Positive Technologies
The dark web is flooded with offers to purchase corporate network access
There is a flood of interest in accessing corporate networks on the dark web, according to Positive Technologies. In Q1 2020, the number of postings advertising access to …
Exploits for Citrix ADC and Gateway flaw abound, attacks are ongoing
With several exploits targeting CVE-2019-19781 having been released over the weekend and the number of vulnerable endpoints still being over 25,000, attackers are having a …
Flaws allow attackers to bypass payment limits on Visa contactless cards
Flaws that allow attackers to bypass the payment limits on Visa contactless cards have been discovered by researchers Leigh-Anne Galloway and Tim Yunusov at Positive …
High-risk vulnerabilities found in 1/3 of iOS apps, nearly half of Android apps
Expert testing of iOS and Android mobile applications shows that in most cases, insecure data storage is the most common security flaw in mobile apps. Positive Technologies’ …
Exploitation of vulnerabilities in Moxa industrial switches could disrupt communication between ICS components
Positive Technologies experts Ivan Boyko, Vyacheslav Moskvin, and Sergey Fedonin have discovered multiple vulnerabilities in Moxa industrial switches in the EDS-405A, …
What do successful pentesting attacks have in common?
In external penetration testing undertaken for corporate clients in industrial, financial, and transport verticals in 2018, Positive Technologies found that, at the vast …
Vulnerabilities in mPOS devices could lead to fraud and theft
Vulnerabilities in mPOS (mobile point-of-sale) machines could allow malicious merchants to defraud customers and attackers to steal payment card data, Positive Technologies …
How the human factor puts your company at risk
Positive Technologies has released a new report with statistics on the success rates of social engineering attacks, based on the 10 largest and most illustrative pentesting …
Number of Internet-accessible ICS components is increasing every year
The number of industrial control system (ICS) components – which run factories, transport, power plants and other facilities – left open to Internet access, is …
Intel chips riddled with deadly flaws
As we’re waiting for security researchers to detail the Intel Management Engine vulnerability that can allow attackers to run undetectable, unsigned code on machines …
Critical RCE flaw in ATM security software found
Researchers from Positive Technologies have unearthed a critical vulnerability (CVE-2017-6968) in Checker ATM Security by Spanish corporate group GMV Innovating Solutions. The …