Cybersecurity News & Analysis | SC Media | Info Security News

Security News

Talkin’ about an EVOLUTION…

In cybersecurity terms, is there anything more Darwin-esque than ransomware? Small variations in targets, attacks, points of entry, payout and even attacker priorities have saved it from extinction and increased its ability to compete, survive and reproduce just as Charles Darwin contended organisms developed. Unfortunately, though, those attacks have evolved into a greater menace for…

Captives of industry

Ransomware is everywhere. It plagues businesses big and small, across the globe, even in the most hidden corners. Still, over the past year, certain industries have been feeling the pain more than others. A Malwarebytes quarterly report released last August found that detections of ransomware among organizations rose 365 percent from Q2 2018 to Q2…

Acuity Risk Management STREAM Integrated Risk Manager 5.4

STREAM is a risk management and compliance solution that gives visibility into risk levels by quantifying cyberrisks. It projects ROI by showing the potential repercussions of identified risk, quantifying the value gained through security expenditures and prioritizing risks based on the remediation costs. The solution is highly configurable, scalable and framework-agnostic, offering real-time updates and…

IllenaArmstrong

Ransomware grows more lucrative

At a fairly recent conference for financial institutions that was offering open, candid discussions and interactive training for cybersecurity leaders in attendance, ransomware was THE hot topic. In fact, this rising attack-type merited a half day of training that involved numerous three-letter agencies. The reasons for this are simple. As SC Media journalists this month…

October product reviews: Risk management

This month we take another look at risk management tools, a group that is evolving and continuing the trend of adding new features and taking interesting approaches like dramatically increased automation. In our view, automation is a crucial component of these risk management solutions since adequately and efficiently conducting risk management has exceeded the scope…

New checkm8 exploit can jailbreak millions of iOS devices

An independent researcher who goes by the Twitter handle axi0mX has discovered and published an iOS jailbreak exploit that applies to hundreds of millions of devices and cannot be patched. Named checkm8, the exploit leverages a race condition vulnerability found in the bootrom, a read-only memory chip that contains the first code that initially loads…

The word is out: Zynga was breached

A well-known hacker is taking credit for a data breach at the mobile game maker Zynga, claiming he gained access to 218 million user records. On Sept. 12, Zynga reported that a cybersecurity incident had taken place and account login information for certain players of Draw Something and Words With Friends may have been accessed.…

PHP update fixes arbitrary code execution flaw, 9 other bugs

The Center for Internet Security’s Multi-State Information Sharing and Analysis Center (MS-ISAC) on Friday issued a security advisory urging developers to upgrade to the latest version of PHP in order to patch an arbitrary code execution vulnerability that was found in the programming language. “PHP is prone to a heap-based buffer overflow vulnerability because the…

Apple updates software, fixes flaw affecting third-party keyboard apps

Apple last week released a series of software updates that repaired vulnerabilities in iOS, iPadOS, macOS Mojave, macOS High Sierra, macOS Sierra, watchOS, tvOS, Apple TV Software and Safari. This included a fix for an iOS/iPadOS flaw that, due to improper sandbox restrictions, can grant third-party keyboard extensions full access to iPhone, iPad and iPod…

Next post in Security News