Cisco Issues Warnings About Numerous Old Vulnerabilities Being Used in Attacks
To alert users of the potential malicious exploitation of critical vulnerabilities affecting its networking devices, Cisco has updated a number of security advisories. Many of the ‘critical’ or ‘high’ severity bugs have been fixed for four to five years, but businesses that haven’t patched their devices are still at risk. Last week, the tech giant added exploitation warnings to more than 20 advisories detailing security defects in Cisco IOS, NX-OS, and HyperFlex software.
The 2023 Cybersecurity Outlook – Addressing New and Bigger Threats
The security issues that are present today still need to be resolved. But there are also new challenges because of advancing technology and a rapidly evolving global environment. With cybercriminals constantly evolving their attack strategies and techniques, ransomware has been a significant problem for cybersecurity for years and doesn’t seem...
Glupteba Botnet Remains Active Despite Google’s Efforts to Disrupt It
An analysis conducted by OT and IoT cybersecurity firm Nozomi Networks shows that the Glupteba botnet is still active following Google’s efforts to disrupt the cybercrime operation. A large number of compromised Windows devices fuel the Glupteba botnet. T. he malware has the ability to mine cryptocurrencies, turn devices...
Veracode Includes Advanced Dynamic Analysis Capability with Acquisition of Crashtest Security Solution
Veracode , the world’s leading provider of modern application security testing solutions, today announced that it has acquired Germany-based software security tool Crashtest Security, a product of developer-focused dynamic application security testing (DAST). The investment will bolster existing DAST capabilities available as part of Veracode’s continuous software security platform and expand customer access globally.
The Widespread of Wipers: Why It Matters For Enterprises
Organizations should consider deception technology, a strategy in which cyber attackers are lured away from an enterprise’s true assets and instead, diverted toward a decoy or a trap. Researchers have noticed a rising trend of wiper malware deployment concurrent with the Russia-Ukraine conflict in the first half of this...
CREST Releases New Guide to Security Operations Centres
CREST, the global not-for-profit community of cyber security businesses and professionals working to keep our information safe in a digital world, today launches a new report into Security Operations Centres (SOCs). The CREST “What is a Security Operations Centre?” guide is a chance for everyone with an interest in cybersecurity...
Bugcrowd Announces Bug Bounty Program for Australian-Based Navitas
Bugcrowd, the leader in crowdsourced cybersecurity, today announced that Navitas, one of the world’s leading global education providers, has launched a private bug bounty program with Bugcrowd to identify and resolve security vulnerabilities. Navitas delivers educational programs to 60,000 aspirational students each year across its network of 92 colleges...
CompoSecure Achieves SOC 2 Type 2 Certification
CompoSecure, Inc. (Nasdaq: CMPO), a leader in metal payment cards, security and authentication solutions, today reported it earned its Service Organization Control (SOC) 2 Type 2 certification. Successful completion of the SOC 2 Type 2 audit validates that CompoSecure’s security, data controls, privacy capabilities and technology have been designed, implemented and operated effectively to meet industry-leading security practices. This certification is particularly crucial when it comes to earning and maintaining customer trust within the payments, secure authentication and cold storage hardware wallet markets.
Invest Ehub Expands Security Protocols for Enhanced Protection
In the financial trading industry, a broker’s security is one of the most significant factors that define a convenient and safe experience for participants. A robust security structure helps promote credibility and confidence among traders, thus allowing them to trust the platform with their funds. When a brokerage service takes security seriously, traders are more likely to feel comfortable using it and to continue using it for the long term. In light of this, Invest Ehub has upgraded its security protocols to foster a trustworthy and reliable ecosystem – and not for the first time.
Meta Has Paid USD 16 Million in Bug Bounties Since 2011
On Thursday, Facebook’s parent company Meta revealed that since 2011, it has paid out over USD 16 million in bug bounties, with USD 2 million going to winners in just 2022. Only 8,500 of the more than 170,000 vulnerability reports that the company has received from security researchers so far have been given a reward, according to the company. Researchers from 45 different nations received compensation for spotting security flaws in Facebook and other services and goods. Over 750 of the roughly 10,000 vulnerability reports that the social media behemoth received in 2022 were the subject of bounties.
