Ransomware disrupts worldwide production for Belgian aircraft parts maker
ASCO Industries, a manufacturer of aerospace components with headquarters in Zaventem, Belgium, has been hit with ransomware, which ended up disrupting its production around …
enterprise
Lack of visibility and IT staff availability: The main challenges of enterprise decentralization
As enterprise IT reckons with fundamental changes to their networking infrastructure, teams are being stretched to the limit, requiring a new approach to network monitoring …
BlueKeep RDP flaw: Nearly a million Internet-facing systems are vulnerable
Two weeks have passed since Microsoft released security fixes and mitigation advice to defang exploits taking advantage of CVE-2019-0708 (aka BlueKeep), a wormable …
How mainstream media coverage affects vulnerability management
For better or for worse, mainstream media is increasingly covering particularly dangerous, widespread or otherwise notable security vulnerabilities. The growing coverage has …
If you haven’t yet patched the BlueKeep RDP vulnerability, do so now
There is still no public, working exploit code for CVE-2019-0708, a flaw that could allow an unauthenticated remote attacker to execute remote code on a vulnerable target …
How to write an effective data breach notification?
Data breach notifications sent by companies to affected customers are often unclear and not very helpful, University of Michigan researchers have found. The problem(s) The …
Google has been storing unhashed G Suite customer passwords
Google has discovered that it has been storing some G Suite users’ passwords in clear text and is notifying G Suite administrators that it will force a password change …
Android Q: Enhanced security for consumers and enterprises
The upcoming, newest version of Android – still only known as “Android Q” – will have many new and improved protections for user privacy. Google has …
Critical flaw allows attackers to take over Cisco Elastic Services Controllers
Cisco has patched a critical, remotely exploitable authentication bypass vulnerability in Cisco Elastic Services Controller (ESC), a popular enterprise software for managing …
Microsoft 365 updates for better enterprise data privacy
Microsoft has announced new privacy controls for Microsoft 365 enterprise customers: they will be able to revoke access to encrypted emails, block sensitive information from …
