web analytics

Unpatched Flaws Affect Chrome, Firefox, and Safari Browser Extension Systems

August 28th, 2017 By Catalin Cimpanu     Security researchers have discovered two flaws that affect the extension systems embedded in today’s browsers, such as Firefox, Safari, and all the Chromium-related offshoots, such as Chrome, Opera, and others.   These flaws can be exploited by a determined attacker to expose a list of the user’s… Continue reading Unpatched Flaws Affect Chrome, Firefox, and Safari Browser Extension Systems

U.S. Government Cybersecurity Ranks 16th Out of 18 Industry Sectors

By Kevin Townsend on August 28, 2017   The U.S. state and federal government’s cybersecurity standing is ranked 16th of 18 industry sectors in a new report. This is a very small improvement on last year’s comparable position, which was 18th out of 18; but it still paints a grim picture of public sector readiness… Continue reading U.S. Government Cybersecurity Ranks 16th Out of 18 Industry Sectors

The War Room: Experiential Security Planning

By Ed Moyle • E-Commerce Times • ECT News Network Aug 16, 2017 1:22 PM PT     Ask any security practitioner about ransomware nowadays, and chances are good you’ll get an earful. Recent outbreaks like Petya and WannaCry have left organizations around the world reeling, and statistics show that ransomware is on the rise… Continue reading The War Room: Experiential Security Planning

Consumers Gain More Power to Seek Data Breach Damages

By John K. Higgins • E-Commerce Times • ECT News Network Aug 21, 2017 1:43 PM PT   There are no good outcomes of an electronic data system breach. At best, companies dealing with e-commerce technologies face the formidable task and the resulting cost of repairs. In addition having to fix information technology systems, companies… Continue reading Consumers Gain More Power to Seek Data Breach Damages

Marketing Security Solutions: Is There a Better Way?

By Joshua Goldfarb on August 23, 2017   In my previous piece, I discussed the difficulty vendors sometimes have in understanding what security buyers are really looking for.  As I mentioned in that piece, this confusion is further compounded by the large volume of vendors and distinct markets that exist within the information security profession.… Continue reading Marketing Security Solutions: Is There a Better Way?

National Cyber Security Awareness Month-Tip Roundup

By: Arun Vishwanath   BLACK HAT USA 2017 — Arun Vishwanath, associate professor at the University at Buffalo and faculty associate at Harvard University’s Berkman Klein Center, visits the Dark Reading News Desk to discuss the need for better cybersecurity awareness “diagnostics.” Vishwanath says training often tries to apply the same cure to every ailment… Continue reading National Cyber Security Awareness Month-Tip Roundup

Chinese Cyber-Espionage Group Uses Game of Thrones as Phishing Lure

August 26, 2017  By Catalin Cimpanu   A cyber-espionage unit is using the recent Game of Thrones episode leaks to lure targets into opening malicious documents sent via email.   For the past week, the group has sent emails to victims with the subject of “Wanna see the Game of Thrones in advance?” hoping to… Continue reading Chinese Cyber-Espionage Group Uses Game of Thrones as Phishing Lure

Watch Someone Buy a Laptop for $1 Thanks to a Severe POS Vulnerability

August 25, 2017  By Catalin Cimpanu     A vulnerability in the SAP POS Xpress Server allows attackers to alter configuration files for SAP Point-of-Sale systems, alter prices, and collect payment card data and send it to one of their servers.   SAP POS solutions are based on a client-server architecture that retailers can install… Continue reading Watch Someone Buy a Laptop for $1 Thanks to a Severe POS Vulnerability

Leak of >1,700 valid passwords could make the IoT mess much worse

List of unsecured devices lived in obscurity since June. Now, it’s going mainstream.     Dan Goodin (US) – 26/8/2017   Security researchers have unearthed a sprawling list of login credentials that allows anyone on the Internet to take over home routers and more than 1,700 “Internet of things” devices and make them part of… Continue reading Leak of >1,700 valid passwords could make the IoT mess much worse

Cisco IOS Flaws Expose Rockwell Industrial Switches to Remote Attacks

By Eduard Kovacs on August 25, 2017   Rockwell Automation has informed customers that some of its Allen-Bradley Stratix and ArmorStratix industrial ethernet switches are exposed to remote attacks due to vulnerabilities in Cisco’s IOS software.   The Allen-Bradley Stratix and ArmorStratix switches, which ICS-CERT says are used worldwide in the critical manufacturing, energy and… Continue reading Cisco IOS Flaws Expose Rockwell Industrial Switches to Remote Attacks