MITRE’s 2019 CWE Top 25 most dangerous software errors list released
Two days ago, the Cybersecurity and Infrastructure Security Agency (CISA) announced MITRE’s 2019 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Errors list....
A new Stuxnet-level vulnerability named Simjacker used to secretly spy over mobile phones in...
Updated: On September 27, a few researchers from the Security Research Labs (SRLabs) released five key research findings based on the extent of Simjacker...
Endpoint protection, hardening, and containment strategies for ransomware attack protection: CISA recommended FireEye report...
Last week, the Cybersecurity and Infrastructure Security Agency (CISA) shared some strategies with users and organizations to prevent, mitigate, and recover against ransomware. They...
Security researcher publicly releases second Steam zero-day after being banned from Valve’s bug bounty...
Updated with Valve’s response: Valve, in a statement on August 22, said that its HackerOne bug bounty program, should not have turned away Kravets...
Vulnerabilities in the Picture Transfer Protocol (PTP) allows researchers to inject ransomware in Canon’s...
At the DefCon 27, Eyal Itkin, a vulnerability researcher at Check Point Software Technologies, demonstrated how vulnerabilities in the Picture Transfer Protocol (PTP) allowed...
“Developers need to say no” – Elliot Alderson on the FaceApp controversy in a...
Last month there was a huge furore around FaceApp, the mobile application that ages your photographs to show you what you might look like...
What is a Magecart attack, and how can you protect your business?
Recently, British Airways was slapped with a $230M fine after attackers stole data from hundreds of thousands of its customers in a massive breach....
Following Capital One data breach, GitHub gets sued and AWS security questioned by a...
Last week, Capital One revealed it was subject to a major data breach due to a configuration vulnerability in its firewall to access its...
Google Project Zero reveals six “interactionless” bugs that can affect iOS via Apple’s iMessage
Yesterday, two members of the Google Project Zero team revealed about six “interactionless” security bugs that can affect iOS by exploiting the iMessage Client....
Ex-Amazon employee hacks Capital One’s firewall to access its Amazon S3 database; 100m US...
Update: On 28th August, an indictment was filed in a US federal district court, which mentioned Thompson allegedly hacked and stole information from an...