Security News > 2020 > October

Now according to the latest research, two security flaws in Microsoft's Azure App Services could have enabled a bad actor to carry out server-side request forgery attacks or execute arbitrary code and take over the administration server. Azure App Service is a cloud computing-based platform that's used as a hosting web service for building web apps and mobile backends.

While there has been a year-over-year decrease in publicly disclosed data breaches, an Arctic Wolf report reveals that the number of corporate credentials with plaintext passwords on the dark web has increased by 429 percent since March. For a typical organization, this means there are now, on average, 17 sets of corporate credentials available on the dark web that could be used by hackers.

The author starts off by explaining vulnerability management basics, the importance of knowing your network and the process of collecting and analyzing data. He explains the importance of a vulnerability scanner and why it is essential to configure and deploy it correctly, since it gives valuable infromation to successfully complete a vulnerabilty management process.

With many companies struggling to retain qualified CISOs or security managers, the lack of long-term security thinking is severely impacting sustained compliance within the Payment Card Industry Data Security Standard. Additional findings shine a spotlight on security testing where only 51.9 percent of organizations successfully test security systems and processes as well as unmonitored system access and where approximately two-thirds of all businesses track and monitor access to business critical systems adequately.

56% of IT and OT security professionals at industrial enterprises have seen an increase in cybersecurity threats since the start of the COVID-19 pandemic in March, a Claroty research reveals. Cybersecurity still not a priority, regardless of the pandemic 32% said their organization's OT environment is not properly safeguarded from potential threats.

The current distributed remote work environment has also triggered a new threat landscape, with malicious actors increasingly targeting mobile devices with phishing attacks. Mobile Molly Works constantly on the go using a range of mobile devices, such as tablets and phones, and often relies on public WiFi networks for work.

Now’s your time to become recognized as a globally respected cloud expert and catapult your career with the (ISC)² Certified Cloud Security Certification (CCSP). To help you confidently prepare...

Eero introduced eero for Service Providers-an all-new premium hardware and software offering designed specifically to help internet service providers meet customers' increasing demands for exceptional home WiFi. Beginning this November, eero for Service Providers will bring together real-time, actionable insights, advanced security measures and whole-home mesh WiFi systems to help ISPs offer fast, reliable WiFi and create new opportunities to improve the customer experience.

Datadog announced Deployment Tracking, a new feature for Datadog APM. This feature enables engineering teams to identify when new code deployments are the root cause of performance issues. To prevent such risky visibility gaps, Datadog Deployment Tracking visualizes key performance metrics such as requests per second and error rate, identifying new error types for specific endpoints during every code deployment.

Red Hat announced the introduction of its enterprise customer advocacy program, Red Hat Accelerators. Red Hat Accelerators offers peer-to-peer networking with like-minded Red Hat practitioners to foster deeper learning and broaden exposure to various products, technologies, use cases and issues along with group discussions on features and functions.