Security vulnerabilities stories - Page 16

Board buy-in essential for reducing cyber attack risk, as recent high-profile breaches highlight vulnerabilities. People-centric approach needed.

For companies to better meet cybersecurity standards, it's time to throw away the bad password advice and take steps to eliminate passwords once and for all.

Cyber-physical system vulnerabilities have decreased by 14% in 2H 2022, while internal research findings have increased by 80%, says a report by Claroty.

The report looks at real-world data to understand how global companies and industries use and secure cloud and container environments. .

In the past, mega vulnerabilities happened once a quarter, but this past year we've been dealing with critical vulnerabilities almost weekly in some cases.

Zero Trust is revolutionizing cybersecurity, treating every component as if it's continuously exposed to potential threats. Implementation varies.

China's 8220 Gang has targeted public cloud environments with a custom-built crypto miner and IRC bot, warns Radware.

Trustwave has relaunched its Advanced Continual Threat Hunting platform, resulting in a 3x increase in threat findings.

Claroty's research team, Team82, has examined the GE Proficy Historian, finding five exploitable vulnerabilities capable of causing damage to the system.

Between July and October, Acronis found that the proportion of phishing attacks has risen by 1.3, accounting for 76% of all attacks.

GreyNoise Intelligence unveils its 2022 Mass Exploitation Report, delving deep into threat detection events from the past year.

The Secureworks Counter Threat Unit (CTU) has uncovered a subgroup of Iranian Cobalt Mirage using GitHub to store and deploy malware.

Identified as UNC4191, this cyber espionage threat leverages USB devices as an initial infection vector, concentrates on the Philippines, and has a China nexus.

ASX 200 companies have a good security posture, on-par with global counterparts, according to a new report by Rapid7.

Rapid7 showcases new capabilities at AWS re:Invent 2022 to make cloud detection and response and vulnerability assessments easier.

Data security and analytics pioneer Varonis Systems has launched its public vulnerability disclosure program through HackerOne.

Forescout’s Vedere Labs disclosed an update to its OT:ICEFALL study distributed in June 2022, which detailed vulnerabilities found in thousands of OT devices.

Global security manufacturer Gallagher has been awarded the Security Software Manufacturer of the Year accolade at the 2022 Security & Fire Excellence Awards.

It’s highly likely that Application Portfolio Management (APM) isn’t at the top of your to-do list. It may not even be on your list anymore.

The GSSH is a short, broad, easily-understood safe harbour statement that’s simple for customers to adopt, HackerOne states.