Vulnerability opens FreeRADIUS servers to unauthenticated attackers
A vulnerability in the free, open source FreeRADIUS server could be exploited by remote attackers to bypass authentication via PEAP or TTLS. There is currently no indication …
First post-quantum cryptography on a contactless security chip
Due to their computing power, quantum computers have the disruptive potential to break various currently used encryption algorithms. Infineon Technologies has successfully …
Companies struggling to meet GDPR standards
A new survey conducted by Vanson Bourne asked IT leaders in the U.S., UK, Germany and France about their current data policies to see how well aligned they are with the EU …
Healthcare industry continues to struggle with software security
67% of medical device manufacturers and 56% of healthcare delivery organizations (HDOs) believe an attack on a medical device built or in use by their organizations is likely …
Week in review: Hacking through subtitles, new class of attacks against Android
Here’s an overview of some of last week’s most interesting news and articles: How to build a better SOC team There’s no scarcity of discussion around the reasons …
Most people would pay a ransom to get their data back
The high-profile WannaCry attack was the first time that 57% of US consumers were exposed to how ransomware works, the results of a recent Carbon Black survey have revealed. …
New class of attacks affects all Android versions
Researchers have demonstrated how a malicious app with two specific permission can stealthily compromise users’ Android devices. “The possible attacks include …
New infosec products of the week: May 26, 2017
Independent expert advice on Data Protection and GDPR For many organisations, the General Data Protection Regulation (GDPR) now mandates the appointment of an independent Data …
As GDPR deadline looms, time for compliance is running out
GDPR is a game-changing piece of data protection legislation that goes into effect on May 25, 2018. While the legislation includes various components related to how …
Guidance for connected vehicle security: Attack vectors and impacts
The Cloud Security Alliance (CSA) released its first ever research and guidance report on connected vehicle security. Authored by the CSA’s Internet of Things (IoT) …
Bogus anti-WannaCry apps cropping up on Google Play
While the world is still battling the WannaCry ransomworm menace, fraudsters have decided to exploit the threat’s visibility and users’ confusion to make them …
Critical Samba code execution hole plugged, patch ASAP!
The developers of Samba have plugged a critical remote code execution flaw that could allow a malicious client to upload a shared library to a writable share, and then cause …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)