vulnerabilities Archives - Page 63 of 63

Ex-NSA contractor hoarded two decades’ worth of secrets

Issued by: CIO Security

The former National Security Agency contractor suspected of stealing U.S. hacking tools allegedly was found hoarding two decades’ worth of classified materials. In a Thursday court filing, federal investigators provided new details on their case against 51-year-old Harold Martin, who was arrested in late August. Investigators have seized 50 terabytes of information from Martin, in…

Vulnerabilities

“Dirty COW” Linux Kernel Exploit Seen in the Wild

Issued by: Security Week

A new Linux kernel vulnerability disclosed on Wednesday allows an unprivileged local attacker to escalate their privileges on a targeted system. Red Hat said it was aware of an exploit in the wild. The vulnerability, discovered by Phil Oester, was sarcastically dubbed by some people “Dirty COW” due to the fact that it’s caused by…

Software Security, Vulnerabilities

US Bank Regulators Draft Rules For Financial Services Cybersecurity

Issued by: Dark Reading

US bank regulators are all set to issue new standards for banks to protect themselves from cyberattacks, reports Reuters. The proposal, expected to be finalized soon and binding on financial institutions with more than $50 billion assets, comes in the wake of US banks suffering serious losses from online thefts. When the rules come into…

Application Security, Vulnerabilities

Breaking the OODA Loop!

Issued by: Security Week

The OODA loop is a well established concept often used in security which originated in the military. OODA stands for Observe, Orient, Decide, Act. OODA is an iterative process because after each action you need to observe your results and any new opposing action. The idea is that if you can consistently get to the…

Vulnerabilities

What to do When You Can’t Patch a Vulnerability

Issued by: IKANOW

The Verizon DBIR has a lot to say about vulnerabilities. One of the more interesting topics is the large number of 2015 vulnerability exploits that were more than a year old. In a footnote the DBIR authors comment that “Those newly exploited CVEs, however, are mostly – and consistently – older than one year.” The…