Collaborate Disseminate
Multiple techniques have been identified that allow to execute arbitrary code, within a running U-Boot instance, by means of externally provided unauthenticated data. […] Continue reading U-Boot verified boot bypass vulnerabilities (CVE-2018-18439, CVE-2018-18440)
A new vulnerability being called PortSmash, (CVE-2018-5407) has been discovered impacting all CPUs that use a Simultaneous Multithreading (SMT) architecture. SMT is a technology that allows multiple computing threads to be executed simultaneously on a… Continue reading New PortSmash Side-Channel Vulnerability (CVE-2018-5407)
Eurostar forced all of its customers to reset their passwords after indications of a possible breach by hackers attempted to access user accounts. […] Continue reading Eurostar Customers Reset Passwords After Security Breach
The Federal Information Security Act (FISMA) of 2002 requires that government agencies report on their Information Technology Security Status annually to the Office of Management and Budget (OMB). […] Continue reading Continuous Monitoring : Academic Paper
Armis, the enterprise IoT security company, today announced the discovery of two critical vulnerabilities related to the use of Bluetooth Low Energy (BLE) chips made by Texas Instruments (TI), and used in Cisco, Meraki and Aruba wireless access points,… Continue reading Armis Discovers “BLEEDINGBIT,” Two Critical Chip-Level Vulnerabilities
As the UK’s cybersecurity situation becomes more uncertain and vulnerable day by day, top cyber intelligence officers have spoken out about seeking alternative arrangements to ensure a more protected digital environment across the country. […] Continue reading UK needs to talk to China to ensure cybersecurity
There are many opportunities for workers to start and advance their careers within cybersecurity. […] Continue reading Cybersecurity Career Pathway
The National Cybersecurity Career Awareness Week (NCCAW), brought to you by the National Initiative for Cybersecurity (NICE), is a week-long campaign focused on increasing awareness about careers in cybersecurity and building a national cybersecurity w… Continue reading National Cybersecurity Career Awareness Week
InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. […] Continue reading CVE-2018-17914
The complexity and velocity of the threats organizations are facing are only escalating and there is a definite need for careful analysis of the attack trends to determine effective mitigations. […] Continue reading Complementing a Security Management Model with the 20 Critical Security Controls: Academic Paper