Publishing exploits early doesn’t encourage patching or help defense, data shows
Despite debate in the threat intel community, a new study finds that publishing exploits before patches are available does more harm than good.
About SC Media
Security News
H&R Block seeks out open-source expertise to stock up on SOC talent
Open source experience can help propel professionals’ careers and bring diversity of thought to a security team. SC Media spoke to Carraig Stanwyck, H&R Block’s manager of global security operations, and Bernard Brantley, CISO at Corelight, to hear more.
SMBs increasingly face same cyber threats as large enterprises
For the first time since the Verizon Data Breach Investigations Report began tracking cyberattack techniques, threat patterns affecting small and medium businesses began to closely align with the patterns affecting large firms.
Microsoft fixes four critical vulnerabilities that pose risk to both data and infrastructure
Products affected by the Microsoft vulnerabilities include Hyper-V, Internet Explorer, Windows Server, and Windows 10.
Biden signs massive cyber order, using federal buying power to influence broader private sector practices
Biden signed a long-awaited executive order on cybersecurity, covering everything from federal procurement standards for private sector contractors to IoT security labels.
Report finds old misconfiguration woes continue to hammer corporate clouds
Misconfigured storage buckets and leaky APIs remain two of the top causes behind cloud breaches.
167 counterfeit apps used for financial scams against Android and iOS users
Researchers found 167 counterfeit Android and iOS apps that attackers used to steal money from victims who believed they installed a financial trading, banking or cryptocurrency app from a trusted provider.
Microvirtualization at the heart of new HP hardware line
The crown jewel security feature is HP’s micro-virtualization and isolation technology, which shift risky activities to hardware-enforced virtual machines.
‘Everyone had to rethink security’: What Microsoft learned from a chaotic year
Microsoft Corporate Vice President of Security, Compliance and Identity Vasu Jakkal spoke to SC Media about lessons learned from the year that brought COVID and, in particular, the Solarigate/ SUNBURST campaign.
Issues with configuration of AWS service lead to exposure of 5 million records
Amazon Web Services System Manager misconfigurations led to the potential exposure of more than 5 million documents with personally identifiable information and credit card transactions on more than 3,000 SSM documents.
Want to read more?
Next post in Cloud Security
