security

Vulnerabilities

Issued by: Trend Micro Blog

The Aurora Power Grid Vulnerability and the BlackEnergy Trojan

At recent Industrial IoT security briefings, the Aurora vulnerability has come up repeatedly. Attendees ask, “Is our country’s power grid safe? How can we protect the grid? What is Aurora?” This post provides a look at Aurora, and the BlackEnergy attack that can exploit Aurora. In March 2007, the US Department of Energy demonstrated the…

Vulnerabilities

Issued by: Security Week

Microsoft Patch Tuesday Updates Fix Over 50 Vulnerabilities

Microsoft’s Patch Tuesday updates for July 2018 address more than 50 vulnerabilities, but none of them appear to have been exploited for malicious purposes before the fixes were released. The company has classified 18 of the flaws as critical and, similar to previous months, they mostly affect the Edge and Internet Explorer web browsers. Many…

Vulnerabilities

Issued by: Security Week

Intel Patches Security Flaws in Processor Diagnostic Tool

The Intel Processor Diagnostic Tool (IPDT) is a piece of software designed to verify the functionality of an Intel processor. It can check for brand identification and operating frequency, test specific features, and perform a stress test on the processor. The recently addressed vulnerabilities (two of which are tracked as CVE-2018-3667 and CVE-2018-3668) were found…

Network Security

Issued by: Help Net Security

Top six security and risk management trends

Business leaders are becoming increasingly conscious of the impact cybersecurity can have on business outcomes. Gartner said that security leaders should harness this increased support and take advantage of six emerging trends, to improve their organization’s resilience while elevating their own standing. Trend No. 1: Senior business executives are becoming aware that cybersecurity has a…

Network Security

Issued by: Security Week

Insider Threat: Common Myths and Misconceptions

Insider threat is a growing area of concern and confusion among security practitioners. Typically accustomed to concentrating their resources on combating external threats, many security teams are eager yet unsure of how to combat threats that arise internally. This uncertainty, unfortunately, is often exacerbated by numerous common myths and misconceptions about insider threat, some of…

Cloud Security

Issued by: Dark Reading

5 Tips for Integrating Security Best Practices into Your Cloud Strategy

Do ‘cloud-first’ strategies create a security-second mindset? Too often, I hear system administrators tell me that their organization’s cloud-first strategy is jeopardizing security. With each new software-, infrastructure, and platform-as-a-service adopted by line-of-business users or within enterprise IT, security seems to be an afterthought. The challenge with most cloud-first strategies is that they incorporate both…

Malware & Threats

Issued by: Security Intelligence

How Will You Face the High Price of DDoS Attacks?

The largest ever distributed denial-of-service (DDoS) attack occurred in the spring of 2018. The attack lasted more than eight minutes and measured 1.3 Tbps, according to Threatpost. But it’s a record no one in the security industry expects to last long, as DDoS attacks continue to increase in length, strength and damage. This type of…