The percentage of open source code in proprietary apps is rising

The number of open source components in the codebase of proprietary applications keeps rising and with it the risk of those apps being compromised by attackers leveraging vulnerabilities in them, a recent report has shown. Compiled after examining the findings from the anonymized data of over 1,100 commercial codebases audited in 2017 by the Black […]

New BIND Vulnerabilities Threaten DNS Availability

One of the most common pieces of software for implementing a Domain Name System (DNS) server — BIND — has just become the subject of security advisories from the Internet Systems Consortium and a related notice from DHS. The advisories cite two new vulnerabilities in BIND. Both describe a scenario in which one of the […]

Threat analytics: Keeping companies ahead of emerging application threats

Every application that is downloaded via an app store runs in a zero-trust environment. When a protected app is published to an official app store, an open loop of protection is created, leaving the app without a way of communicating its current threat status. With more than 5 million apps available for download, this opens […]

Rail Europe Notifies Riders of Three-Month Data Breach

Rail Europe North America (RENA), a website Americans use to buy European train tickets, has confirmed a three-month data breach in which customers’ payment card data was compromised. RENA reports the incident began on November 29, 2017 and continued through February 16, 2018, when a bank inquiry informed the organization of an attack. Attackers lifted […]

Is The C-Suite Exempt From Cyber-Crime Anxiety?

If recent cyber-attacks are anything to go by, cyber-criminals are capable of causing colossal damage to organisations of all sizes. With vital public services such as the NHS succumbing to attacks, it seems that nothing is off the table when it comes down to cyber-criminals deciding who to target. However, according to some reports, the […]

Too many IT pros ignore critical security issues

A recent Outpost24 survey of 155 IT professionals, which revealed that 42 percent ignore critical security issues when they don’t know how to fix them (16 percent) or don’t have the time to address them (26 percent). The survey, which was carried out at the RSA Conference in April 2018, also asked respondents what area of their […]

Cybercriminals are turning to Telegram due to its security capabilities

Check Point researchers have revealed that cybercriminals are increasingly exploiting the popular messaging app, Telegram, to exchange information, recruit new partners and evade authorities. Criminals are turning to Telegram because law enforcement has been successful recently in taking down Dark Web marketplaces and forums, such as Hansa Market and AlphaBay. Telegram is easy to access and offers […]

Microsoft’s Patch Tuesday Fixes Two CVEs Under Active Attack

Microsoft’s Patch Tuesday arrived with a sense of urgency this month, addressing two vulnerabilities under active attack and 66 other CVEs affecting Windows, Office, Office Services, Internet Explorer, Edge, Visual Studio, Web Apps, ChakraCore, Hyper-V Server, and Azure IoT SDK. Of the 68 total CVEs addressed, 21 are rated as Critical, 45 are considered Important, […]

After Equifax breach, major firms still rely on same flawed software

Last year’s massive data breach at Equifax should have been a wake-up call for the entire industry. Hackers stole 145 million records by exploiting a vulnerability in a widely used open-source web server software that the credit rating giant failed to patch months earlier. But a year after the patches were released, some of the world’s wealthiest companies are […]

Phishing alert: GDPR-themed scam wants you to hand over passwords, credit card details

Criminals are attempting to trick consumers into handing over passwords and credit card details by taking advantage of the flood of emails being sent out ahead of new European privacy legislation. The European Union’s new General Data Protection Regulation (GDPR) come into force on 25 May and the policy is designed to give consumers more control over […]