Apache Struts 2 – Under Attack Now

Security researchers have discovered an open source code vulnerability (CVE-2017-5638) in Apache Struts 2 – (report). The software is used widely by software developers in the financial services industry to build Java web applications. The vulnerability is being used in cyber attacks right now. Users are advised to urgently update Struts, which Apache patched earlier […]

Utility Employees Worried About Security Threat Readiness, NERC Compliance

Detect APTs on Network

More than 20,000 utility employees said a low percentage of major security projects were being implemented, indicating utilities seemingly have a false belief that a Ukraine-like security breach can’t happen in the US. Tim Erlin, Sr. Director, Product Management at Tripwire commented below. Tim Erlin, Sr. Director, Product Management at Tripwire: “There’s a clear and present cybersecurity risk for […]

Your Kick-Start Plan For GDPR Compliance From Someone Going Through It Too

If you are reading this, you already know what GDPR is and why it is so important that your organisation is compliant. Like most working on compliance in their organisation, I have attended various GDPR events. Clearly, there is huge interest in this subject and it is interesting to see the various ways in which […]

WikiLeaks Providing Access To CIA Hacking Tools

WikiLeaks released a trove of documents this week alleging that CIA agents undertake major efforts to circumvent user encryption, resorting to highly targeted attacks involving physical work-arounds. IT security experts from Rubicon Labs, CipherCloud and Pushfor commented below. Rod Schultz, VP of Product at Rubicon Labs: “Encryption has never been stronger, the algorithms we have today […]

The New Cyber Security Ecosystem

When one compares cyber security today to what it was ten years ago, the two are almost unidentifiable as the same industry. The iPhone had only just launched; Facebook was still in it’s infancy; the Internet of Things (IoT) was still a dream. The routes a hacker could use to access a system were limited, […]