security issues Archives - Cyber Security Minute

API Security Losses Total Billions, But It’s Complicated

Issued by: Dark Reading

US companies face a combined $12 billion to $23 billion in losses in 2022 from compromises linked to Web application programming interfaces (APIs), which have proliferated with the increased adoption of cloud services and DevOps-style development methodologies, according to an analysis of breach data. In the last decade, API security has grown to become a…

Vulnerabilities

FragAttacks Foil 2 Decades of Wireless Security

Issued by: Dark Reading

The evolution of wireless security could at best be described as trial and error. The initial standard that debuted in the late 1990s — Wired Equivalent Privacy (WEP) — had significant security problems, and the first two version of Wireless Protected Access, WPA and WPA2, both have been found to be vulnerable to a variety…

Malware & Threats

Remote Code Execution Vulnerability Patched in Apache OFBiz

Issued by: Security Week

A Java-based web framework, Apache OFBiz is an open source enterprise resource planning (ERP) system that includes a suite of applications to automate business processes within enterprise environments, and which can be used across any industry. OFBiz is one of the platforms that was affected by a Java serialization vulnerability identified and reported in 2015,…

Network Security

Cybersecurity in 2020: From secure code to defense in depth

Issued by: CSO

Since 2014, CIOs have flagged cybersecurity as either their first or second most important IT management issue in the venerable IT Trends Study from the Society for Information Management. Yet in 2013, cybersecurity came in just seventh in that same survey. What happened in a year? The infamous Target data breach, which resulted in an…

Network Security

Security flaw could turn load balancers into beachheads for cyber attacks

Issued by: Help Net Security

Cyber security provider F-Secure is advising organizations using F5 Networks’ BIG-IP load balancer, which is popular amongst governments, banks, and other large corporations, to address security issues in some common configurations of the product. Adversaries can exploit these insecurely configured load balancers to penetrate networks and perform a wide variety of attacks against organizations, or…

Vulnerabilities

Oracle, Gemalto Downplay Java Card Vulnerabilities

Issued by: Security Week

In March, Poland-based Security Explorations reported identifying nearly 20 vulnerabilities in the latest version of Oracle Java Card (version 3.1), including weaknesses that can be exploited to compromise the security of chips using this technology. The firm has continued analyzing the software and it now claims to have found 34 issues. Java Card technology is…