The Gandcrab ransomware has been a moving target. Since it was discovered in January, it quickly became one of the most widely distributed file-encrypting malware programs. Researchers with Cisco say they've now found it seeded within legitimate websites, making its spread tougher to stop.
Security alert: Microsoft has issued updates to fix 67 unique flaws in its products. One vulnerability in Windows VBScript engine is already being actively exploited in the wild via malicious Word documents and could also be employed for attacks via websites and malvertising, Microsoft warns.
Equifax says it continues to field queries from U.S. lawmakers about the full extent of its massive 2017 data breach, which occurred after an attacker exploited its unpatched Apache Struts web application. Research finds that many more organizations are using unpatched Struts applications.
One measure of why it's so difficult for organizations to keep their software patched and better secured: Of the nearly 20,000 unique vulnerabilities in 2,000 products cataloged last year, only half involved Microsoft, Adobe, Java, Chrome or Firefox software, says Flexera's Alejandro Lavie.
The annual Vulnerability Review analyzes the evolution of software security from a vulnerability perspective. Secunia Research at Flexera monitors thousands of applications, appliances and operating systems to test and verify vulnerabilities, while mapping the security threats to IT infrastructures.
Download this...
The annual Vulnerability Review analyzes the evolution of software security from a vulnerability perspective. Secunia Research at Flexera monitors more than 55,000 applications, appliances and operating systems, and test and verify the vulnerabilities to provide global data on the prevalence of vulnerabilities, while...
A medical practice's misconfigured database server that allegedly exposed information about thousands of patients plus staff serves as another reminder about the importance of safeguarding sensitive data from exposure on the internet.
Multinational semiconductor maker Advanced Micro Devices has confirmed that there are 13 flaws in some of its chipsets that could be exploited to manipulate chip firmware for malicious purposes. AMD plans to provide fixes in the form of firmware updates that it claims should not affect system performance.
More than 95,000 servers that run the open source Memcached utiltity appear to remain vulnerable to being abused to launch massive DDoS attacks, with one such attack reaching a record 1.7 terabits per second. Here's how organizations and IT administrators must respond.
Open source and third-party components help developers build and deploy applications faster. But with increased speed comes greater risk that could lead to fraud. Vulnerabilities in components are a hidden cost of free software. And their widespread use creates opportunities for attackers looking to exploit the most...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.