, President Donald Trump signed a long-awaited executive order on cybersecurity. Mainly, the order requires a number of cybersecurity reviews across the various agencies of the federal government, in order to determine what must be done to strengthen federal computer systems, as well as United States’ critical infrastructure. Here are some industry reactions to…

Vulnerabilities

Issued by: Help Net Security

Malware Hunter: Find C&C servers for botnets

Recorded Future and Shodan released Malware Hunter, a specialized crawler for security researchers that explores the Internet to find computers acting as remote access trojan (RAT) command and control centers. Malware Hunter unearths computers hosting RAT controller software that remotely controls malware-infected computers and instructs them to execute malicious activities such as recording audio, video,…

Vulnerabilities

Issued by: Help Net Security

Mastercard introduces cards that work with fingerprints instead of PINs

Mastercard has added fingerprint sensors to its payment cards, in an attempt to make face-to-face payments more convenient and more secure.How does it work? “A cardholder enrolls their card by simply registering with their financial institution. Upon registration, their fingerprint is converted into an encrypted digital template that is stored on the card. The card…

Network Security

Issued by: Help Net Security

Cyber risk issues resonating in boardrooms

The Cyentia Institute used in-depth surveys and interviews with corporate board members and CISOs to identify specific cyber risk issues resonating in boardrooms. CISOs report they spend most of their boardroom time “giving security guidance” on business enablement and loss avoidance. Surprisingly, CISO respondents reported they spend far less time discussing “data protection” and “brand…

Vulnerabilities

Issued by: Help Net Security

Fake LinkedIn emails phishing job seekers

The scammers are trying to impersonate the popular employment-oriented social networking service, but careful users will immediately spot many things that point to the email being fake: The email sender address that has nothing to do with LinkedIn The lack of certain design elements and the “unsubscribe” footer usually contained in LinkedIn emails The email…

Network Security

Issued by: Help Net Security

Network teams spend more time on data security amidst new threats

Enterprise network teams are expending more time and resources than ever before to battle security threats, according to Viavi Solutions, who surveyed 1,035 CIOs, IT directors, and network engineers around the world. “Dealing with these types of advanced, persistent security threats requires planning, resourcefulness and greater visibility throughout the network to ensure that threat intelligence…

Vulnerabilities

Issued by: Help Net Security

Exploit revealed for remote root access vulnerability affecting many router models

Back in January 2013, researchers from application security services firm DefenseCode unearthed a remote root access vulnerability in the default installation of some Cisco Linksys (now Belkin) routers. The flaw was actually found in Broadcom’s UPnP implementation used in popular routers, and ultimately the researchers extended the list of vulnerable routers to encompass devices manufactured…

Network Security

Issued by: Help Net Security

23% of security pros are blind to encrypted traffic threats

According to a Venafi survey conducted at RSA Conference 2017, 23 percent of respondents have no idea how much of their encrypted traffic is decrypted and inspected. “Encryption offers the perfect cover for cyber criminals,” said Kevin Bocek, chief security strategist for Venafi. “It’s alarming that almost one out of four security professionals doesn’t know…