The latest version of Google OS, Android Pie, implements significant enhancements for cybersecurity, including a stronger encryption and authentication. Google experts worked on OS hardening and the implementation of anti-exploitation mechanisms with a great attention to the user privacy. The tech giant updated the File-Based Encryption implementing the support for external storage media, it also […]
France’s data protection agency had fined the ride-sharing company Uber with 400,000 euros ($455,000) over a 2016 data breach. The data breach suffered by Uber in 2016 exposed the personal data of some 57 million clients and drivers worldwide. In November 2017, the Uber CEO Dara Khosrowshahi announced that hackers broke into the company database and […]
Cisco Adaptive Security Appliance (ASA) Software is affected by a vulnerability that could be exploited by an attacker to retrieve files or replace software images on a device. A privilege escalation vulnerability tracked as CVE-2018-15465 affects the Cisco Adaptive Security Appliance (ASA) software. The flaw could be exploited by an unauthenticated, remote attacker to perform […]
Researchers at Applied Risk discovered serious flaws in some PLC gateways manufactured by industrial tech company ABB. Security experts at Applied Risk are affected by potentially serious flaws and the bad news is that the vendor will not release firmware updates because the impacted products have reached the end of life. The security firm published a security advisory that […]
U.S. Ballistic Missile Defense Systems Fail Cybersecurity Audit US DoD Inspector General’s report revealed United States’ ballistic missile defense systems (BMDS) fail to implements cyber security requirements. The U.S. Department of Defense Inspector General published a report this week that revealed that lack of adequate cybersecurity for the protection of the United States’ ballistic missile defense systems […]
This week, the WordPress development team released on Thursday the version 5.0.1 of the popular CMS, that addresses several flaws. The Researcher Tim Coen discovered several cross-site scripting (XSS) vulnerabilities in the CMS. One of the flaws is caused by the ability of contributors to edit new comments from users with higher privileges. Coen also discovered that it […]
Google announced it will close the consumer version of Google+ before than originally planned due to the discovery of a new security flaw. Google will close the consumer version of Google+ in April, four months earlier than planned. According to G Suite product management vice president David Thacker. the company will maintain only a version designed […]
Society’s dependence on internet-based technologies means security professionals must defend against cyberattacks as well as more traditional threats, such as robbers or disgruntled employees. However, cybercriminals target some industries at disproportionally high rates. Here are four of them: 1. Health Care Since health care professionals deal with life-or-death situations, cyberattacks could hinder both productivity and […]
Cisco has released security updates to address a vulnerability in the web framework code of Cisco Prime License Manager that could be exploited by an attacker to execute arbitrary SQL queries. Cisco has fixed a vulnerability in Cisco Prime License Manager that could be exploited by a remote unauthenticated attacker to execute arbitrary SQL queries. The flaw is caused by the […]
The MITRE Corporation’s ATT&CK framework has been used to evaluate the efficiency of several enterprise security products designed by several vendors. In April, MITRE announced a new service based on its ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) framework to evaluate products based on their ability in detecting advanced persistent threats. The MITRE ATT&CK evaluation service evaluates endpoint detection and response […]