The incidents affected millions, just as Black Friday, Cyber Monday and the holiday shopping season kicked off.
Original release date: November 26, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information. The vulnerabilities …
Read More »
From Ford data security speculation to the VisionDirect data breach, the Threatpost editors talk about this week’s biggest stories.
New research on an old problem reveals despite efforts, the InfoSec professionals still have a way to go when it comes to securing printers.
Ahead of the holiday shopping bonanza, the security community is talking to consumers about IoT security.
How can businesses create an effective cyber defense strategy? It starts with defining success, an expert tells us.
Adobe issues patch for a Flash Player vulnerability that could lead to an arbitrary code execution on targeted systems.
A glitch in the UX in Gmail allows the “from” field to be forged so there is no sender listed in the email’s header.
Original release date: November 19, 2018 On November 16, 2018, the President signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018. This Act elevates the mission of the former Department of Homeland Security (DHS) National Protection and Programs Directorate (NPPD) and establishes the Cybersecurity and Infrastructure Security Agency (CISA). CISA is responsible for protecting the Nation’s critical infrastructure from physical and cyber threats, a mission that requires effective coordination and collaboration among a broad spectrum of government …
Read More »
Hackers took advantage of an unpatched Drupal vulnerability in the organization’s website to launch a cryptojacking attack.