Security News > 2020

Splunk, provider of the Data-to-Everything Platform, announced it has appointed Kristen Robinson as the company's first Chief People Officer. Robinson, who will play a critical role in accelerating Splunk's continued transformation journey, has more than 25 years of experience pioneering people strategies at high growth companies and building diverse and inclusive organizations.

Onapsis, the leader in business application protection, announced the appointment of Dave DeWalt as Vice Chairman to its board of directors. The Onapsis Research Labs continues to showcase commitment to business-critical application vulnerability research, having discovered and helped mitigate more than 800 zero-day vulnerabilities in SAP and Oracle applications since the company was founded in 2009.

A point-of-sale system vendor that serves U.S. medical and recreational cannabis dispensaries left an unprotected database containing sensitive information about three clients and 30,000 of their customers exposed to the internet, researchers say. "Our team identified an unsecured Amazon S3 bucket owned by THSuite that exposed sensitive data from multiple marijuana dispensaries around the U.S. and their customers," the research report states.

The speed and complexity of software development is rapidly increasing. Development teams have little to no time to ensure these applications are secure, even while the biggest and most severe data breaches that have affected both the public and private sectors all operate at the application layer.

Learn how to secure Firefox tabs from mischief with the Don't Touch My Tabs add-on. How to install the Don't Touch My Tabs add-on in Firefox.

Mike O'Malley: What enterprises and service providers are coming to understand is that 5G is going to be a huge increase in capability, both in speed and lower latency. Think about it in terms of going down the highway, where today I'm going down the highway at 60 miles an hour, and with 5G I'm going to be able to go down the highway at 600 miles an hour.

TechRepublic's Karen Roby talks with Radware exec Mike O'Malley about the growing security risks that accompany 5G for providers, smart cities, and the enterprise

A critical vulnerability in the Cisco Firepower Management Center could allow a remote attacker to bypass authentication and execute arbitrary actions on affected devices as administrator. The issue, Cisco explains, emerges from the improper handling of Lightweight Directory Access Protocol authentication responses from an external server.

A collection of six cybersecurity vulnerabilities in a range of GE Healthcare devices for hospitals has been discovered. Dubbed "MDhex" by the researchers at CyberMDX who discovered them, the bugs would allow attackers to disable the devices, harvest personal health information, change alarm settings and alter device functionality.

The U.S. Treasury Department is proposing to collect more information from banks and financial markets about the cybersecurity risks they face, according to notices posted in the Federal Register. In a notice published in the Federal Register on Wednesday, the Office of Cybersecurity and Critical Infrastructure Protection, which is a part of the Treasury Department and has responsibility for protecting the country's financial infrastructure from attacks, proposes to collect more information from the private sector to understand the potential cyber risks to U.S. financial services.