Attackers are weaponizing more vulnerabilities than ever before
2018 had the most weaponized vulnerabilities ever (177), which represents a 139% increase compared to 2017, according to the RiskSense latest report. In addition, the rate of …
vulnerability
Bad security hygiene still a major risk for enterprise IT networks
Unpatched vulnerabilities, along with growing network and application complexity pose an ongoing security risk which could threaten the security of enterprise IT networks. …
Enterprise VPN apps store authentication and session cookies insecurely
CVE-2019-1573, a flaw that makes VPN applications store the authentication and/or session cookies insecurely (i.e. unencrypted) in memory and/or log files, affects a yet to be …
WPA3 design flaws affect security of new Wi-Fi standard
Researchers have discovered a number of design flaws affecting the security of the recently introduced WPA3 data transmission protocol. Collectively dubbed Dragonblood …
Mainframe security is top priority for 85% of IT pros yet few are adequately protecting their systems
While 85 percent of companies say mainframe security is a top priority, just 33 percent always or often make mainframe decisions based on security. The “Don’t Let Mainframe …
PoC exploit for Carpe Diem Apache bug released
Charles Fol, the security engineer that unearthed the Carpe Diem Apache HTTP Server bug (CVE-2019-0211), has released an exploit for it. “This is between a POC and a …
Magento sites under attack through easily exploitable SQLi flaw
A recently patched SQL injection flaw affecting the popular open-source e-commerce platform Magento is being actively exploited by attackers, so if you haven’t …
The unique business-critical threats facing converged IT-OT systems
Manufacturing networks still running outdated technology could risk their intellectual property and production processes. The Trend Micro report, Securing Smart Factories: …
Vulnerability found in Guard Provider, Xiaomi’s pre-installed security app
Check Point Research discovered a vulnerability in one of the preinstalled apps on devices manufactured by one of the world’s biggest mobile vendors, Xiaomi. The vulnerability …
Patched Apache flaw is a serious threat for web hosting providers
Organizations running Apache web servers are urged to implement the latest security update to fix a serious privilege escalation flaw (CVE-2019-0211) that can be triggered via …
