Collaborate Disseminate
Researchers at Qualys call attention to a vulnerability in Linux’s GNU C Library (glibc) that allows full root access to a system.
The post GNU C Library Vulnerability Leads to Full Root Access appeared first on SecurityWeek.
Continue reading GNU C Library Vulnerability Leads to Full Root Access
MITRE and partners unveil EMB3D, a new threat model designed for critical infrastructure embedded devices.
The post MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure appeared first on SecurityWeek.
Continue reading MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure
New CISA alerts shed light on the harm occurring when software vendors fail to implement secure by design principles.
The post CISA Debuts ‘Secure by Design’ Alert Series appeared first on SecurityWeek.
Continue reading CISA Debuts ‘Secure by Design’ Alert Series
New CISA guidance details cyber threats and risks to healthcare and public health organizations and recommends mitigations.
The post CISA Releases Cybersecurity Guidance for Healthcare, Public Health Organizations appeared first on SecurityWeek.
Continue reading CISA Releases Cybersecurity Guidance for Healthcare, Public Health Organizations
Some K-12 public schools are racing to improve protection against the threat of online attacks, but lax cybersecurity means thousands of others are vulnerable to ransomware gangs that can steal confidential data and disrupt operations.
The post K-12 Sc… Continue reading K-12 Schools Improve Protection Against Online Attacks, but Many Are Vulnerable to Ransomware Gangs
In response to a spate of embarrassing hacks, Redmond pushes ‘Secure Future Initiative’ promising faster cloud patches, better management of identity signing keys and products with a higher default security bar.
The post After Major Cloud Hacks, Micros… Continue reading After Major Cloud Hacks, Microsoft Unveils ‘Secure Future Initiative’
One of the main reasons why ZTNA fails is that most ZTNA implementations tend to focus entirely on securing remote access.
The post Extending ZTNA to Protect Against Insider Threats appeared first on SecurityWeek.
Continue reading Extending ZTNA to Protect Against Insider Threats
CISA and the HHS have released resources for healthcare and public health organizations to improve their security.
The post CISA, HHS Release Cybersecurity Healthcare Toolkit appeared first on SecurityWeek.
Continue reading CISA, HHS Release Cybersecurity Healthcare Toolkit
The feared ‘cryptopocalypse’ (the death of current encryption) might be sooner than expected – caused by in-memory computing ASICs rather than quantum computers.
The post Beyond Quantum: MemComputing ASICs Could Shatter 2048-bit RSA Encryption appeared… Continue reading Beyond Quantum: MemComputing ASICs Could Shatter 2048-bit RSA Encryption
In Other
The post In Other News: Ex-Uber Security Chief Appeal, New Offerings From Tech Giants, Crypto Bounty appeared first on SecurityWeek.
Continue reading In Other News: Ex-Uber Security Chief Appeal, New Offerings From Tech Giants, Crypto Bounty