vulnerabilities

Vulnerabilities

Issued by: Security Intelligence

Jump-Start Your Management of Known Vulnerabilities

Organizations must manage known vulnerabilities in web applications. When it comes to application security, the Open Web Application Security Project (OWASP) Foundation Top 10 is the primary source to start reviewing and testing applications. The OWASP Foundation list brings some important questions to mind: Which vulnerability in the OWASP Foundation Top 10 has been the…

Vulnerabilities

Issued by: CIO Security

Cyber insurance: Is it worth the investment?

Last year, Aon Inpoint reported about 80 percent of buyers of stand-alone cyber premiums were medium-sized to large companies. However, smaller firms are increasingly assessing their cyber exposure risk as concerns about the potential impact of a cyber incident continue to rise. “The majority of breaches worldwide occur at companies with 1,000 employees or less…

Vulnerabilities

Issued by: Security Week

Hide ‘N Seek IoT Botnet Can Survive Device Reboots

The Internet of Things (IoT) botnet known as Hide ‘N Seek that first emerged in January can now achieve persistence on infected devices, Bitdefender reports. Discovered toward the end of April, the latest version of the malware also includes code that allows it to target more vulnerabilities and new types of devices, the security firm discovered,…

Malware & Threats

Issued by: Security Week

Over a Million Dasan Routers Vulnerable to Remote Hacking

Researchers have disclosed the details of two unpatched vulnerabilities that expose more than one million home routers made by South Korea-based Dasan Networks to remote hacker attacks. In a blog post published on Monday, vpnMentor revealed that many Gigabit-capable Passive Optical Network (GPON) routers, which are used to provide fiber-optic Internet, are affected by critical…

Application Security

Issued by: Security Week

Uber Updates Bug Bounty Program

Uber last week updated the legal terms of its bug bounty program and provided guidance for good faith vulnerability research. The changes come just months after the ride-sharing giant admitted paying a couple of individuals as part of an effort to cover up a massive security incident. Uber says it has addressed nearly 200 flaws for…

Mobile Security

Issued by: Symantec Blog

No Rest for the Weary: Mobile Hackers are Getting More Aggressive

Another year, another increase in the number of mobile threats, vulnerabilities, and outdated mobile devices. So, what gives? If the headlines have you thinking that mobile security is getting worse, you’re not imagining things. We have just published the quarterly Mobile Threat Intelligence Report to dig into the 2017 numbers a bit.  The report is based on…

Network Security

Issued by: Security Week

New Bill in Georgia Could Criminalize Security Research

A new bill passed by the Georgia State Senate last week deems all forms of unauthorized computer access as illegal, thus potentially criminalizing the finding and reporting of security vulnerabilities. The new bill, which met fierce opposition from the cybersecurity community ever since it first became public, amends the Georgia code that originally considered only…

Malware & Threats

Issued by: Symantec Blog

Why Go it Alone Trying to Keep Your Organization Safe?

The threat landscape is getting more dangerous because it’s increasingly easy for malware authors to assemble elements (just in time) and deliver malicious payloads, and the likelihood they’ll get caught is very low.  Moreover, there’s far too much misleading information about cyber threats out there — for example, even though zero day threats receive plenty…