Managed security services or security operations, cloud security, GRC is one of the fastest growing solutions in the world. The only place I can say more risk = more gain would be in the entrepreneurship spaceâŠbecause in the enterprise cyber security kingdom, it is just the opposite! So let me explain⊠Before I start, stating […]
The popular travel search website Skyscanner is going to launch a bug bounty program, the company will pay up to $2,000 per vulnerability. The travel search website Skyscanner announced a public bug bounty program that will pay up to $2,000 per vulnerability. Skyscanner has been running a private bug bounty program that according to the […]
According to the ENISA Threat Landscape Report 2018, 2018 has brought significant changes in the techniques, tactics, and procedures associated with cybercrime organizations and nation-state actors. I’m proud to present you the ENISA Threat Landscape Report 2018, the annual report published by the ENISA ETL group that provides insights on the evolution of the cyber […]
The US Justice Department charges the Chinese telecommunications giant Huawei in technology theft and violation of sanctions. The US Justice Department charges the Chinese telecommunications giant Huawei in two cases, including the one that led the arrest of a top executive in Canada on a US warrant. According to the US DoJ, the charges are […]
Experts from Alias Robotics released a free, open-source tool dubbed Aztarna that could be used to find vulnerable robots. A group of experts working a startup focused on robot cybersecurity has released a free, open-source framework dubbed Aztarna that could be used find vulnerable robots that could have been exposed online or inside an industrial […]
Cisco released security updates for several products, including SD-WAN, Webex, Firepower, IoT Field Network Director, Identity Services Engine, and Small Business routers. Cisco released security updates to address security flaws in several products including SD-WAN, Webex, Firepower, IoT Field Network Director, Identity Services Engine, and Small Business routers. One of the flaws tracked as CVE-2019-1651 has […]
DHS has issued a notice of a CISA emergency directive urging federal agencies of improving the security of government-managed domains (i.e. .gov) to prevent DNS hijacking attacks. The notice was issued by the DHS and links the emergency directive Emergency Directive 19-01 titled âMitigate DNS Infrastructure Tampering.â “In coordination with government and industry partners, the […]
Researchers from 0patch, a community of experts that aims at addressing software flaws, released unofficial patches for three Windows vulnerabilities that Microsoft has yet to be fixed. The list of vulnerabilities addressed by 0patch include a denial-of-service (DoS) bug, a file read issue, and a code execution flaw. “While we’re busy ironing out the wrinkles before […]
Adobe released security updates to address multiple XSS vulnerabilities in the Experience Manager and Experience Manager Forms that can lead to information disclosure. Adobe released security updates for the Experience Manager and Experience Manager Forms to address flaws that can lead to information disclosure. The Experience Manager is affected by a stored cross-site scripting (XSS)Â issue […]
The electronics firm Omron released a security update to address flaws in its CX-Supervisor product that can be exploited DoS attacks and remote code execution. CX-Supervisor allows to rapidly create human-machine interfaces (HMIs) for supervisory control and data acquisition (SCADA) systems thanks to the availability of a large number of predefined functions and libraries. The software […]