Risk Management

Network Security

Issued by: Help Net Security

The role of trust in security: Building relationships with management and employees

Massive data breaches have become the new reality, and they confirm that one of the biggest challenges companies face when it comes to security: a company’s biggest shortcomings are often not apparent until data breaches or other emergencies occur. As a result, adequately preparing for the worst and getting employees at every level of the company to give security…

Malware & Threats

Issued by: Security Week

Trump Signs Bill Banning Kaspersky Products

U.S. President Donald Trump on Tuesday signed a bill that prohibits the use of Kaspersky Lab products and services in federal agencies. The National Defense Authorization Act for FY2018 (H.R. 2810) focuses on Department of Defense and Department of Energy programs, authorizes recruitment and retention bonuses for the Armed Forces, and makes changes to national…

Vulnerabilities

Issued by: Security Week

Old Crypto Vulnerability Hits Major Tech Firms

A team of researchers has revived an old crypto vulnerability and determined that it affects the products of several major vendors and a significant number of the world’s top websites. Last month, F5 Networks informed customers that some of its BIG-IP products include a vulnerability that can be exploited by a remote attacker for recovering encrypted data…

Vulnerabilities

Issued by: Security Week

Dormant Keylogger Functionality Found in HP Laptops

A researcher has discovered that a touchpad driver present on hundreds of HP laptops includes functionality that can be abused for logging keystrokes. The vendor has released patches for a vast majority of affected devices. Michael Myng was looking for ways to control the keyboard backlight functionality on HP laptops when he noticed that the…

Mobile Security

Issued by: Security Week

Android’s December 2017 Patches Resolve Critical Flaws

The December 2017 Android security patches that Google released this week resolve 47 vulnerabilities, including 10 rated Critical severity. The patches affect a variety of platform components and were split in two packages, or security patch levels, as Google calls them. The first addresses 19 vulnerabilities while the second resolves 28 issues.

Malware & Threats

Issued by: Security Week

Hackers Helped Pentagon Patch Thousands of Flaws

Bug bounty programs and a vulnerability disclosure policy have helped the U.S. Department of Defense patch thousands of security holes in its systems. Nearly one year after it announced its vulnerability disclosure policy, the Pentagon received 2,837 valid bug reports from roughly 650 white hat hackers located in 50 countries around the world, according to…

Network Security

Issued by: Security Week

The Myth of Security Enabling Your Business

Every year there are reports and surveys which make the case that security inhibits innovation, productivity and generally holds businesses back. I am not going to argue with that sentiment. Security requires that things are done in a certain manner, which can act as a constraint on wanting to do things a different way. What…

Mobile Security

Issued by: Security Week

Samsung, Apple, Huawei Phones Hacked at Mobile Pwn2Own

Researchers have managed to hack the Samsung Galaxy S8, the iPhone 7 and the Huawei Mate 9 Pro on the first day of the Mobile Pwn2Own 2017 competition taking place alongside the PacSec conference in Tokyo, Japan. The prize pool for the event organized by Trend Micro’s Zero Day Initiative (ZDI) exceeds $500,000 and participants…