Mitigate Risk From Malicious and Accidental Insiders

September 20, 2018

When we hear the term “insider trading” most people think of the illegal practice of trading a public company’s stock based on material, non‐public information. The image of Michael Milken, Ivan Boesky or Martha Stewart may come to mind. Yet […]

Here’s Why Business Email Compromise Is Still Driving Executive Identity Theft

September 12, 2018

All it took was access to a lawyer’s email, and suddenly, almost $532,000 was in the wrong hands. This business email compromise (BEC) scam began simply: A criminal in Los Angeles named Ochenetchouwe Adegor Ederaine, Jr. gained access to a […]

Unidentified Devices Leave Networks Vulnerable

September 4, 2018

As organizations embrace digital transformation to improve operational efficiency, IoT devices—including industrial and medical IoT—are being deployed at an unprecedented rate. This rapid adoption of IoT is one of the primary reasons why networks are in constant flux. New devices, […]

Application security

Firefox DoS issue crashes the browser and sometimes the Windows OS

September 24, 2018

Via: Security Affairs

A security researcher discovered a bug affecting Firefox on Mac, Linux, and Windows that could crash the browser and in some cases the underlying OS. The security researcher Sabri Haddouche from Wire discovered a bug that affects Firefox on Mac, […]


Account Takeover Attacks Become a Phishing Fave

September 21, 2018

Via: Dark Reading

More than three-quarters of ATOs resulted in a phishing email, a new report shows. Why spoof an email address for phishing messages when you can hijack an account and send them from the real one? That’s the theory behind account […]


Cisco Patches Code Execution in Webex Player

September 21, 2018

Via: Security Week

Cisco this week addressed vulnerabilities in the Webex Network Recording Player for Advanced Recording Format (ARF) that could allow a remote attacker to execute arbitrary code on a targeted system. The Webex Meetings Server is a multimedia conferencing solution that […]


Rockwell Automation Patches Severe Flaws in Communications Software

September 21, 2018

Via: Security Week

Rockwell Automation has patched several critical and high severity vulnerabilities in its RSLinx Classic communications software. RSLinx Classic is a widely used piece of software that allows organizations to connect Logix5000 programmable automation controllers to various Rockwell applications, including for […]