Security News > 2017 > September

Easily exploitable Apache Struts vulnerability opens businesses to attack (Help Net Security)
2017-09-06 17:11

A critical vulnerability in Apache Struts, a popular open source framework for developing web applications, opens any server running an app built using it to remote attackers. It can be exploited...

Targeted Attacks Leverage PowerPoint File for Malware Delivery (Security Week)
2017-09-06 17:03

Threat actors are leveraging malicious PowerPoint files and a recently patched Microsoft Office vulnerability to target UN agencies, Foreign Ministries, International Organizations, and those...

Russia Jails Two Members of Notorious Hacker Group (Security Week)
2017-09-06 16:39

A Russian court on Wednesday sentenced two members of an infamous hacking group to three years in jail for breaking into the accounts of high-ranking Russian officials. read more

Injection Attacks Common in Energy and Utilities Sector: IBM (Security Week)
2017-09-06 16:09

The energy and utilities sector has seen an increasing number of cybersecurity incidents and attacks, according to a new IBM X-Force report published on Wednesday. read more

European court says workplace surveillance must not violate workers’ privacy (Help Net Security)
2017-09-06 16:04

European companies must strike a fair balance between workplace surveillance and their employees’ right to privacy, the European Court of Human Rights (ECHR) has ruled. Delivery of the decision...

Autodesk A360 Drive Used to Spread Malware (Security Week)
2017-09-06 15:03

Cloud-based online storage service Autodesk A360 Drive has been recently abused as a malware delivery platform, according to Trend Micro. read more

A Cybersecurity Leader on Filling Jobs Now (InfoRiskToday)
2017-09-06 15:03

Cory Mazzola, a cybersecurity leader at Las Vegas Sands Corp., says recruiting security pros amid a talent shortage requires putting aside expectations about degrees and backgrounds. Instead, he...

Hacking virtual and augmented reality: Short-term FUD, long-term danger (Help Net Security)
2017-09-06 14:30

I believe virtual reality (VR) and augmented reality (AR) are on the cusp of mass success, and will dramatically change the way we use technology. However, with new technology comes new attack...

Lenovo, FTC to Settle Superfish Adware Complaint (InfoRiskToday)
2017-09-06 14:03

Superfish Used a Self-Signed Root Certificate to Inspect All TrafficLenovo will pay $3.5 million to the U.S. Federal Trade Commission and 32 states to settle a case brought against it over...

SEC Chairman Seeks More Cyber Risk Disclosure (InfoRiskToday)
2017-09-06 13:32

Wall Street Regulator Eyes Cyber Shortfalls, Plus Initial Coin OfferingsThe head of the U.S. Securities and Exchange Commission says publicly traded businesses must better describe their...