Broken access control and broken object level authorizations vulnerabilities have proven the most difficult to fix, while fixes for command injection and SQL injection flaws are most often incorrect.
Huntress uncovered software flaws and misconfigurations – from information disclosure or PII leakage to direct access to databases and potential remote code execution – in two of the top five virtual event platforms.
How much of Biden’s promised funding for cyber will support small and medium businesses? Tugboat Logic CEO Ray Kruck offers tips for managing the risk in the meantime.
Some question Microsoft’s decision to close the book on the investigation, and say zero trust might not have made a significant difference.
Padraic O’Reilly, co-founder of cyber risk firm CyberSaint, shared insights with SC Media, about the struggles faced by water plants, energy companies and other utilities to assess cyber risk and prevent cyberattacks.
Pseudonymous authors published more than 150 copycat packages just three days after research revealed a software supply chain flaw, attempting to exploit the vulnerabilities in the brief window before a patch.
Sachin Bansal, general counsel at SecurityScorecard, spoke with SC Media about ratings, and how they can be used to strengthen the supply chain and determine cyber insurance premiums.
Organizations operate in networks that on average include 1,409 vendors. Combine that with limited resources, and supply chain security can seem an oxymoron.
When it comes to cybersecurity coverage, the relationship between enterprises and insurers has been rocky and uncertain. But the market just may force a compromise.
The volatility and uncertainties brought about by the pandemic will have an impact well into the next decade, with executives foreshadowing struggles tied to evolving security requirements and the need to transform digitally on a dime.
