Apache servers under attack through easily exploitable Struts 2 flaw
A critical vulnerability in Apache Struts 2 is being actively and heavily exploited, even though the patch for it has been released on Monday. System administrators are …
DevSecOps: Building continuous security into IT and app infrastructures
In this podcast recorded at RSA Conference 2017, Chris Carlson, VP of Product Management, Cloud Agent Platform at Qualys, talks about DevSecOps. Instead of making security a …
What’s the security posture of the Fortune 1000?
BitSight analyzed the security posture of some of the world’s largest organizations, and identified the most common system compromises. For comparison, Fortune 1000 companies …
Encrypted messaging app Confide suffers from many security issues
Confide, the encrypted instant messaging application with a self-destructing messaging system that has become popular with White House staffers, is not so secure after all. …
Clever spear-phishing emails hit employees involved in SEC filings
FireEye has flagged a sophisticated spear-phishing campaign hitting US-based businesses with emails purportedly coming from the US Securities and Exchange Commission (SEC). …
21% of websites still use insecure SHA-1 certificates
New research from Venafi Labs shows that 21 percent of the world’s websites are still using certificates signed with the vulnerable Secure Hash Algorithm, SHA-1. On February …
Western Digital My Cloud NAS devices wide open to attackers
Western Digital My Cloud NAS devices have again been found wanting in the security department, as two set of researchers have revealed a number of serious flaws in the …
Twitter reactions to the WikiLeaks CIA data dump
Here are some interesting Twitter reactions regarding the WikiLeaks release of 8,761 documents and files they claim originate from an isolated, high-security network situated …
Why cyber hygiene is vital for the security of your organization
In this podcast recorded at RSA Conference 2017, Rob Brownsword, VP of Product Marketing at Nehemiah Security, talks about how the most useful thing that you can do as the …
Fighting attackers in the era of data jacking
In this podcast recorded at RSA Conference 2017, Zohar Alon, CEO at Dome9 Security, talks about how attackers can compromise systems with valuable data that are either on-prem …
Connected home solutions adoption remains limited
Adoption of newer connected home solutions is still at the early adopter phase, according to Gartner. The survey, of nearly 10,000 online respondents in the U.S., the U.K. and …
Leaked: Docs cataloguing CIA’s frightening hacking capabilities
WikiLeaks has released 8,761 documents and files they claim originate from the US Central Intelligence Agency (CIA) – more specifically, from an “isolated, …