Today’s File Security Is So 80’s – Imperva’s Hacker Intelligence Initiative Report

file security

Imperva, a leading voice in the world of data and application security solutions, has released a new report that researches the inability of access control to adequately limit an attacker’s scope for inflicting damage on an organisation. The new Hacker Intelligence Initiative (HII) report reveals three primary reasons why the traditional approach to file security no longer works: Permissions […]

Flaw In Virgin Media Super Hub Leaves It Open To Attack

Researchers from Context Information Security have discovered a flaw in Virgin Media wireless home routers, allowing them to gain unauthorised administrative-level access to the devices. After reverse engineering software from the Super Hub 2 and Super Hub 2AC, manufactured by Netgear, Context’s Jan Mitchell and Andy Monaghan discovered vulnerabilities in a feature allowing users to create […]

Authentication Bypass And OEM Backdoors In WiMAX Routers

According to this link, SEC Consult has found a vulnerability in several WiMAX routers, distributed by WiMAX ISPs to subscribers. The vulnerability allows an attacker to change the password of the admin user. An attacker can gain access to the device, access the network behind it and launch further attacks, add devices into a Mirai-like […]

High-Tech Bridge Releases Application Security Trends Research For Q1 And Q2, 2017

application

High-Tech Bridge, a leading provider of web and mobile application security testing services and a “ Gartner Cool Vendor 2017” and winner of SC Europe’s Best Emerging Technology category last week, released a summary on application security trends for Q1 – Q2 2017. Statistical data mentioned in the research largely comes from the ImmuniWeb® Application Security Testing […]

Synopsys Research Highlights The Pervasive Use Of Outdated And Insecure Third-Party Software Components

Analysis of More Than 120,000 Applications Found that Half of Third-Party Software Components in Use Are Outdated LONDON, UK. Synopsys, Inc. (Nasdaq: SNPS) today released its report, “The State of Software Composition 2017,” which analysed real-world data to investigate the security of the software supply chain ­ one of the most significant challenges the software industry faces today. […]

Industroyer: Biggest Threat To Industrial Control Systems Since Stuxnet

The 2016 attack on Ukraine’s power grid that deprived part of its capital, Kiev, of power for an hour was caused by a cyberattack. ESET researchers have since analyzed samples of malware, detected by ESET as Win32/Industroyer, capable of performing exactly that type of attack. Whether the same malware was really involved in what cybersecurity experts […]

Why Email Is Your Weakest Security Link – And How To Fix It

According to a recent report by corporate investigations and risk consulting firm Kroll, UK businesses are the second biggest victims of cybercrime in the world, with 92 per cent of executives saying they had experienced an attack or information loss in the last year.   Phishing is one of the most common types of cyberattack, with 30 per cent of […]

Biggest Threat To Industrial Control Systems Since Stuxnet

Breaking News: ESET has discovered a malware that is the biggest threat to critical infastructure since Stuxnet (the malicious worm that was responsible for causing substantial damage to Iran’s nuclear program) named Industroyer. As its name suggests, Industroyer was designed to disrupt critical industrial processes. The original blog post can be found here and the accompanying whitepaper can be […]

Tripwire ExpertOps Eases Resource Constraints In Cybersecurity Management

Solution provides cybersecurity and compliance risk management software and services, acts as virtual extension of an organization’s security team London, UK – Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced the launch of Tripwire® ExpertOpsSM, a cloud-based file integrity monitoring (FIM) and security configuration management (SCM) […]