26 Mar 2019

Medtronic cardiac implants can be hacked, FDA issues alert

In response to the discovery of two serious security vulnerabilities in a range of implantable heart defibrillators and home monitoring systems produced by Medtronic, the US Food and Drug Administration (FDA) last week issued a special alert. The flaws could not only enable threat actors to capture sensitive data from

Read More
13 Mar 2019

Microsoft Patch Tuesday: 64 Vulnerabilities Patched, 2 Under Attack

As part of Patch Tuesday, Microsoft has released mitigations for 64 security vulnerabilities affecting various products including Microsoft Windows, Microsoft Office, Internet Explorer, Edge and Exchange Server. The patches covered 17 critical flaws and 45 important ones. Two of  the vulnerabilities have been actively exploited in the wild. One of

Read More
13 Mar 2019

25% of software vulnerabilities remain unpatched for more than a year

While it may seem logical that larger organizations are better at handling patch management than small firms with limiter resources, new research by Kenna Security and the Cyentia Institute shows that the opposite is true. The report also highlights the poor state of patch management in general. On average, organizations

Read More
13 Mar 2019

Web Apps Are Becoming Less Secure

New research by Positive Technologies shows that security vulnerabilities in Web applications are becoming increasingly common. In 2018, the company found three times more critical flaws in Web apps than it did in 2017, with the average application containing 33 flaws, including six critical vulnerabilities. In 2017, the average app

Read More
12 Mar 2019

Vulnerabilities in industrial Ethernet switches allow for credential theft, denial-of-service attacks

Researchers with Positive Technologies have uncovered serious security vulnerabilities in industrial Ethernet switches manufactured by Moxa. The flaws can enable threat actors to take control of switches through brute-force attacks, or to take switches down by launching denial-of-service attacks. Attacks on the switches can have major consequences since they are

Read More
11 Mar 2019

Smart Car Alarms Ironically Expose Millions of Vehicles to Remote Hijacking

Security researchers with Pen Test Partners have uncovered critical vulnerabilities in popular car alarm systems developed by Pandora and Viper. Not only can the flaws enable threat actors to obtain sensitive data about the owner and location of vehicles running the alarm system software, but they may also allow attackers

Read More
05 Mar 2019

WordPress accounted for 90 percent of all hacked CMS sites in 2018

A new study by Sucuri highlights the security shortcomings of e-commerce and other websites. According to the report, the vast majority of e-commerce websites using PrestaShop, OpenCart, Joomla or Magento that were hacked in 2018, were vulnerable to attacks because they ran outdated versions of these popular content management systems

Read More
04 Mar 2019

Data leaks, default passwords exposed in visitor management systems

Security researchers with IBM have found a series of significant vulnerabilities affecting popular visitor management systems that companies use to automate basic security and access control tasks that used to be carried out by receptionists and security guards. A total of 19 flaws were found in visitor management systems produced

Read More
28 Feb 2019

More Than 22,000 Vulns Were Disclosed in 2018, 27% Without Fixes

New research by Risk Based Security (RBS) indicates that in 2018, over 22,020 software security vulnerabilities were discovered. The number is not yet final however, as not all flaws discovered in 2018 have been reported yet. The final number for last year is likely to be higher than that for

Read More
26 Feb 2019

Smart Homes at Risk Due to Unpatched Vulnerabilities, Weak Credentials

New research by Avast shows that 40.8% of smart homes can be remotely attacked because of the presence of at least one vulnerable device. Of the vulnerable devices, two-thirds (69.2%) have weak security credentials, while the rest are running unpatched software. The study found that routers, which are the most

Read More