Software & App Vulnerabilities – Page 2

IBM Works With Cisco to Exorcise Ghosts From Webex Meetings

Posted on November 18, 2020 by Jiyong Jang

COVID-19 has changed the way many people work, as organizations have shifted to remote work to slow the spread. In early May, more than 100 million Americans were working from home, creating an increased need for remote collaboration tools like video conferencing. The use of Webex grew 451% between Feb. 17 and June 14 2020. […]

The post IBM Works With Cisco to Exorcise Ghosts From Webex Meetings appeared first on Security Intelligence.

Continue reading IBM Works With Cisco to Exorcise Ghosts From Webex Meetings→

Autonomous Vehicle Security Needs From A Hacker’s Perspective

Posted on October 8, 2020 by Abby Ross

With connected cars becoming more common, the industry has more standards and options when it comes to autonomous vehicle security. Adam Laurie, known in hacker circles as Major Malfunction, leads X-Force Red’s automotive testing practice. He has seen firsthand how easy it can be to compromise an autonomous vehicle if strong security processes and controls […]

The post Autonomous Vehicle Security Needs From A Hacker’s Perspective appeared first on Security Intelligence.

Continue reading Autonomous Vehicle Security Needs From A Hacker’s Perspective→

Automotive Cybersecurity: New Regulations in the Auto Industry

Posted on September 24, 2020 by Arndt Kohler

Connected car data security becomes key as automakers enable advanced communications and safety features. With this increased connectivity comes greater automotive cybersecurity risks, too. In fact, the number of automotive cyberattacks has risen sharply. The average car today contains up to 150 electronic control units and about 100 million lines of software code. That number is […]

The post Automotive Cybersecurity: New Regulations in the Auto Industry appeared first on Security Intelligence.

Continue reading Automotive Cybersecurity: New Regulations in the Auto Industry→

New Vulnerability Could Put IoT Devices at Risk

Posted on August 19, 2020 by Adam Laurie

Society relies so heavily on technology that the number of internet connected devices used globally is predicted to grow to 55.9 billion by 2025. Many of these devices span parts of Industrial Control Systems (ICS) that impact the physical world, assist us in our daily lives at home and monitor and automate everything from energy […]

The post New Vulnerability Could Put IoT Devices at Risk appeared first on Security Intelligence.

Continue reading New Vulnerability Could Put IoT Devices at Risk→

Don’t Remove Stalkerware Before Reading This Article

Posted on August 18, 2020 by Lysa Myers

Stalkerware is technically software with malicious intent, but security professionals should treat it as a different beast from other malware. Stalkerware is an app or apps that someone else can install on your device to intercept text messages and phone calls, send call logs, record web browsing activity and keystrokes and even access your location. […]

The post Don’t Remove Stalkerware Before Reading This Article appeared first on Security Intelligence.

Continue reading Don’t Remove Stalkerware Before Reading This Article→

New Ponemon Report: A Programmatic Approach to Vulnerability Management for Hybrid Multicloud

Posted on August 17, 2020 by Charles Henderson

X-Force Red is unveiling a new research study, conducted by the Ponemon Institute, that highlights vulnerability management challenges for on-premises and cloud environments: in other words, hybrid multicloud. The report, “The State of Vulnerability Management in the Cloud and On-Premises,” is based on a global survey of 1,848 IT and IT security professionals in North […]

The post New Ponemon Report: A Programmatic Approach to Vulnerability Management for Hybrid Multicloud appeared first on Security Intelligence.

Continue reading New Ponemon Report: A Programmatic Approach to Vulnerability Management for Hybrid Multicloud→

Legacy Systems: Seven Things to Know When Sunsetting

Posted on August 13, 2020 by Sue Poremba

Nothing lasts forever. That’s true for cars, devices, even a favorite sweatshirt or pair of jeans. But it is especially true for information technology (IT). Legacy IT systems stick around in business settings for three main reasons: organizations don’t have the budget to upgrade, teams need to be able to access critical legacy applications and […]

The post Legacy Systems: Seven Things to Know When Sunsetting appeared first on Security Intelligence.

Continue reading Legacy Systems: Seven Things to Know When Sunsetting→

Shellshock In-Depth: Why This Old Vulnerability Won’t Go Away

Posted on August 6, 2020 by Mark Stone

Shellshock is a bug in the Bash command-line interface shell that has existed for 30 years and was discovered as a significant threat in 2014. Today, Shellshock still remains a threat to enterprise. The threat is certainly less risky than in the year of discovery. However, in a year in which security priorities have […]

The post Shellshock In-Depth: Why This Old Vulnerability Won’t Go Away appeared first on Security Intelligence.

Continue reading Shellshock In-Depth: Why This Old Vulnerability Won’t Go Away→

Video Conferencing Security Tips You May Have Overlooked

Posted on July 8, 2020 by David Bisson

Video conferencing applications grew substantially following the outbreak of the coronavirus (COVID-19) global pandemic. According to Research and Markets article “Video Conferencing Demand Rises due to Social-Distancing,” video conferencing software experienced 62 million downloads in March 2020. This increase in use resulted from businesses adopting video conferencing platforms as a means to facilitate their transition […]

The post Video Conferencing Security Tips You May Have Overlooked appeared first on Security Intelligence.

Continue reading Video Conferencing Security Tips You May Have Overlooked→

Vulnerable Powerline Extenders Underline Lax IoT Security

Posted on June 25, 2020 by Avishay Bartik

Multiple vulnerabilities have been found in Tenda PA6 Wi-Fi Powerline extender, version 1.0.1.21. This device is part of Tenda’s PH5 Powerline Extender Kit and extends the wireless network through home’s existing electrical circuitry. The kit, in collaboration with X-Force Red, IBM Security’s team of hackers, aligns with the HomePlug AV2 technology and provides wired speeds […]

The post Vulnerable Powerline Extenders Underline Lax IoT Security appeared first on Security Intelligence.

Continue reading Vulnerable Powerline Extenders Underline Lax IoT Security→