Weekly InfoSec Roundup 04/23/2018

It was an exciting week for Brinqa and the infosec community. Plenty of great articles to catch up on covering zero-day threats and configuration vulnerabilities. Which fits in great with the webinar we just published this week “7 Strategies for Effective Vulnerability Remediation” be sure to watch it.

Internet Explorer zero-day alert: Attackers hitting unpatched bug in Microsoft browser

“A well-resourced hacking group is using a previously unknown and unpatched bug in Internet Explorer (IE) to infect Windows PCs with malware.”
Read More

A corporate guide to addressing IoT security concerns

“The Internet of Things (IoT) promises benefits for companies, including rich supplies of data that can help them more effectively serve their customers. There’s also a lot to be worried about.”

Read More

Data Breach Notifications and Why Honesty is the Best Policy

“Data breaches don't discriminate. Businesses of all sizes are affected by these hugely damaging attacks, which means that more and more customers are directly feeling their effects.”

Read More

5 tips to plug security leaks

“Picture this. You’re on a boat at sea that springs a leak. Your team is bailing frantically – but this will only keep the boat afloat for a short while. How can you save your boat and your crew from drowning? You need to identify the cause, size and severity of the leak. Then you need to fix the leak – preferably in such a way as can be repeated quickly and easily if another one occurs. Ideally, you can prevent future leaks from ever happening.”

Read More

Equifax has spent $242.7 million on its data breach so far

“Equifax's first quarter earnings report highlighted expenses due to its September 2017 data breach and how the spending is shifting more toward IT and security.”

Read More

LinkedIn Vulnerability Allowed User Data Harvesting

​“LinkedIn recently patched a vulnerability that could have been exploited by malicious websites to harvest data from users’ profiles, including private information.”
Read More

Accenture Study: CEOs Taking Ownership of Cybersecurity

“We’ve written before about the fundamental disconnect between CEOs and IT security professionals; CEOs largely believe preventative endpoint security is the top priority in cybersecurity whereas IT security professionals know that detective information security and identity is much more important. But there is some new evidence that the situation on the ground is changing, and rapidly at that.”

Read More

Configuration vulnerability could leave SAP systems open to compromise

“A vulnerability arising from the default installation of popular business management platform SAP could lead to a full compromise of the system say researchers.”

​Read More

Watch our latest webinar “7 Strategies for Effective Vulnerability Remediation”

The remediation gap is real. You have completed your network and application scans to identify the vulnerabilities in your technology infrastructure. Now begins the long journey from a vulnerability being identified and reported, to appropriate actions being taken to address the problem. This ‘Remediation Gap’ is the window of opportunity for attackers to exploit a weakness. According to research, vulnerabilities typically spend hundreds of days in this limbo, leaving organizations exposed to attacks. Fortunately, there are concrete steps that you can take to combat this problem.

Join us for this webinar as we discuss 7 practical strategies designed to reduce the remediation gap while improving effectiveness, efficiency, and consistency, including how to:

  • Ensure that remediation efforts prioritize the most critical problems
  • Improve remediation coverage while reducing overhead
  • Leverage existing ITSM systems and processes
  • Automate significant parts of the process

Stay updated with our blog posts

Enter your email address and you'll be notified about our new posts

Brinqa Thank You logo speech bubble


  • This field is for validation purposes and should be left unchanged.
© 2021 BRINQA | Legal | Terms | Privacy Notice