Pierluigi Paganini
December 14, 2018
This week, the WordPress development team released on Thursday the version 5.0.1 of the popular CMS, that addresses several flaws. The Researcher Tim Coen discovered several cross-site scripting (XSS) vulnerabilities in the CMS. One of the flaws is caused by the ability of contributors to edit new comments from users with higher privileges. Coen also discovered that it […]
Pierluigi Paganini
December 11, 2018
Google announced it will close the consumer version of Google+ before than originally planned due to the discovery of a new security flaw. Google will close the consumer version of Google+ in April, four months earlier than planned. According to G Suite product management vice president David Thacker. the company will maintain only a version designed […]
Pierluigi Paganini
December 04, 2018
Society’s dependence on internet-based technologies means security professionals must defend against cyberattacks as well as more traditional threats, such as robbers or disgruntled employees. However, cybercriminals target some industries at disproportionally high rates. Here are four of them: 1. Health Care Since health care professionals deal with life-or-death situations, cyberattacks could hinder both productivity and […]
Pierluigi Paganini
December 02, 2018
Cisco has released security updates to address a vulnerability in the web framework code of Cisco Prime License Manager that could be exploited by an attacker to execute arbitrary SQL queries. Cisco has fixed a vulnerability in Cisco Prime License Manager that could be exploited by a remote unauthenticated attacker to execute arbitrary SQL queries. The flaw is caused by the […]
Pierluigi Paganini
December 01, 2018
The MITRE Corporation’s ATT&CK framework has been used to evaluate the efficiency of several enterprise security products designed by several vendors. In April, MITRE announced a new service based on its ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) framework to evaluate products based on their ability in detecting advanced persistent threats. The MITRE ATT&CK evaluation service evaluates endpoint detection and response […]
Pierluigi Paganini
November 28, 2018
Cisco has released a new round of security patches to address potentially serious WebExec Webex flaw first addressed one month ago. One month ago, Cisco addressed the CVE-2018-15442 vulnerability, also tracked as WebExec by Counter Hack researchers Ron Bowes and Jeff McJunkin who discovered it. The flaw affects Cisco Webex Meetings Desktop and has been rated as a […]
Pierluigi Paganini
November 26, 2018
The way in which you respond to a data breach has a significant impact on how severe its consequences are. Reporting an event is one action that can help. The number of data breaches that were tracked in the U.S. in 2017 totaled 1,579, a nearly 44.7 percent increase from the previous year. Data breaches, […]
Pierluigi Paganini
November 21, 2018
Security experts have found several vulnerabilities affecting Dell EMC Avamar and Integrated Data Protection Appliance products. They also warn that VMware’s vSphere Data Protection, which is based on Avamar, is also affected by the issues. Dell EMC released security updates for Dell EMC Avamar Client Manager in Dell EMC Avamar Server and Dell EMC Integrated Data […]
Pierluigi Paganini
November 17, 2018
The Japanese government’s cybersecurity strategy chief Yoshitaka Sakurada is in the middle of a heated debate due to his admission about his cyber capability. Yoshitaka Sakurada admitting he has never used a computer in his professional life, despite the Japanese Government, assigned to the politician the responsibility for cybersecurity of the 2020 Tokyo Olympics. Sakurada was only […]
Pierluigi Paganini
November 15, 2018
The U.S. House of Representatives passed the CISA bill that creates a new cybersecurity agency at the Department of Homeland Security (DHS). The U.S. House of Representatives passed the CISA bill that creates a new cybersecurity agency at the Department of Homeland Security (DHS). In October, the Senate passed the Cybersecurity and Infrastructure Security Agency (CISA) […]
