03 May 2019

Open Source Vulnerabilities Increase in 2018

A new report by Synopsys indicates that open source security vulnerabilities are on the rise, putting companies that increasingly make use of such solutions at risk. In 2018, 7,000 open source vulnerabilities were identified, bringing the total of flaws found in the past twenty years to over 50,000. The research

Read More
01 May 2019

Vodafone Found Hidden Backdoors in Huawei Equipment

Vodafone has admitted to Bloomberg that it discovered backdoors in software for Huawei products used by the carrier to provide various services to customers in Italy. The backdoors were discovered between 2009 and 2011 and remained in place for years. As a result, Huawei could have obtained unauthorized access to

Read More
01 May 2019

DHS Orders Agencies to Patch Critical Flaws Within 15 Days

US government agencies need to patch critical security flaws within 15 days and high-severity vulnerabilities within 30 days under BOD 19-02, a new Binding Operational Directive issued by the Department of Homeland Security (DHS). The period for fixing critical issues was cut in half, because the previous directive (BOD 15-01)

Read More
26 Apr 2019

Hacker Finds He Can Remotely Kill Car Engines After Breaking Into GPS Tracking Apps

Default passwords are a security hazard in general, and when they affect applications used by firms to keep track of vehicles and perform remote actions like starting or shutting off engines, they can even put people’s lives at risk. A hacker using the moniker L&M claims that this applies to

Read More
26 Apr 2019

Security Vulns in Microsoft Products Continue to Increase

The number of new security vulnerabilities affecting Microsoft products increased last year compared to 2017, and has more than doubled since 2013, a new BeyondTrust report shows. While the number of critical vulnerabilities declined based on the number for 2017, critical flaws have generally increased by 30% over the last

Read More
23 Apr 2019

Attackers are weaponizing more vulnerabilities than ever before

Threat actors are stepping up their efforts to weaponize vulnerabilities affecting Adobe products, new data by RiskSense shows. In 2018, a record-breaking 177 flaws were weaponized, which is 139% higher than in 2017. The study also found that last year almost three times more vulnerabilities were exploited in the wild before

Read More
22 Apr 2019

Hacker Breaks Into French Government’s New Secure Messaging App

Last week, an independent security researcher managed to get access to a brand new encrypted messaging application used by French government officials. The application is available for download on the Google Play Store, but normally only people with an official government email address can use it. Despite reports claiming that

Read More
17 Apr 2019

Almost a Quarter of Orgs Don’t Run Security Checks on Products

New research by Outpost 24 exposes serious shortcomings in application security practices. Almost one-fourth (23%) of organizations do not test the security of applications before launching them. Moreover, 31% of firms have tried to gain a competitive advantage by launching one or more applications despite being aware that the product(s)

Read More
16 Apr 2019

Bad security hygiene still a major risk for enterprise IT networks

A new report[pdf] by Ixia analyses the 2018 cyber threat landscape. According to the report the 5 main security issues last year were: Most product vulnerabilities were the result of software design flaws including well-documented and easily avoidable issues like SQL injection and cross-site scripting vulnerabilities The human factor is

Read More
16 Apr 2019

Kaspersky: 70 percent of attacks now target Office vulnerabilities

New Kaspersky Lab research shows that threat actors are increasingly trying to take advantage of security flaws in Microsoft Office products. In the last quarter of 2018, attackers went after Office flaws in a whopping 70% of attacks detected by Kaspersky. In Q4 of 2016 this number was still only

Read More