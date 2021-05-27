Cancel
CreatorsPublishersAdvertisers
View more in
Technology

The Achilles' Heel Of Business Technology: Zero-Day Vulnerabilities

By Brian Greenberg
Forbes
 4 days ago

Cover picture for the articleBrian Greenberg is a CIO/CTO and Partner with Fortium Partners, a firm comprised of the world’s foremost C-level technology leaders. The origin story of Achilles begins with his mother, the Greek goddess Thetis, and how she attempted to protect him. Thetis went to the River Styx, the river that formed the boundary between the Earth and the Underworld. It was said that the river could imbue a person with powers of invincibility. Wanting the best for her son, Thetis dipped her infant child into the River Styx so that he may grow up to be great and powerful. As such, Achilles grew to be a great warrior who survived a great many battles due to his powers. However, unknown to Thetis and Achilles, he remained vulnerable at his heel, where Thetis held him while she dipped him into the river as a child, thus protecting him entirely except at his heel.

www.forbes.com
IN THIS ARTICLE
#Information Security#Software Security#Internet Security#Computer Security#Software Vulnerabilities#Security Vulnerabilities#Malicious Software#Attack Software#Cio Cto#Partner With#Fortium Partners#Greek#Americans#Equifax#Chinese#Struts#Social Security#Nist#Forbes Technology Council#Zero Day Vulnerabilities
YOU MAY ALSO LIKE
News Break
Microsoft
News Break
Technology
Related
SoftwarePosted by
TheStreet

Trend Micro's Zero Day Initiative Enhances Position As World's Largest Vulnerability Disclosure Player

DALLAS, May 19, 2021 /PRNewswire/ -- Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today announced its Zero Day Initiative (ZDI) accounted for 60.5% of the vulnerabilities disclosed in a new Omdia study. The ZDI maintains its position as the world's largest vendor-agnostic bug bounty program for the 13 th consecutive year. The ZDI had the most disclosures across all severity levels, with 77% of their disclosures being critical or high severity rating.
Softwaresecurityboulevard.com

The Truth About Zero-day Vulnerabilities in Web Application Security

Zero-Day Vulnerabilities are highly valued in legitimate bug bounty programs and have earned bounties of up to USD 2 million. Since no patches or fixes exist, 0-day attacks/exploits are highly valued even in the underground markets and the dark web. They are sold to the highest bidder within hours of discovery in the black market.
Small Businesslegalreader.com

Hani Zeini on Technology Benefits for Businesses

Every business should be aware of the different techniques accessible to them and how they may influence their marketing, costs, and sales. To get ahead in the current business world need not necessarily mean being a big company or adopting the most cutting-edge and latest technology. Instead, it means choosing the most appropriate technology to impact the business’s daily operations. Below are the top 5 technology benefits that one should try to attain from any information technology changes in their business.
SoftwareThe Journal of Commerce Online

Technology

TMS isn’t dead, but shippers should consider alternatives: consultants. Transportation management systems are widely used by shippers, but transportation consultants contend that because software architecture has changed, cargo owners may be better off cobbling together independent tools to meet their needs. 07 Apr 2021. Five of the largest global container...
Softwarebleepingcomputer.com

HPE fixes critical zero-day vulnerability disclosed in December

Hewlett Packard Enterprise (HPE) has released a security update to address a zero-day remote code execution vulnerability in the HPE Systems Insight Manager (SIM) software, disclosed last year, in December. HPE SIM is a remote support automation and management solution for HPE servers, storage, and networking products, including HPE's ProLiant...
Softwarethreatpost.com

HPE Fixes Critical Zero-Day in Server Management Software

The bug in HPE SIM makes it easy as pie for attackers to remotely trigger code, no user interaction necessary. Hewlett Packard Enterprise (HPE) has fixed a critical zero-day remote code execution (RCE) flaw in its HPE Systems Insight Manager (SIM) software for Windows that it originally disclosed in December.
Computersmaketecheasier.com

Third macOS Zero-Day Attack Takes Advantage through Safari

There was a time when Macs were considered safe from malware and other ills. Attackers preferred to go after Windows users simply because there were more of them – attackers could get more bang for their buck. That’s been changing, however, with more people owning Macs. This has led to a third zero-day attack on macOS in less than a year, allowing attackers to take advantage in several ways through Safari.
Computerssecurityboulevard.com

Apple Patches Zero-Day XCSSET Exploit

By the time Apple patched a zero-day vulnerability in macOS 11.4 that bypasses the Transparency Consent and Control (TCC) framework, it was being exploited by attackers using XCSSET malware. Jamf researchers dissecting the malware and its exploitations uncovered the bypass, which attackers can use to hijack resources like webcams and...
Technologytherecord.media

SVR cyberspies used iOS zero-day in recent phishing campaign

The Russian hacking group that breached software provider SolarWinds in an infamous supply chain attack last year has returned to its regular skullduggery and, for the past few months, has conducted a massive spear-phishing operation aimed at government agencies, think tanks, consultants, and NGOs. Tracked as APT29 or Cozy Bear,...
Technologysecurityboulevard.com

A Road to a Consistent Encryption Strategy

Unlike the rest of the world, adoption of enterprise-wide encryption strategies has not grown in the Middle East, in fact it appears to have shrunk slightly. This is despite the fact that a majority of organizations have experienced a data breach. These are two the most hard-hitting results from our...
Marketsfxempire.com

Is Bitcoin’s High Computing Power its Achilles Heel?

Data collated from the Cambridge Center for Alternative Finance (CCAF), show the world’s most popular crypto asset presently consumes around 13.37-gigawatt annum— 0.6% of global electricity supply, or roughly equivalent to the annual energy draw of an emerged market countries as Sweden. Elon Musk, some weeks stunned crypto investors arbitrarily...
Public Healthsecurityboulevard.com

Imperva’s WAF Gateway 14.4 Protects Enterprises for the Post-COVID Era

Whether it’s called the New Normal or Next Normal era, COVID-19 has impacted all businesses worldwide and accelerated their digital transformation initiatives during this new post-pandemic era. Whether it’s from a recent retail trend like omnichannel commerce or a newly defined, post-COVID practice like contactless transactions, businesses are definitely going digital. There was a period, here in the US, where restaurants and other food-related services were only doing their transactions online. It was reported by a leading online transaction vendor, “In a year of unprecedented changes and challenges, 2020 also posed some interesting opportunities for businesses to embrace digital payments. Many moved their business online for the first time, ushering in a new digital transformation.” To sustain their global business, many enterprises are looking to online commerce as a key enabler. As they focus on this, enterprises are also leveraging their investments in new protocols and faster networks from Wi-Fi6 and 5G to enhance customer experiences both online and mobile. Likewise, so have the cybercriminals, as they have increased their level of progressive attacks with advanced bots and other innovative threats. Verizon’s latest 2021 data breach report validated this by stating, ‘the pandemic has influenced cyber-criminal activity, with the focus shifting strongly toward work-at-home infrastructure. 39% of all data breaches in 2020 stemmed from web application compromise.’
TechnologySilicon Republic

How to address cybersecurity when migrating to the cloud

Moxtra’s chief technology officer discusses cloud security and some of the main pitfalls that businesses should avoid. Migrating to the cloud is far from a new concept. However, the last year has accelerated digital transformation across virtually every industry, dispersing much of the global workforce and decentralising much of the on-premise infrastructure we had been used to.
SoftwareVentureBeat

Microsoft Build touts Power Apps, Cosmos DB enhancements to develop code faster

At Microsoft’s Build conference this week, CEO Satya Nadella was focused on speed. “It’s all about that developer velocity,” he promised, as the company unveiled tools and services that would enable developers to turn ideas into software stacks faster. The annual event has something for both traditional developers and newer...
Technologybizjournals

The hidden dangers of your cloud data

Most businesses today house their data in some type of public or private cloud, whether it is inside Microsoft 365 or another SaaS application, it is a common business practice. As organizations increasingly move data into cloud-based applications, many believe that traditional best practices, such as data backup and managed cybersecurity, are outdated. After all, SaaS applications are always available, accessible from anywhere, and highly redundant, so why is backup necessary?