New security concerns for the open-source software supply chain
Open-source software is a critical element of the software supply chain in companies of all sizes, but there are new security concerns for the open-source software supply …
Top outcomes organizations want from their security investments
Preventing data breaches and safeguarding remote workers are among the top security priorities and outcomes organizations want from their security investments, according to …
Week in review: 3FA, Fortinet firewalls under attack, and the riskiest connected devices
Lack of transparency, systemic risks weaken national cybersecurity preparedness Bob Kolasky, SVP for Critical Infrastructure at Exiger, previously served as Assistant Director …
Researchers release PoC for Fortinet firewall flaw, exploitation attempts mount
Horizon3.ai researchers have released a PoC exploit for CVE-2022-40684, the authentication bypass vulnerability affecting Fortinet‘s firewalls and secure web gateways, …
Weakness in Microsoft Office 365 Message Encryption could expose email contents
WithSecure researchers are warning organizations of a security weakness in Microsoft Office 365 Message Encryption (OME) that could be exploited by attackers to obtain …
New infosec products of the week: October 14, 2022
Here’s a look at the most interesting products from the past week, featuring releases from ABBYY, Digi International, Portnox, Stytch, and Thales. Digi SAFE: Connectivity …
Alternative payment methods are creating new fraud risks
A Juniper Research study found that the total cost of eCommerce fraud to merchants will exceed $48 billion globally in 2023, from just over $41 billion in 2022. It predicted …
Here’s 5 of the world’s riskiest connected devices
Forescout’s research team analyzed 19 million connected devices deployed across five different industries, to find the riskiest device groups: smart buildings, medical …
Consumers want more transparency on how companies manage their data
Cisco published its 2022 Consumer Privacy Survey, an annual global review of consumers’ perceptions and behaviors on data privacy, highlighting the critical need for further …
For most companies ransomware is the scariest of all cyberattacks
SonicWall released the 2022 SonicWall Threat Mindset Survey which found that 66% of customers are more concerned about cyberattacks in 2022, with the main threat being focused …
Microsoft patches Windows flaw exploited in the wild (CVE-2022-41033)
October 2022 Patch Tuesday is here, with fixes for 85 CVE-numbered vulnerabilities, including CVE-2022-41033, a vulnerability in Windows COM+ Event System Service that has …
Auth bypass bug in FortiOS, FortiProxy is exploited in the wild (CVE-2022-40684)
After privately warning customers last week that they need to patch or mitigate CVE-2022-40684, a critical vulnerability affecting FortiOS, FortiProxy, and FortiSwitchManager, …