It’s Time for an Automotive Cybersecurity Wake-Up Call

The car of today — and especially tomorrow — relies on countless lines of software code to get those wheels moving, a reality that has placed increasing importance on automotive cybersecurity.

The post It’s Time for an Automotive Cybersecurity Wake-Up Call appeared first on Security Intelligence.

Continue reading It’s Time for an Automotive Cybersecurity Wake-Up Call

Congress Wants Written Answers from Apple on FaceTime Privacy Glitch

Apple is not getting off so easily with the FaceTime privacy violation incident. Two members of the US Congress are “deeply troubled” that the company didn’t immediately address the software glitch end demand further explanations for … Continue reading Congress Wants Written Answers from Apple on FaceTime Privacy Glitch

Machine Learning Will Transform How We Detect Software Vulnerabilities

When used as part of the software development process, machine learning can help identify vulnerabilities before threat actors have a chance to exploit them.

The post Machine Learning Will Transform How We Detect Software Vulnerabilities appeared first on Security Intelligence.

Continue reading Machine Learning Will Transform How We Detect Software Vulnerabilities

Think Your Network Is Safe? If You Don’t Have Visibility Into Hardware Vulnerabilities, Think Again

Even organizations that rigorously patch software flaws are exposed to a growing range of cyberthreats if they lack visibility into hardware vulnerabilities.

The post Think Your Network Is Safe? If You Don’t Have Visibility Into Hardware Vulnerabilities, Think Again appeared first on Security Intelligence.

Continue reading Think Your Network Is Safe? If You Don’t Have Visibility Into Hardware Vulnerabilities, Think Again

Major Application Security Oversights You Can’t Afford

Many IT teams have developed a habit of treating application security as an afterthought. As a result, it might be their greatest vulnerability.

The post Major Application Security Oversights You Can’t Afford appeared first on Security Intelligence.

Continue reading Major Application Security Oversights You Can’t Afford

Four Steps to Close the Window on Critical Vulnerabilities

Critical vulnerabilities often remain unaddressed when an organization is unwilling to allocate resources to routinely update applications. Take steps now to secure your network against exploitation.

The post Four Steps to Close the Window on Critical Vulnerabilities appeared first on Security Intelligence.

Continue reading Four Steps to Close the Window on Critical Vulnerabilities

Cisco fixes critical ‘DNA’ software flaws

IT giant Cisco this week released patches for three critical vulnerabilities in its enterprise networking software, two of which could allow an attacker to bypass authentication measures and access data deep into the network. The affected software, known as the Digital Network Architecture (DNA) Center, serves as a hub for configuring devices across an IT network, allowing administrators to track networking flaws. Each of the vulnerabilities is fixed in more recent versions of the software. One of the vulnerabilities stems from an insecure configuration of a DNA Center management system, Cisco said in an advisory. An attacker with the ability to access the management system’s service port “could execute commands with elevated privileges within provisioned containers,” the company said, potentially resulting in the complete compromise of a container. The San Jose, California-based company said it found two of the three software bugs in internal testing (the third was discovered in […]

The post Cisco fixes critical ‘DNA’ software flaws appeared first on Cyberscoop.

Continue reading Cisco fixes critical ‘DNA’ software flaws

A software vulnerability could have been used to siphon over $15 million from Mexican banks

Over $15 million was stolen from Mexican banks this month by thieves who created fake money orders and phony accounts to withdraw funds from dozens of branches, according to media reports.  The criminals sent hundreds of fake money orders to move hundreds of thousands of pesos between at least five of Mexico’s biggest banks, whereafter accomplices quickly withdrew cash, Reuters reports.  A vulnerability in software that was used to connect payment systems between the banks is thought to have been exploited by the thieves, allowing them to create the fake orders, Lorenza Martinez, head of operations for Mexico’s central bank told Reuters.  Though initial estimates said that 300 million pesos ($15.2 million) had been stolen, other estimates have the amount closer to 400 million pesos ($20.3 million).  “There’s no evidence that would allow us to say with certainty that this is over,” said Mexico’s central bank Governor Alejandro Diaz de […]

The post A software vulnerability could have been used to siphon over $15 million from Mexican banks appeared first on Cyberscoop.

Continue reading A software vulnerability could have been used to siphon over $15 million from Mexican banks

US Homeland Security systems run on outdated, unpatched software, audit finds

The US Department of Homeland Security is pretty bad at digitally protecting national security interests, says an audit report released on March 7 by the agency’s watchdog, the Office of Inspector General (OIG). According to the findings, the age… Continue reading US Homeland Security systems run on outdated, unpatched software, audit finds