software

Application Security

Issued by: Help Net Security

How to diminish the great threat of legacy apps

The Equifax breach underscored the risk posed by unpatched software applications. As a refresher, 146 million customer records were exposed after a known vulnerability in Apache Struts was exploited. The reality is enterprises are supporting an ever-growing number of applications, both commercial and homegrown which has created many challenges in maintaining proper security patches for…

Malware & Threats

Issued by: Help Net Security

2019 may be a record year for enterprise breaches, but secure collaboration tools could help

Despite business executives agreeing that cybersecurity is a major challenge, businesses globally are severely unprepared for cyberattacks. 44% of business executives from Europe and the United States said they shared sensitive information over email, yet 35% admitted they are unaware of the ways in which their organization is protecting its sensitive information, communications and data,…

Vulnerabilities

Issued by: Help Net Security

For recent big data software vulnerabilities, botnets and coin mining are just the beginning

The phrase “with great power comes great responsibility” was excellent advice when Ben Parker said it to his nephew Peter, aka Spiderman. It is even more applicable to any organization using open source software to manage their big data analysis. This is especially true since, in 2018, significant vulnerabilities were identified and disclosed for both…

Malware & Threats

Issued by: Help Net Security

New techniques expose your browsing history to attackers

Security researchers at UC San Diego and Stanford have discovered four new ways to expose Internet users’ browsing histories. These techniques could be used by hackers to learn which websites users have visited as they surf the web. The techniques fall into the category of “history sniffing” attacks, a concept dating back to the early…

Vulnerabilities

Issued by: Help Net Security

How to improve software vulnerability disclosure in Europe

As software gets embedded in more and more things we use every day, the problem of software vulnerability reporting and patching rises in importance. Unfortunately, only a few European countries have put vulnerability disclosure processes in place. CEPS, a ​think tank and ​forum for debate on EU affairs, has delved in the problematics, listened to…

Vulnerabilities

Issued by: Help Net Security

Intel offers to pay for Spectre-like side channel vulnerabilities

Intel is expanding the bug bounty program it started last March, and is raising considerably the awards it plans to give out for helpful vulnerability information. Where information about critical vulnerabilities in Intel software, firmware and hardware could have previously been rewarded with up to $7,500, $10,000 and $30,000, respectively, now the bounties in those same categories…

Mobile Security

Issued by: Help Net Security

The future of smartphone security: Hardware isolation

Mobile spyware has become increasingly more ubiquitous in corporate networks and devices. In a 2017 study, Check Point has found that out of the 850 organizations that they queried, 100% had experienced a mobile malware attack at least once in the past. To date, most cybersecurity companies have focused either on software-only or built-in hardware…

Software Security

Issued by: Help Net Security

Is your Mac software secure but firmware vulnerable?

Mac users who have updated to the latest OS version or have downloaded and implemented the most recent security update may not be as secure as they originally thought, Duo Security researchers have found. That’s because many of them did not receive the newest firmware along with OS and software updates.