cybersecurity - The Stack (Page 14)

As well as setting up honeypots to identify and target brute force attacks, the NCSC also took down 24,407 web shells in 2022.

Edward Targett July 07, 2023

Fuzzy Thinking: Yet more critical SQL Injection bugs in MOVEIt Transfer

You're tired? Everyone's tired. Just patch promptly please.

Edward Targett July 07, 2023

HSBC joins BT, Toshiba's commercial Quantum Key Distribution network - but beware hackers with lasers

Dust off your math, review the literature with some strong coffee; envision a future fresh from a William Gibson novel...

Edward Targett July 05, 2023

Reimagining cloud-native security for developers and platform owners

cloud security

News

Sysdig

Reimagining cloud-native security for developers and platform owners

Even with ‘traditional’ configuration of resources in the cloud - and Kubernetes becomes a more extreme example of this – what is crystal clear is that security cannot stay outside of the development and DevOps teams."

The Stack July 04, 2023

This critical vulnerability is an “open door into your network” and being exploited. Why didn’t RUCKUS Networks register a CVE?

vulnerabilities

News

This critical vulnerability is an “open door into your network” and being exploited. Why didn’t RUCKUS Networks register a CVE?

CVE-2023-25717 is being exploited and affected products have been pulled into a new botnet...

Edward Targett July 03, 2023

eSentire CEO Kerry Bailey on teaming up with insurers, cyber resilience, and the "last mile"

eSentire CEO Kerry Bailey on teaming up with insurers, cyber resilience, and the "last mile"

“It was a little slow to get started, because they spoke in hard-edged actuarial science data terms. But we have the largest MDR database in the industry so we were able to get back to them and empirically show that we can reduce risk..."

Edward Targett June 27, 2023

NSA warns over “false sense of security” on Black Lotus UEFI bootkit risk

malware

News

NSA warns over “false sense of security” on Black Lotus UEFI bootkit risk

The bootkit has been sold on underground forums since at least October 6, 2022. It has a tiny on-disk size of around 80kb, can disable HVCI, Windows Defender, BitLocker, and bypass UAC

Edward Targett June 26, 2023

cyber risk

News

CVSS

CVSS 4.0 aims for greater clarity on cybersecurity risk -- adds OT, response components

New metrics for Operational Technology exposure include whether the "consequences of the vulnerability meet definition of IEC 61508 consequence categories of "marginal," "critical," or "catastrophic."

The Stack June 19, 2023

UK’s NCSC starts using honeypots to detect, smash brute force campaigns

Fuzzy Thinking: Yet more critical SQL Injection bugs in MOVEIt Transfer

HSBC joins BT, Toshiba's commercial Quantum Key Distribution network - but beware hackers with lasers

Reimagining cloud-native security for developers and platform owners

This critical vulnerability is an “open door into your network” and being exploited. Why didn’t RUCKUS Networks register a CVE?

eSentire CEO Kerry Bailey on teaming up with insurers, cyber resilience, and the "last mile"

NSA warns over “false sense of security” on Black Lotus UEFI bootkit risk

CVSS 4.0 aims for greater clarity on cybersecurity risk -- adds OT, response components