SecurityWeek

Siemplify Raises $30 Million in Series C Funding

Security Week - 1 hour 3 min ago

Siemplify, a New York, NY-based provider of security orchestration, automation and response (SOAR) tools, today announced that it has secured $30 million in a Series C funding round led by Georgian Partners.

read more

Categories: SecurityWeek

Linux Kernel Privilege Escalation Vulnerability Found in RDS Over TCP

Security Week - 3 hours 48 min ago

A memory corruption vulnerability recently found in Linux Kernel’s implementation of RDS over TCP could lead to privilege escalation. 

Tracked as CVE-2019-11815 and featuring a CVSS base score of 8.1, the flaw impacts Linux kernels prior to 5.0.8, but only systems that use the Reliable Datagram Sockets (RDS) for the TCP module.

read more

Categories: SecurityWeek

Faulty Database Script Exposed Salesforce Data to Wrong Users

Security Week - 4 hours 51 min ago

Salesforce Shuts Down Instances After Database Script Erroneously Enabled All Permissions on User Profiles

read more

Categories: SecurityWeek

TeamViewer Confirms It Was Hacked in 2016

Security Week - 7 hours 39 min ago

Remote control and support solutions provider TeamViewer has confirmed that hackers likely operating out of China breached its systems back in 2016, but the company decided not to disclose the incident at the time as it found no evidence that it affected customers.

read more

Categories: SecurityWeek

How to Evaluate Threat Intelligence Vendors That Cover the Deep & Dark Web

Security Week - 8 hours 21 min ago

Deep & dark web (DDW) communities have long been must-have data sources for threat intelligence programs, but only recently has the market caught up with this need.

read more

Categories: SecurityWeek

User Data Exposed in Stack Overflow Hack

Security Week - 14 hours 57 min ago

Hackers had access to Stack Overflow systems for nearly one week before the attack was detected and some user data was exposed after all, the company has admitted.

read more

Categories: SecurityWeek

Hacktivist Attacks Declined 95 Percent Since 2015: IBM

Security Week - Fri, 05/17/2019 - 11:46am

The number of hacktivist attacks that resulted in quantifiable damage to the victim has declined by 95 percent since 2015, according to IBM.

read more

Categories: SecurityWeek

Slack Flaw Allows Hackers to Steal, Manipulate Downloads

Security Week - Fri, 05/17/2019 - 10:47am

A recently patched vulnerability in the Slack desktop application for Windows can be exploited by malicious actors to steal and manipulate a targeted user’s downloaded files.

read more

Categories: SecurityWeek

Tenable Updates Free Vulnerability Assessment Solution

Security Week - Fri, 05/17/2019 - 9:29am

Tenable this week announced Nessus Essentials, an expanded version of its free vulnerability assessment solution previously known as Nessus Home. 

read more

Categories: SecurityWeek

Wormable Windows RDS Vulnerability Poses Serious Risk to ICS

Security Week - Fri, 05/17/2019 - 8:34am

A critical remote code execution vulnerability patched recently by Microsoft in Windows Remote Desktop Services (RDS) poses a serious risk to industrial environments, experts have warned.

read more

Categories: SecurityWeek

Stack Overflow Discloses Security Breach

Security Week - Fri, 05/17/2019 - 1:47am

Stack Overflow, the popular Q&A platform for programmers, revealed on Thursday that someone gained access to its production systems over the weekend.

read more

Categories: SecurityWeek

How to Securely Blend Your IoT Data with Business Data

Security Week - Thu, 05/16/2019 - 1:21pm

Opportunities Created by the Integration of IoT Data With the Rest of Your Business Environment Are Vast

read more

Categories: SecurityWeek

Authorities Takedown GozNym Cybercrime Group That Stole an Estimated $100 Million

Security Week - Thu, 05/16/2019 - 12:41pm

Authorities in the United States and Europe on Thursday announced the takedown of an organized cybercrime network that used the GozNym malware to steal an estimated $100 million from victims. 

read more

Categories: SecurityWeek

Cisco Patches Critical Vulnerabilities in Prime Infrastructure (PI) Software

Security Week - Thu, 05/16/2019 - 12:13pm

Cisco has released patches for numerous vulnerabilities affecting its products, including Critical flaws in the Cisco Prime Infrastructure (PI) Software that could allow remote code execution.

A total of three vulnerabilities were identified in the PI software, namely CVE-2019-1821, CVE-2019-1822, and CVE-2019-1823, featuring a CVSS score of 9.8.

read more

Categories: SecurityWeek

Group Seeks Investigation of Deep Packet Inspection Use by ISPs

Security Week - Thu, 05/16/2019 - 11:46am

European Digital Rights Organization Seeks Investigation Into Internet Service Providers' Use of Deep Packet Inspection (DPI)

read more

Categories: SecurityWeek

Dutch Probe China's Huawei for Possible Spying: Report

Security Week - Thu, 05/16/2019 - 10:15am

Dutch intelligence services are investigating Huawei for possibly spying for the Chinese government by leaving a "back door" to data of customers of major telecoms firms, a report said Thursday.

read more

Categories: SecurityWeek

Business Email Compromise Still Reigns

Security Week - Thu, 05/16/2019 - 10:06am

Last month, the Federal Bureau of Investigation released its 2018 Internet Crime Complaints Center (IC3). The annual report provides readers a glimpse into the types of cybercrimes being reported to the FBI and the trending threats the Bureau has responded to in the last year.

read more

Categories: SecurityWeek

Google Starts Tracking Zero-Days Exploited in the Wild

Security Week - Thu, 05/16/2019 - 8:44am

Google Project Zero has started tracking zero-day vulnerabilities exploited in attacks before the impacted vendor released patches.

read more

Categories: SecurityWeek

Pages