Yet another warning has been issued about the BlueKeep vulnerability in older versions of Microsoft Windows. The latest comes from the Department of Homeland Security, which tested a remote code execution exploit.
Medical device vendor Becton Dickinson and U.S. federal regulators have issued security alerts about vulnerabilities that potentially put certain infusion pump products from the manufacturer at risk for remote hacker attacks.
A Google security researcher has disclosed what he calls an unpatched bug in the main cryptographic library used in newer versions of the Windows operating system that he claims could affect an entire fleet of Windows-based devices.
Britain's biggest businesses continue to inappropriately expose servers and services to the internet, putting the organizations and data at risk, according to a study by Rapid7. Tod Beardsley describes the findings, including a widespread lack of phishing defenses as well as cloud misconfigurations.
A security researcher has posted a demonstration showing how an attacker could exploit the BlueKeep vulnerability to take over a Windows device in a matter of seconds. Meanwhile, the NSA has joined Microsoft in urging users to patch devices before an attacker takes advantage of this vulnerability.
Microsoft has taken the unusual step of issuing a second warning about BlueKeep, a vulnerability that, if left unpatched, could allow an attacker to use a worm-like exploit to take over devices running older Windows operating systems. Security researchers warn that exploits are coming.
Reports that the city of Baltimore was attacked using a vulnerability in Windows originally stockpiled by the National Security Agency have triggered a blame game. Cybersecurity watchers are debating attacker culpability, patch management prowess and zero-day stockpiling.
Moody's has changed its financial outlook for Equifax to "negative" from "stable," reflecting concerns about how the credit reporting giant is recovering from the 2017 data breach that exposed the personal information of 148 million Americans.
The latest edition of the ISMG Security Report assesses the legacy of WannaCry ransomware two years on. Also featured: the evolving role of healthcare CISOs; threat mitigation recommendations based on the 2019 Verizon Data Breach Investigations Report.
Multiple flaws - all serious, exploitable and some already being actively exploited - came to light last week. Big names - including Cisco, Facebook, Intel and Microsoft - build the software and hardware at risk. And fixes for some of the flaws are not yet available. Is this cybersecurity's new normal?
Two years after WannaCry tore a path of destruction through the world, the ransomware remains a danger, with many systems still vulnerable to the EternalBlue or EternalRomance exploits that started it all.
The latest edition of the ISMG Security Report digs into the WhatsApp flaw that paved the way for spyware installation. Also: Microsoft patches old operating systems and a 'virtual CISO' sizes up security challenges.
Tenable recently teamed with Ponemon Institute on a global study exploring how cyber risk disrupts business operations in both the private and public sectors. The latest report focuses on the public sector, revealing they're at serious risk of cyberattack.
Agency IT security organizations must quickly identify and...
With the number of vulnerabilities on the rise, and their severity increasing, how can you identify the biggest cyber threats to your business - and know what to fix first?
Download the "3 Things You Need to Know About Prioritizing Vulnerabilities" ebook now to:
Discover the 3 critical steps to building an...
Overwhelmed by the number of vulnerabilities your team faces? Uncertain which cyber threats pose the greatest risk to your business? You're not alone. Cybersecurity leaders have been grappling with these challenges for years - and the problem keeps getting worse.
On average, enterprises find 870 vulnerabilities per...