vulnerability
As malware and network attacks increase in 2019, zero day malware accounts for 50% of detections
Amid significant increases in both malware and network attacks, multiple Apache Struts vulnerabilities – including one used in the devastating Equifax data breach – appeared …
SaaS security fears: Is your data exposed to potential risk?
IT executives have rising SaaS security fears, and worry about cloud security, proprietary data encryption, as well as the loss of independent control due to access …
Unpatchable KeyWe smart lock can be easily picked
A design flaw in the KeyWe smart lock (GKW-2000D), which is mostly used for remote-controlled entry to private residences, can be exploited by attackers to gain access to the …
December 2019 Patch Tuesday: Microsoft fixes one actively exploited zero-day
For December 2019 Patch Tuesday, Microsoft and Adobe have released the final scheduled security updates for this year, Intel has fixed Plundervolt, and Google has delivered …
How do SMBs plan to improve their security posture in 2020?
With cybersecurity concerns already mounting ahead of the 2020 presidential election, SMB executives are turning their attention to how these threats could impact their own …
Crooks are exploiting unpatched Android flaw to drain users’ bank accounts
Hackers are actively exploiting StrandHogg, a newly revealed Android vulnerability, to steal users’ mobile banking credentials and empty their accounts, a Norwegian app …
CVE gap widens: 16,738 vulnerabilities disclosed during the first nine months of 2019
Risk Based Security’s VulnDB team aggregated 16,738 newly-disclosed vulnerabilities during the first three quarters of 2019 which surpassed CVE/NVD by 5,970 during the same …
Apache Solr RCEs with public PoCs could soon be exploited
Two remote code execution (RCE) vulnerabilities in Apache Solr could be exploited by attackers to compromise the underlying server. One – CVE-2019-12409 – has …
Cybercriminals targeting e-commerce website vulnerabilities this holiday season
Expect unprecedented levels of online data theft this holiday season due to a lack of deployed client-side security measures. Disturbing lack of security measures Tala …
Driving collaboration between security and IT ops teams is a major challenge
Strained relationships between security and IT ops teams leave businesses vulnerable to disruption, even with increased spending on IT security and management tools, a Tanium …
Inadequate data sanitization puts enterprises at risk of breaches and compliance failures
Global enterprises’ overconfidence and inadequate data sanitization are exposing organizations to the risk of data breach, at a time when proper data management should be at …
Android camera apps could be hijacked to spy on users
A vulnerability in the Google Camera app may have allowed attackers to surreptitiously take pictures and record videos even if the phone is locked or the screen is off, …
Featured news
Resources
Don't miss
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)
- RIFT: New open-source tool from Microsoft helps analyze Rust malware