DoS vulnerability found in Eclipse Jetty
Jetty has such wide use that the vulnerability is what one researcher described as “close to a digital nightmare,” especially on embedded devices in industrial control systems – which are often not patchable.
About SC Media
Research
Microsoft makes CodeQL queries public so security pros can better understand SolarWinds attack
Microsoft won praise from security researchers by making its CodeQL queries public so any organization could use the open source tools to analyze if they experienced any vulnerabilities from the SolarWinds hack or similar supply chain attacks.
Mitre and Purdue University team up to push big ideas in cyber and tech
The partnership will allow the two organizations to share research, expertise and personnel as they explore new technologies and workforce solutions in cybersecurity, autonomous systems, microelectronics, and other areas.
SOC teams spend nearly a quarter of their day handling suspicious emails
Email investigations take nearly double the amount of time as prevention and response. Time well spent?
Users of IoT products from three major vendors at risk of DoS attacks, data leaks
Softing Industrial Automation GmbH, Kepware PTC, and Matrikon Honeywell all provided fixes for their respective products after security firm Claroty privately disclosed them during 2020.
Complexity and cost chip away at SOCs’ perceived return on investment
51% of 17,200 surveyed IT and security practitioners said that
their SOC’s ROI has gotten worse.
Tool shows what bad bot traffic ‘sounds’ like. Is there a practical application?
“Botronica” translates human bot traffic into sounds as a creative way to generate awareness of malicious bot activity.
Cyber skills gap shrinks, but lack of talent remains major risk factor
Two recent reports reiterate that even with progress, the skills gap continues to pose a significant threat to organizations.
New report suggests the bug bounty business is recession-proof
Organizations during the ongoing COVID-19 crisis and global recession may find themselves relying more on external assistance from the greater hacking community as a way to augment their internal efforts to mitigate vulnerability risk.
ID theft protection for employees can boost productivity, worker loyalty
Unlimited vacation, 401K-matching and… identity compromise protections? A new study finds that anti-ID theft services offered as a workplace benefit can be attractive to both employees and employers.
Next post in Research
