16 Aug 2019

North Korea fires two more ballistic missiles as it vows to end talks with ‘impudent’ South Korea

On Friday, North Korea carried out yet another missile test, South Korean officials stated. The test involved the launch of two short-range ballistic missiles. South Korea said that it was analyzing the activity together with US intelligence experts, adding that “the South Korean military is closely monitoring military movements and

Read More
16 Aug 2019

3,813 breaches were reported through June 30, exposing over 4.1 billion records

In the first half of this year 3,813 data breaches were reported, which is 54% more than in the same period last year, a new report by Risk Based Security shows. The number of exposed records rose by 52%. The eight biggest breaches in the first six months of 2019

Read More
16 Aug 2019

New Canon Survey Reveals Critical Gaps in Companies’ Cybersecurity Agenda

A new survey indicates that when it comes to cybersecurity, businesses are most concerned with the actions of their own staff. When asked about the biggest threat to their organization, 30% of respondents mentioned malicious insiders, and 25% said human error. Other threats that were given high priority were malware

Read More
16 Aug 2019

Huge Survey of Firmware Finds No Security Gains in 15 Years

A study by Cyber Independent Testing Lab (CITL) found that even though cyber attacks on Internet of things (IoT) devices have skyrocketed in the last 15 years, vendors have hardly done anything to make the firmware of these devices more secure. The research covered 6,000 firmware images of 18 vendors

Read More
16 Aug 2019

Network Deception Techniques Cut Dwell Times, Says Report

A new survey by Enterprise Management Associates (EMA) and Attivo Networks looks at how deception technology can improve the cyber defenses of organizations. It found that the majority of firms (55%) are using this technology. Around half of these firms rely on commercial solutions, 30% have developed their own solutions

Read More
16 Aug 2019

Red/Blue team exercises show defensive shortfalls: Survey

A new Exabeam survey indicates that according to 35% of organizations, their blue teams hardly ever or never succeed in mitigating simulated attacks by red teams. A mere 2% of firms indicated that red teams were caught every time, with the rest reporting occasional blue team success. 60% of firms

Read More
16 Aug 2019

Critical Bluetooth flaw opens millions of devices to eavesdropping attacks

Security researchers have uncovered a serious flaw in the Bluetooth Core Specification that can enable attackers to capture and meddle with Bluetooth communications between impacted devices. The vulnerability, tracked as CVE-2019-9506, has already been fixed in many devices. According to the research report[pdf], the Key Negotiation Of Bluetooth (KNOB) attack

Read More
16 Aug 2019

700,000 Choice Hotels records leaked in data breach, ransom demanded

Threat actors claim to have stolen 700,000 records containing personal information of Choice Hotels guests and want the hotel chain to pay 0.4 Bitcoin (over $4,000) for the data that had been stored in an unsecured MongoDB database. The exposed data includes guest names, email addresses, and phone numbers. Last

Read More
16 Aug 2019

Google Estimates 1.5% of Web Logins Exposed in Data Breaches

A new Google report based on data recorded by the Password Checkup browser extension for Chrome shows that 1.5% of web logins involved credentials that have been exposed in a data breach. The extension anonymously checks hashes against a massive database of credentials that have been compromised in a breach.

Read More
16 Aug 2019

Apache Struts Called Out For Incorrect Security Advisories

Apache Struts has repeatedly provided incorrect and incomplete information in the security advisories for the popular open-source web application framework, new research by Synopsys has found. 24 of the 57 security advisories that were covered by the study contained errors in terms of the Apache Struts versions that were said

Read More