Vulnerabilities/Threats

Nearly every organization should assume that it is at risk, but there are ways of countering the tactics used by advanced persistent threats.

Apple's updates this week included fixes for two zero-day flaws, several code execution bugs, and vulnerabilities that allowed attackers to bypass its core security protections.

Email purportedly from human resources convinced more than one-fifth of recipients to click, the majority of whom did so within an hour of receiving the fraudulent message.

After companies accelerated their adoption of cloud infrastructure, remote workers are now insiders and pose significant risks, and costs, to companies.

Disclosure also puts organizations in the awkward position of trying to mitigate a vulnerability without something like a vendor patch to do the job.

"BotenaGo" contains exploits for more than 30 vulnerabilities in multiple vendor products and is being used to spread Mirai botnet malware, security vendor says.

The memory corruption vulnerability in a policy component installed by default on most Linux distributions allows any user to become root. Researchers have already reproduced the exploit.

It's not just your imagination — malicious threats have exponentially increased organizational risk.

Europol and 10 nations seized servers and disconnected the anonymous network allegedly used by many cybercriminals in the latest effort to hobble cybercrime groups.

The incident response landscape has changed drastically, largely from shifting attitudes among insurance companies and, to some extent, business customers feeling the pain of security incidents.

Signs hint at Russia's APT28, aka Fancy Bear, being behind the attacks, according to new research.

In a recent performance test, cybersecurity provider Link11 was benchmarked against leading international security vendors and emerged as the winner. The study by Frost & Sullivan emphasized the importance of precise detection and speed in mitigating DDoS (Distributed Denial of Service) attacks.

Cloud security, API security, and incident response are among the issues up-and-coming security companies are working on.

Employees don't have to be paralyzed by fear to keep the company safe. They just have to understand what threats look like and how to stop them.

Variants of the Mirai codebase are still a popular way to compromise and subvert Internet of Things devices, but experts fear more serious threats may be ahead.