Cloud | SC Media

Cloud

Report: More than 15,000 vulnerabilities in nearly 4,000 applications reported in 2014

Meltdown, Spectre updates aplenty, but the fix is more complicated

By

A pair of flaws dubbed Meltdown and Spectre that take advantage of the speculative execution performance feature in modern CPUs make the memory of virtually all computers and devices accessible to hackers.  “The Meltdown [CVE-2017-5754] and Spectre [CVE-2017-5753 and CVE-2017-5715] exploitation techniques abuse speculative execution to access privileged memory—including that of the kernel—from a less-privileged user process…

Accentuate the negative: Accenture exposes data related to its enterprise cloud platform

Yet another company has mistakenly exposed its sensitive internal information after storing data on misconfigured cloud-based servers from Amazon Web Services. The culprit in this case – the $32.9 billion consulting and professional services company Accenture – was found to be insecurely storing data that, ironically, has to do with its own cloud-based enterprise solution,…

SC Awards 2017 finalists

SC Awards Finalists 2017

TRUST AWARDS Best Advanced Persistent Threat (APT) ProtectionAn advanced persistent threat (APT) product and/or service provides real-time detection of and protection against intruders gaining access to an enterprise environment to stealthily extract high-value information assets from targeted organizations in manufacturing, financial, national defense and other industries. Check Point Software Technologies for SandBlast Cisco for Advanced…

Shifting Liability

Deciding who is responsible for cybersecurity incidents

Who’s responsible for cybersecurity incidents? While the answer was never clear, it’s become even murkier over the last couple of years, marked by lots of finger-pointing and consequences aimed at boards, IT, users, senior management, business partners and the supply chain.    John Sapp, CISO at medical device company Orthofix, says the firing of top-level…

Next post in Security News