Posts

Inmarsat Disputes IOActive Reports of Critical Flaws in Ship SATCOM

Satellite communications provider says security firm’s narrative about vulnerabilities in its AmosConnect 8 shipboard email service is overblown.
Source: Vulnerabilitys & Threats

Why Patching Software Is Hard: Organizational Challenges

The Equifax breach shows how large companies can stumble when it comes to patching. Organizational problems can prevent best practices from being enforced.
Source: Vulnerabilitys & Threats

Why Patching Software Is Hard: Technical Challenges

Huge companies like Equifax can stumble over basic technical issues. Here’s why.
Source: Vulnerabilitys & Threats

The Week in Crypto: Bad News for SSH, WPA2, RSA & Privacy

KRACK, ROCO, exposed SSH keys and the European Commission’s loosey-goosey stance on backdoors have made it a rough week for cryptography. Here’s your wrap-up on the best of the worst.
Source: Vulnerabilitys & Threats

Oracle Fixes 20 Remotely Exploitable Java SE Vulns

Quarterly update for October is the smallest of the year: only 252 flaws to fix! Oracle advises to apply patches ‘without delay.’
Source: Vulnerabilitys & Threats

Reuters: Microsoft's 2013 Breach Hit Bug Repository, Insiders Say

Five anonymous former Microsoft employees tell Reuters that Microsoft’s database of internally discovered vulnerabilities was compromised in 2013, but Microsoft will not confirm it occurred.
Source: Vulnerabilitys & Threats

Private, Public, or Hybrid? Finding the Right Fit in a Bug Bounty Program

How can a bug bounty not be a bug bounty? There are several reasons. Here’s why you need to understand the differences.
Source: Vulnerabilitys & Threats

The State of Ransomware

Ransomware has become one of the most prevalent new cybersecurity threats faced by today’s enterprises. This new report from Dark Reading includes feedback from IT and IT security professionals about their organization’s ransomware experiences, defense plans, and malware challenges. Find out what they had to say!
Source: Vulnerabilitys & Threats

Security's #1 Problem: Economic Incentives

The industry rewards cutting corners rather than making software safe. Case in point: the Equifax breach.
Source: Vulnerabilitys & Threats

SecureAuth to Merge with Core Security

K1 Investment Management, which owns Core Security, plans to acquire the identity management and authentication company for more than $200 million.
Source: Vulnerabilitys & Threats