Collaborate Disseminate
Many wireless headsets using Bluetooth technology have vulnerabilities that may allow malicious individuals to covertly listen in on private conversations, Tarlogic Security researchers have demonstrated last week at RootedCON in Madrid. “Many of… Continue reading BSAM: Open-source methodology for Bluetooth security assessment
Researchers have discovered cryptographic vulnerabilities in Swiss-based secure messaging application Threema that may have allowed attackers to do things like break authentication or recover users’ long-term private keys. The vulnerabilities have been… Continue reading Crypto audit of Threema revealed many vulnerabilities
As more companies outsource IT infrastructure to third-party providers and adopt cloud-based collaboration tools, the need for partners that deliver strong protection and peace of mind is essential. If you’re a cloud service vendor, you should be prepa… Continue reading Independent security audits are essential for cloud service providers. Here’s why
As more companies outsource IT infrastructure to third-party providers and adopt cloud-based collaboration tools, the need for partners that deliver strong protection and peace of mind is essential. If you’re a cloud service vendor, you should be prepa… Continue reading Independent security audits are essential for cloud service providers. Here’s why
A report from the Internal Audit Foundation, The Institute of Internal Auditors (IIA) and Kroll, is based on a recent global survey and focus groups with internal auditors, discussing how the role of internal audit in fraud risk management has changed … Continue reading Internal auditors stepping up to become strategic advisors in the fight against fraud
A research from Vanson Bourne examines how financial services are faring with the ever-increasing challenge of audit overload. The study, which surveyed 200 U.S. IT security professionals in the financial services industry, revealed that 97 percent fin… Continue reading How can organizations ease audit overload?
Audit functions that fail to adapt well to hybrid auditing risk a loss of effectiveness and influence at a time when real-time assurance has never been more vital to the wider organization, according to Gartner. With hybrid audit engagements here to st… Continue reading Audit effectiveness and talent retention at risk as hybrid auditing becomes the new norm
Several egregious vulnerabilities affecting the Stem Audio Table conference room speakerphone could be exploited by attackers to eavesdrop on what’s being discussed in its proximity, download malicious firmware, achieve and maintain network persi… Continue reading How a conference room speakerphone might let attackers into your company network
Kubestriker is an open-source, platform-agnostic tool for identifying security misconfigurations in Kubernetes clusters. It performs a variety of checks on a range of services and open ports on the Kubernetes platform, helps safeguard against potential… Continue reading Kubestriker: A security auditing tool for Kubernetes clusters
Many recent high-profile breaches have underscored two important cybersecurity lessons: the need for increased scrutiny in evaluating access and controls of partners handling valuable customer data, and the imperativeness of assessing a third party’s (… Continue reading What businesses need to know to evaluate partner cyber resilience