Vulns & Alerts
April 30, 2015 Added by:Eduard Kovacs
Researchers at High-Tech Bridge have identified several vulnerabilities in TheCartPress, an eCommerce plugin installed on more than 5,000 WordPress websites.
April 16, 2015 Added by:Eduard Kovacs
With less than three weeks to go until Suits and Spooks London 2015 kicks off, the agenda is nearly finalized. Our first 2-day international event will host experts in cyber warfare, intelligence, advanced persistent threats, sophisticated malware, and political issues.
April 14, 2015 Added by:Joe Weiss
There is a tendency by many in the cyber security community to only care about malicious cyber attacks as opposed to unintentional cyber incidents.
April 10, 2015 Added by:Paul Lipman
While SMBs are vulnerable to many of the same types of attacks as the companies making headlines (Target, JP Morgan, Home Depot, Anthem, etc.), they must defend themselves with vastly smaller IT teams and budgets. SMBs are finding they have a unique set of challenges and vulnerabilities that require a comprehensive but tailored approach to security.
April 09, 2015 Added by:Peter Zavlaris
The current problem, however, is that while IT has scaled and made tremendous advancements over the last decade, security continues to lag behind.
April 09, 2015 Added by:Joe Weiss
Cyber security is now a very hot subject. However, the discussions are about IT cyber security and data breaches not control system cyber security and equipment damage.
April 02, 2015 Added by:Joe Weiss
There is a need to use the knowledge from previous control system cyber incidents when developing cyber forensics and monitoring technologies, cyber security technologies, training, and to adjust requirements such as the NERC CIPs, Regulatory Guide 5.71/NEI-0809, and CFATS to address what has actually been happening.
April 01, 2015 Added by:Malwarebytes
WordPress, the leading Content Management System, is one of cyber criminals’ favourite target when it comes to hacking websites.
March 31, 2015 Added by:Tripwire Inc
To anticipate where and how an attacker might strike next, security professionals are realizing the importance of being able to understand the mind of the attacker and what they value in a target.
The Government Says It Has a Policy on Disclosing Zero-Days, But Where Are the Documents to Prove It?
March 30, 2015 Added by:Electronic Frontier Foundation
Despite the White House’s claim that it had “reinvigorated” its policies in spring 2014 and “established a disciplined, rigorous and high-level decision-making process for vulnerability disclosure,” none of the documents released in response to our lawsuit appear to be newer than 2010.
March 23, 2015 Added by:Peter Zavlaris
Premera Blue Cross is the latest victim of what appears to be a long-term APT perpetrated by China. Between CHS, Anthem and now Premera Blue Cross, it’s now safe to say health insurance is firmly in the cross hairs of powerful nation state actors.
March 18, 2015 Added by:Eduard Kovacs
The threat actor group known as Crouching Yeti, Energetic Bear and Dragonfly continues to target organizations across the world. However, experts believe the group has switched targets and infrastructure.
March 18, 2015 Added by:Tripwire Inc
A key aspect of President Obama’s information sharing acts have been designed to encourage threat sharing to help protect the organizations and networks involved in critical infrastructure. However, while there are many advancements that still need to be made, there are strengths these networks have that can give defenders a strong footing.
March 17, 2015 Added by:Dan Dieterle
When I was working on my Pulling Remote Word Documents from RAM using Kali Linux article, I was curious if you could use the same technique to pull the system passwords, and you can…
March 17, 2015 Added by:Joe Weiss
There is still a significant gap in understanding of industrial control system (ICS) cyber security by many in the insurance industry.
March 13, 2015 Added by:Nimrod Luria
Eliminating defacement attacks on a WordPress site is extremely difficult because of the vulnerable nature of the platform. Administrators should continuously check for the appearance of unknown files and directories and monitor them for changes.
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015