This week in InfoSec news highlighted a plethora of new vulnerabilities and zero-day exploits. Be sure to register for our upcoming webinar Vulnerability Analytics: The Visual Language of Vulnerability Management.
Nearly Half of All Web Apps Vulnerable to Unauthorized Access
New research from Positive Technologies has discovered that almost half (48%) of web applications are vulnerable to unauthorized access, with 44% placing users’ personal data at risk of theft.
Equifax names former IBM Watson exec as new CTO
"Equifax said Thursday that it has appointed Bryson Koehler as its new chief technology officer. The move comes as Equifax works to overhaul its security systems and cope with the ongoing fallout related to its 2017 data breach."
PageUp confirms some data compromised in breach
PageUp has confirmed that some data held on its clients may be at risk, after revealing earlier this month it had fallen victim to a malware attack.
"Forensic investigations have confirmed that an unauthorized person gained access to PageUp systems," the company wrote at the weekend. "Although the incident has been contained and PageUp is safe to use, we sincerely regret some data may be at risk."
Why Cisco doesn’t disclose flaws for months after it patches them
Cisco explains why it fixes some security flaws months before telling customers a patch is available. Cisco’s recently patched and extremely dangerous Adaptive Security Appliance (ASA) bug brought attention to a peculiarity about its security advisories. U...
Improving the Adoption of Security Automation
Four barriers to automation and how to overcome them. IT has always added value through automation, but its penetration into security practices historically has been lower than in other functional areas. For example, in the just-released Oracle and KPMG Cl...
Cisco patches critical Nexus flaws: Are your switches vulnerable?
Cisco patches critical Smart Install flaw: 8.5 million devices affected. Cisco has released fixes for 34 flaws in its software, including 24 that affect its FXOS software for Firepower firewalls and NX-OS software for Nexus switches.Cisco's June...
Execs don’t believe their companies learn the right lessons in cybersecurity
A majority of executives around the world feel their organizations can do better when it comes to learning from their past cyber mistakes, according to the results of a newly released global survey conducted by The Economist Intelligence Unit (EIU) and Wil...
Attackers Pick Microsoft Office for Zero-Day Exploits
Being top choice as an attack vector is likely not a contest any platform wants to win. Unfortunately for Microsoft, Office will not only continue to be the attackers’ vector of choice but will also be the platform for exploiting vulnerabilities, according ...
Four New Vulnerabilities in Phoenix Contact Industrial Switches
A series of newly disclosed vulnerabilities could allow an attacker to gain control of industrial switches.Phoenix Contact has disclosed four vulnerabilities in switches in the FL SWITCH industrial line. The affected devices are typically used in automated ...
[WEBINAR] Vulnerability Analytics : The Visual Language of Vulnerability Management