Top

Tag: vulnerabilities


Uncategorized, Vulnerabilities

Implementing Bug Bounty Programs: The Right and Wrong Approaches

July 11, 2019

Via: Threat Post

While bug-bounty programs may seem like a cure-all solution for companies looking discover vulnerabilities in their systems more efficiently, the fact remains that a program could overwhelm a firm’s internal security team and cause other major headaches if implemented the […]


Network security

Senate investigation finds multiple federal agencies left sensitive data vulnerable to cyberattacks for past decade

June 25, 2019

Via: The Hill

Several federal agencies failed to update system vulnerabilities over the course of the last two administrations and left Americans’ personal information open and vulnerable to theft, a report released Tuesday by the Senate Homeland Security and Governmental Affairs Subcommittee on […]


Mobile, Mobile security

High-risk vulnerabilities found in 1/3 of iOS apps, nearly half of Android apps

June 21, 2019

Via: Help Net Security

Expert testing of iOS and Android mobile applications shows that in most cases, insecure data storage is the most common security flaw in mobile apps. Positive Technologies’ yearly report, Vulnerabilities and Threats in Mobile Applications 2019, found that critical vulnerabilities […]


Threats & Malware, Vulnerabilities

Cisco fixes critical vulnerabilities in its SD-WAN, DNA Center solutions

June 20, 2019

Via: Help Net Security

Cisco has released another batch of fixes for many of its products, including its SD-WAN and DNA Center solutions, its Email Security Appliance, Security Manager, SOHO routers/firewalls, and more. Critical flaws CVE-2019-1625 could allow an authenticated, local attacker to elevate […]


Threats & Malware, Vulnerabilities

Web App Vulnerabilities Flying Under Your Radar

May 28, 2019

Via: Dark Reading

Organizations could face big problems from seemingly small Web application vulnerabilities. The problem is, many of these bugs fly under the radar because they’re not considered severe. Shandon Lewis, senior Web application penetration tester at Backward Logic, discussed a few […]


Vulnerabilities

2 Million IoT Devices Vulnerable to Complete Takeover

April 30, 2019

Via: Threat Post

Over 2 million IP security cameras, baby monitors and smart doorbells have serious vulnerabilities that could enable an attacker to hijack the devices and spy on their owners — and there’s currently no known patch for the shared flaws. The […]


Wireless security

Verizon Patches Trio of Vulnerabilities in Home Router

April 10, 2019

Via: Dark Reading

Verizon has patched a trio of vulnerabilities in a router commonly used by millions of customers of the company’s Fios bundled Internet access, phone and TV service. The flaws, in Verizon’s Quantum Gateway routers, if exploited, could give attackers complete […]


Application security, Mobile security, Vulnerabilities

Preinstalled Mobile Security App on Xiaomi Handsets Delivered Vulnerabilities, Not Protection

April 5, 2019

Via: Threat Post

Preinstalled apps on mobile phones can be just as annoying as crapware found on new PCs. Now a report from security experts at Check Point Research suggest those preinstalled mobile apps may be more than just annoying – they can […]


Vulnerabilities

Backdoors inevitably create vulnerabilities that can be exploited by malicious actors

April 4, 2019

Via: Help Net Security

73 percent of IT security professionals believe countries with government-mandated encryption backdoors are more susceptible to nation-state attacks. The Venafi survey on government-mandated encryption backdoors evaluated the opinions of 517 IT security professionals attending the RSA Conference 2019. “This is […]


Vulnerabilities

Vulnerability management woes continue, but there is hope

April 1, 2019

Via: CSO Online

I remember giving a presentation when I first started working in cybersecurity in 2003 (note: It was called information security back then). I talked about the importance of good security hygiene, focusing on deploying secure system configurations, managing access controls, […]