Multiple Zero-Day Vulnerabilities Discovered By Tenable Research In Building Access Technology

Web Vulnerability Scanner

An attacker could get free rein over buildings by exploiting the unpatched flaws to create fraudulent badges and disable building locks Tenable®, Inc., the Cyber Exposure company, today announced that Tenable Research has discovered several zero-day vulnerabilities in the PremiSys™access control system developed by IDenticard. When exploited, the most severe vulnerability would give an attacker […]

Security Talent Shortage

While CISOs and security teams have been doing their best to find creative solutions to the never-ending security talent shortage, the industry continues to struggle to meet the current and future demand. A Cisco report pegged the amount of unfilled cybersecurity jobs in 2019 at 1.5 million. Nimmy Reichenberg, CMO at cyber security company Siemplify says, “Many have hired IT […]

If Cybersecurity Breaches Are Inevitable What Should Organizations Do About It?

latest retail data breaches

There’s an inconvenient truth in the business community. As many business decision-makers are only too aware, hardly a week seems to go by without a data breach of some form being reported to press, and this year alone has witnessed some major breaches which have affected thousands of people around the world. Just take a […]

Long-Term Hacking Campaigns Against U.S Electric Grid

A recent deep dive by The Wall Street Journal reconstructs the worst hack into the US power systems, revealing attacks on hundreds of small contractors. Rather than strike the utilities head on, the hackers went after hundreds of contractors and sub-contractors and worked their way up the supply chain. Industry experts have said that Russian government hackers […]

Disaster Recovery: Beyond Backup

Business Continuity during Disasters

With the excessive amounts of data circulating in today’s modern organizations, the importance offinding a perfect storage solution, that can safeguard data, is deemed more imperative than ever. As data generation shows no signs of slowing down, it’s necessary to realize and accept that neither backup alone nor cloud alone will likely be a sufficient […]

Oklahoma Securities Commission Data Breach

Another huge leak of government information – a huge amount, 3 terabytes, of unprotected data from theOklahomaSecurities Commission wasuncoveredby Greg Pollock, a researcher with cybersecurity firm UpGuard. It amounted to millions of files, many on sensitive FBI investigations, all of which were left wide open on a server with no password, accessible to anyone with […]

200 Mil Chinese Resumes Exposed In MongoDB Leak

In response to news that200 million Chinese resumes were exposed in a MongoDBdatabase leakand there are indications the date was accessed at least a dozen timesexperts with OneSpan and Cequence offer perspective. Franklyn Jones, CMO atCequence: “It’s unusual for data breaches to yield such a rich set of data on individuals. Unfortunately, it provides fraudsters […]

Iran Blamed For Global DNS Hijacking Campaign

Mandiant Incident Response and Intelligence teams have identified a wave of DNS hijacking that has affected dozens of domains belonging to government, telecommunications and internet infrastructure entities across the Middle East and North Africa, Europe and North America. Initial research suggests the actor or actors responsible have a nexus to Iran. This campaign has targeted […]

Vulnerabilities In Web Hosting Platform

Bluehost, a popular web hosting platform, has been found to be riddled with vulnerabilities including one that would allow complete account takeover according to independent security researcher Paulos Yibelo. Expert Comments below: Mike Bittner, Digital Security and Operations Manager at The Media Trust: “By paying scant attention to security and privacy, web-hosting platform providers unknowingly […]

Congress’ Stalemate Means The U.S. Will Remain Cybercriminals’ Prime Target

Experts comments below: Francis Dinha, CEO at OpenVPN: “With the government shutdown, our country’s cybersecurity is at risk — both in the short term and the long term. The immediate risk is, of course, a higher vulnerability to attack. Without a full support staff, those essential employees still working hard to maintain cybersecurity simply don’t have […]