To most effectively combat sophisticated and stealthy cyberattacks by advanced nation-state actors, today’s modern-day security operations center must first truly understand their own businesses, according to Monzy Merza, vice president of security research at Splunk. “They have to understand where the risks are, where the threats are based on the environment that they’re living. So…
A Connecticut man admitted to hacking into the iCloud accounts of prominent females celebrities including “Red Sparrow” actress Jennifer Lawrence and more than 200 others.
A GulfTech researcher spotted multiple vulnerabilities In Western Digital’s MyCloud products, some of which could lead to remote code execution and unauthorized access.
A pair of flaws dubbed Meltdown and Spectre that take advantage of the speculative execution performance feature in modern CPUs make the memory of virtually all computers and devices accessible to hackers. “The Meltdown [CVE-2017-5754] and Spectre [CVE-2017-5753 and CVE-2017-5715] exploitation techniques abuse speculative execution to access privileged memory—including that of the kernel—from a less-privileged user process…
Make-up company Tarte Cosmetics exposed the personal information of nearly two million online customers after two of its online MongoDB databases were reportedly misconfigured for public access.
Yet another company has mistakenly exposed its sensitive internal information after storing data on misconfigured cloud-based servers from Amazon Web Services. The culprit in this case – the $32.9 billion consulting and professional services company Accenture – was found to be insecurely storing data that, ironically, has to do with its own cloud-based enterprise solution,…
A bipartisan group of U.S. representatives from the House Information Technology Subcommittee has reintroduced the Modernizing Government Technology (MGT) Act designed to modernize the federal IT infrastructure while eliminating wasteful spending.
Cloud security vendor fixes cross-site-scripting bug, downplays the threat, says it would only affect co-workers.
Researcher at the Russia proactive software firm Elcomsoft found that iPhones silently upload call logs to iCloud.
TRUST AWARDS Best Advanced Persistent Threat (APT) ProtectionAn advanced persistent threat (APT) product and/or service provides real-time detection of and protection against intruders gaining access to an enterprise environment to stealthily extract high-value information assets from targeted organizations in manufacturing, financial, national defense and other industries. Check Point Software Technologies for SandBlast Cisco for Advanced…
