Collaborate Disseminate
“Hydro subject to cyber-attack,” warned Oslo-headquartered Norsk Hydro ASA, one of the world’s biggest aluminum producers, on Tuesday. “Hydro has isolated all plants and operations and is switching to manual operations and procedures … Continue reading Norsk Hydro cyber attack: What happened?
Capsule8 expands threat detection platform for PCI DSS, BitSight unveils peer analytics for more effective security performance management, Imperva advances autonomous application protection capabilities, and Synopsys launches Polaris Software inte… Continue reading PCI, Capsule8, & Polaris – Enterprise Security Weekly #128
CVE-2018-20250, a WinRAR vulnerability that allows attackers to extract a malicious executable to one of the Windows Startup folder to be executed every time the system is booted, and CVE-2019-6340, the remote execution flaw affecting the popular Drupa… Continue reading Latest WinRAR, Drupal flaws under active exploitation
Users of popular dating site OkCupid have been complaining of hackers taking over their account, locking them out by changing the associated email address and password, and using information gleaned from the account to harass them. But a company spokes… Continue reading OkCupid account hijackings highlight website account management issues
In the Security News, 5 tips for access control from an ethical hacker, Japan is to hunt down Citizens insecure IoT devices, kid tracking watches allow attackers to monitor real time location data, and Imperva mitigate a DDoS attack generated 500 m… Continue reading Japan, Imperva, & DDoS – Paul’s Security Weekly #592
Despite fewer plugins being added to Wordpress last year, the CMS saw an astounding tripling of vulnerabilities in its platform in 2018. Continue reading ThreatList: WordPress Vulnerabilities Tripled in 2018
This time of the year is always exciting for us, as we get to take a step back, analyze how we did throughout the year, and look ahead at what the coming year will bring. Taking full advantage of our team’s expertise in data and application security, a… Continue reading The year ahead: More breaches, bolstered regulation and the rise of AI
In the Enterprise Security News, Avast launches AI-based software for phishing attacks, Carbon Black and Secureworks apply Red Cloak Analytics to Carbon Blacks Cloud, ShieldX integrates intention engine into Elastic Security Platform, and we have updat… Continue reading BlackBerry, Imperva, & CyberArk – Enterprise Security Weekly #111
Hackers have an obvious predilection for Python-based attack tools, says Imperva. “When examining the use of Python in attacks against sites we protect, the result was unsurprising – a large chunk, up to 77%, of the sites were attacked by a Pytho… Continue reading Python-based attack tools are the most common vector for launching exploit attempts
More than 20 percent of GitHub repositories containing an attack tool or an exploit proof of concept (PoC) are written in Python. Continue reading ThreatList: Hackers Turn to Python as Attack Coding Language of Choice