How threat actors are using SMB vulnerabilities
SMB vulnerabilities have been so successful for criminals that they’ve been used in some of the most devastating ransomware and Trojan attacks of the last two years. Learn how they work and how your organization can protect against them.
A week in security (October 1 – 7)
A roundup of the security news from October 1–7 including National Cybersecurity Awareness Month, LoJack, fileless malware, and BYOS.
Millions of accounts affected in latest Facebook hack
Facebook announced earlier today that its social network had been breached, resulting in 40 million accounts that were directly impacted. Learn more as the Facebook breach story develops.
Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT
A threat actor implements a newer vulnerability exploited in Internet Explorer to serve up the Quasar RAT and diversify the portfolio of attacks.
Simple Authentication and Security Layer (SASL) vulnerabilities
The Simple Authentication and Security Layer (SASL) is an essential element of online authentication. But are you aware of all the known vulnerabilities? And, more importantly, have you patched them?
A week in security (August 20 – August 26)
A roundup of the security news from August 20 – 26, including a look at insider threats, several breaches, and what tech giants Google and Facebook are doing about their privacy issues.
8 everyday technologies that can make you vulnerable to cyberattacks
The security vulnerabilities of the latest developments in tech have been well documented. But what about everyday technologies that have been around for a while or are widely adopted? Here are eight commonly-used tech conveniences that are not as ironclad as you might hope.
5 ways to find and fix open source vulnerabilities
A recent discovery of surreptitious execution of cryptomining code by a sandboxed app, riding piggyback on the open source software (OSS) ecosystem, raises pertinent questions about open source vulnerabilities. Here are five ways developers can find and fix vulnerabilities and their dependencies.
Why bad coding habits die hard—and 7 ways to kill them
When it comes to poorly-written code, we’re quick to point a finger at programmers, forgetting that they are beholden to the constraints of companies looking to push out tech product quickly. Thankfully, management can address bad coding habits with these seven ways to support, train, and motivate their staff.
Meltdown and Spectre fallout: patching problems persist
In the days since Meltdown and Spectre have been made public, we’ve tracked which elements of the design flaw, known as speculative execution, are vulnerable and how different vendors are handling the patching process.