Don’t accept risk with a pocket veto
We who live risk management know there are four responses when confronted with a credible risk to our organizations. We can treat the risk to reduce it. We can avoid the risk …
Losses from online payment fraud to reach $48 billion annually
A new study from Juniper Research has found that annual online payment fraud losses from eCommerce, airline ticketing, money transfer and banking services, will reach $48 …
Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent
Adobe has released a Flash Player update that plugs a critical vulnerability (CVE-2018-15981) that could lead to remote code execution, and is urging users to implement it as …
Conficker: A 10-year retrospective on a legendary worm
This November marked the 10-year anniversary of Conficker, a fast-spreading worm targeting Microsoft systems that went on to claim one of the highest levels of infection in …
The holiday season and cybercrime: 8 ways to protect yourself
The holiday season has become an unbridled online spending extravaganza, and threat actors have taken notice. For shoppers, what starts out as an attempt to fulfill their …
Should government officials complete basic cyber security training?
Venafi announced the results of a survey of 515 IT security professionals’ views on the cyber security literacy of government officials. The survey was conducted August 4-9, …
The state of BYOD and mobile device security
Bitglass has released its 2018 BYOD Security Report. The analysis is based on a survey of nearly 400 enterprise IT experts who revealed the state of BYOD and mobile device …
Make-A-Wish website compromised to serve cryptojacking script
Visitors of the international website of the US-based non-profit Make-A-Wish Foundation have had their computing power misused to covertly mine cryptocurrency, Trustwave …
“Classic” bugs open TP-Link’s SafeStream Gigabit Broadband VPN Router to attack
Cisco Talos researchers have flagged four serious vulnerabilities in TP-Link’s SafeStream Gigabit Broadband VPN Router (TL-R600VPN). All four affect the device’s …
Privacy laws do not understand human error
In a world of increasingly punitive regulations like GDPR, the combination of unstructured data and human error represents one of the greatest risks an organization faces. …
66.1% of vulnerabilities published through Q3 2018 have a documented solution
There have been 16,172 vulnerabilities disclosed through October 29th, which is a 7% decrease from the high record reported last year at this time. The 16,172 vulnerabilities …
Third parties: Fast-growing risk to an organization’s sensitive data
The Ponemon Institute surveyed more than 1,000 CISOs and other security and risk professionals across the US and UK to understand the challenges companies face in protecting …
Featured news
Resources
Don't miss
- Rethinking AppSec: How DevOps, containers, and serverless are changing the rules
- Autorize: Burp Suite extension for automatic authorization enforcement detection
- RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248)
- Exploited: Vulnerability in software for managing Samsung digital displays (CVE-2024-7399)
- What a future without CVEs means for cyber defense