Software Vulnerabilities October 1, 2019 Why Fixing Security Vulnerabilities Is Not That Simple 6 min read - When it comes to patching, the devil is in the details. Help the process along by understanding these five issues organizations commonly face between scanning and finding security vulnerabilities.
Data Protection September 27, 2019 How Do You Secure a Smart City? 5 min read - Cybersecurity investments are rarely discussed during a smart city's strategic process. As smart cities become more complex, governments may be forced to play a continuous game of catch-up.
September 18, 2019 Patience Zero: Millions of Insecure Medical Images Frustrate Personal Data Protection 2 min read - Millions of medical images were discovered on completely insecure servers, accessible to anyone with a web browser or free software tool. How do healthcare organizations improve PHI security?
Software Vulnerabilities September 12, 2019 The Art of Patch Management 4 min read - The vagaries of systems and organizations, compounded by the irrationality of the human mind and variations in patches themselves, means that patch management is not an exact science — it's an art.
September 10, 2019 Purple Fox Malware Spread by RIG Exploit Kit Capable of Abusing PowerShell 2 min read - The RIG exploit kit is distributing a new variant of the Purple Fox downloader malware family that's capable of abusing PowerShell.
August 6, 2019 MegaCortex Ransomware v2 Released With Anti-Analysis Features 2 min read - Threat actors have released version 2.0 of MegaCortex ransomware and have equipped their threat with anti-analysis features, among other new capabilities.
August 6, 2019 SystemBC Malware Using SOCKS5 Proxies to Mask Traffic for Attack Infrastructure 2 min read - A new proxy malware called SystemBC is using SOCKS5 proxies to mask traffic for command-and-control (C&C) infrastructure involved in banking Trojan attacks.
July 29, 2019 Weekly Security News Roundup: US Company Selling Fully Working BlueKeep Exploit 3 min read - Last week in security news, a U.S. company announced that its penetration tool had incorporated a fully working exploit for the BlueKeep vulnerability.
July 24, 2019 Attack Campaign Targets Exposed Elasticsearch Servers With DDoS Botnet 2 min read - Researchers spotted an attack campaign that is seeking out publicly exposed Elasticsearch databases and servers to deliver a DDoS botnet.
July 10, 2019 Zoom Vulnerability Could Let Third Parties Take Over Webcams 2 min read - A zero-day Zoom vulnerability could allow third parties to snoop on videoconferencing calls, reactivate uninstalled apps and conduct other malicious activities.