Security Wire Daily News

Multiple Intel firmware vulnerabilities in Management Engine

Security Wire Daily News - Tue, 11/21/2017 - 4:42pm
Security researchers tested the controversial Intel Management Engine and other products, finding multiple Intel firmware vulnerabilities.

DoD exposed data stored in massive AWS buckets

Security Wire Daily News - Mon, 11/20/2017 - 4:08pm
A security researcher at UpGuard found exposed data in Amazon Web Services cloud storage buckets and once again the data belongs to the Department of Defense.

Google bug bounty pays $100,000 for Chrome OS exploit

Security Wire Daily News - Fri, 11/17/2017 - 5:05pm
An anonymous security researcher has once again earned the top Google bug bounty prize in the Chrome Reward Program for Chrome OS exploit chain.

Researchers bypass iPhone X security feature Face ID

Security Wire Daily News - Fri, 11/17/2017 - 12:03pm
News roundup: In under a week after its release, researchers were able to bypass the main iPhone X security feature, Face ID. Plus, Microsoft patched a 17-year-old flaw, and more.

Kaspersky sheds more light on Equation Group malware detection

Security Wire Daily News - Thu, 11/16/2017 - 4:26pm
A lengthy Kaspersky report offers more insight into how the antivirus company discovered Equation Group malware and came to possess classified U.S. government data.

Federal vulnerability review under new VEP still has questions

Security Wire Daily News - Thu, 11/16/2017 - 4:22pm
Experts are still unsure about the Vulnerabilities Equities Process, but admit the new VEP Charter could be a good step towards making federal vulnerability review better.

New VEP Charter promises vulnerability transparency

Security Wire Daily News - Wed, 11/15/2017 - 3:55pm
The White House wants a more open Vulnerabilities Equities Process and has unveiled a new VEP Charter in order to promote transparency in bug reviews.

Light workload awaits admins on November Patch Tuesday

Security Wire Daily News - Tue, 11/14/2017 - 7:39pm
Microsoft said there were no critical vulnerabilities for Windows Server this month, but it issued patches for exploits that could be more damaging in the long run.

AVGater abuses antivirus software for local system takeover

Security Wire Daily News - Tue, 11/14/2017 - 4:44pm
A new proof of concept exploit, called AVGater, has found a way to abuse antivirus quarantines to attack systems and gain full control.

Following Equifax breach, CEO doesn't know if data is encrypted

Security Wire Daily News - Fri, 11/10/2017 - 12:59pm
News roundup: Following the massive Equifax breach, the CEO said he doesn't know if customer data is encrypted or not. Plus, flaws were found in IEEE's P1735 standard, and more.

FBI hacking may have crossed international borders

Security Wire Daily News - Thu, 11/09/2017 - 3:54pm
New court documents indicate an FBI hacking operation may have crossed international borders and infected systems in Russia, China and Iran.

Android KRACK flaw patched in latest security update

Security Wire Daily News - Wed, 11/08/2017 - 2:30pm
The latest security release from Google patched the Android KRACK vulnerability affecting WiFi's WPA2 protocol, but update confusion leaves users unsure if they are safe or not.

Fake WhatsApp app downloaded 1 million times

Security Wire Daily News - Tue, 11/07/2017 - 11:15am
A fake WhatsApp app bypassed Google's Play Store checks and was downloaded 1 million times, but one expert said Google's store is still the safest place to get apps.

Researchers hack iOS 11 at Mobile Pwn2Own 2017

Security Wire Daily News - Fri, 11/03/2017 - 4:12pm
Security researchers competing at Mobile Pwn2Own 2017 used multiple vulnerabilities to hack iOS 11 in order to execute code and win prizes.

Certificate authority business undergoes major changes

Security Wire Daily News - Fri, 11/03/2017 - 12:38pm
News roundup: Comodo and Symantec sales signal important changes in the certificate authority business. Plus, an Oracle vulnerability gets a CVSS score of 10.0, and more.

SAVE Act attempts to bolster election security

Security Wire Daily News - Thu, 11/02/2017 - 4:14pm
Two senators introduced a bipartisan election security bill called the SAVE Act, which aims to improve voting infrastructure and harden state systems against attack.

The vulnerability management process after Equifax

Security Wire Daily News - Wed, 11/01/2017 - 8:00am
Cataclysmic security incidents highlight the importance of a vulnerability management program versus a patch management system. Here's how to implement a risk-based approach.

Are security operations centers doing enough?

Security Wire Daily News - Wed, 11/01/2017 - 8:00am
SOCs are maturing, but organizations facing the increased threat landscape understand that improving their effectiveness must be a priority in the year ahead.

From the White House to IBM Watson technology with Phyllis Schneck

Security Wire Daily News - Wed, 11/01/2017 - 8:00am
The managing director at Promontory Financial Group, now part of IBM, talks about supercomputers, cryptography applications and her start in computer science.

Are companies with a SOC team less likely to get breached?

Security Wire Daily News - Wed, 11/01/2017 - 8:00am
Information security operations centers are “growing up,” according to one study. But, with staffing shortages and manual collection of data, performance metrics are hard to get.

Pages