SecurityWeek

Latest IT Security News and Expert Insights Via RSS Feed
  1. A New Mexico man admitted in court this week to launching distributed denial of service (DDoS) attacks against the websites of former employers, business competitors, and public services.

    read more

  2. A researcher has conducted an analysis of Jenkins servers and found that many of them leak sensitive information, including ones belonging to high-profile companies.

    London-based researcher Mikail Tunç used the Shodan search engine to find Jenkins servers accessible from the Internet and discovered roughly 25,000 instances.

    read more

  3. Companies have become more open in the past year to receiving vulnerability reports from security researchers, according to ethical hackers surveyed by bug bounty platform HackerOne.

    read more

  4. Through working every day with organizations’ incident response (IR) teams, I am confronted with the entire spectrum of operational maturity. However, even in the companies with robust IR functions, the rapidly evolving threat landscape, constantly changing best practices, and surplus of available tools make it easy to overlook important steps during planning. As a result, by the time an incident occurs, it’s too late to improve their foundational procedures. 

    read more

  5. A recently observed email campaign is abusing compromised FTP servers as download locations for malicious documents and infecting users with the Dridex banking Trojan, Forcepoint has discovered. 

    read more

  6. Apple and Advanced Micro Devices (AMD) are also facing class action lawsuits following the disclosure of critical CPU vulnerabilities that affect billions of devices.

    read more

  7. The recently discovered malware known as Triton and Trisis exploited a zero-day vulnerability in Schneider Electric’s Triconex Safety Instrumented System (SIS) controllers in an attack aimed at a critical infrastructure organization.

    read more

  8. Mobile and cloud computing have challenged the concept of perimeter security. There is no longer an easily definable perimeter to defend. VPNs are a traditional, but not ideal solution. Neither approach addresses the attacker who gets through the perimeter or into the VPN. Google long ago recognized the problems and introduced BeyondCorp as an alternative to perimeters and VPNs for its own worldwide employees.

    read more

  9. An espionage campaign using malware-infected messaging apps has been stealing smartphone data from activists, soldiers, lawyers, journalists and others in more than 20 countries, researchers said in a report Thursday.

    read more

  10. The cyber-espionage group known as Fancy Bear was highly active in the second half of 2017, hitting political organizations worldwide, Trend Micro said this week.

    read more

  11. Not All Automated Software Security Assessment Approaches Are Created Equal

    read more

  12. Intel Patches for Meltdown and Spectre Cause More Frequent Reboots

    read more

  13. Google this week announced security center for G Suite, a tool that brings together security analytics, actionable insights, and best practice recommendations from Google. 

    read more

  14. Cisco has patched several high severity vulnerabilities, including ones that allow privilege escalation and denial-of-service (DoS) attacks, in its Unified Customer Voice Portal (CVP), Email Security, and NX-OS products.

    read more

  15. A team of researchers has earned more than $100,000 from Google for an Android exploit chain that can be used to hack the company’s Pixel phone remotely simply by getting the targeted user to access a malicious website.

    read more

Website Copyright 1998-2018 by PCBest. All Rights Reserved.
we accept credit cards