January 7, 2015 Intel, Two Others Patch Firmware Vulnerability 2 min read - Intel and two other vendors have reportedly patched a firmware vulnerability that can affect some Unified Extensible Firmware Interface (UEFI) systems.
Application Security December 26, 2014 The Responsible Disclosure Policy: Safeguard or Cybercriminal Siren Song? 3 min read - Having a responsible disclosure policy is the best way to communicate software vulnerabilities to the public. However, is this doing more harm than good?
CISO December 23, 2014 Failure to Plan Is a Plan for Failure When It Comes to Security 3 min read - With major security events happening in 2014, including Heartbleed and Sony's hack, what can companies do to plan ahead and protect themselves from hacks.
December 16, 2014 More Than 100,000 WordPress Websites Infected With SoakSoak Malware 2 min read - More than 100,000 WordPress-hosted websites appear to be infected with malware that redirects users to the SoakSoak.ru malicious website.
Incident Response December 12, 2014 Making Your Business Cyber Resilient 3 min read - With cyber attacks on the rise, what can businesses do to protect their crown jewels or assets from being breached?
December 10, 2014 Major Websites Remain Vulnerable to POODLE Attack 3 min read - Many major websites are still vulnerable to the POODLE attack, which now works against certain Transport Layer Security (TLS) implementations.
December 9, 2014 Security Researchers: Google App Engine May Contain More Than 30 Vulnerabilities 2 min read - Holes in Google App Engine could allow third parties to access or steal information from the company's cloud-based service for hosting Web apps.
Software Vulnerabilities December 8, 2014 CVE-2014-0195: Adventures in OpenSSL’s DTLS Fragmented Land 7 min read - Here is a look at the remote code execution bug in OpenSSL's DTLS, how it works and the different ways cybercriminals might leverage it for exploitation.
Application Security December 4, 2014 SpoofedMe Social Login Attack Discovered by IBM X-Force Researchers 7 min read - IBM X-Force has found a social login attack that lets attackers intrude in many websites' local accounts and has alerted those affected by it.
November 18, 2014 Latest Shellshock Attack Uses Bashlite to Target Devices Running BusyBox 2 min read - The Shellshock vulnerability has spawned a new wave of attacks using Bashlite, a malware variant aimed at devices using BusyBox open-source software.