Security News > 2021 > August

Email routing protocols were designed in a time when cryptographic technology was at a nascent stage, and therefore security was not an important consideration. As a result, in most email systems encryption is still opportunistic, which implies that if the opposite connection does not support TLS, it gets rolled back to an unencrypted one delivering messages in plaintext.

Despite a marked increase in concerns around malware attacks and third-party risk, only 8% of organizations with web applications for file uploads have fully implemented the best practices for file upload security, a report from OPSWAT reveals. Most concerning, one-third of organizations with a web application for file uploads do not scan all file uploads to detect malicious files and a majority do not sanitize file uploads with CDR to prevent unknown malware and zero-day attacks.

CyberRes published a report which provides insights into how enterprises are utilizing security operations to modernize their business, secure the digital value chain and systematically address modern threats to achieve greater enterprise resiliency. The survey behind the report specifically references the experiences of over 500 security operations managers, executives, and decision makers from around the world, and aims to provide implications and real insights to CISOs, CIOs, and other IT leaders to better secure their enterprises.

72% of consumers said they would be uncomfortable purchasing insurance without speaking to a human being, and 64% would be uncomfortable filing claims on a website or app without human interaction. The survey also found that consumers value privacy more than potential savings.

The serverless security market size to grow from $1.4 billion in 2021 to $5.1 billion by 2026, at a CAGR of 29.9% during the forecast period, according to MarketsandMarkets. AWS, Microsoft Azure, Google Cloud Platform with multiple offerings, and IBM are the major providers of FaaS. In security type, network security to grow at the highest CAGR. Network security is the technique of securing networks from advanced threats on the serverless architecture.

Your executives don't care about security - they care about risk! Join to hear the latest research from a guest speaker, Sandy Carielli, Principal Forrester Analyst, on the role of the security team in building secure products. This will be followed by a roundtable discussion about how to build a risk-based application security program.

Apple has announced a new free-of-charge service program for iPhone 12 and iPhone 12 Pro devices experiencing sound issues caused by a receiver module component. "Apple has determined that a very small percentage of iPhone 12 and iPhone 12 Pro devices may experience sound issues due to a component that might fail on the receiver module," the company said in a new support document.

Realtek SDK vulnerability exploitation attempts detectedThreat actors are attempting to exploit CVE-2021-35395, a group of vulnerabilities in the web interface of the Realtek SDK, to spread Mirai malware to vulnerable IoT devices. ProxyShell vulnerabilities actively exploited to deliver web shells and ransomwareThree so-called "ProxyShell" vulnerabilities are being actively exploited by various attackers to compromise Microsoft Exchange servers around the world, the Cybersecurity and Infrastructure Security Agency warned.

Cybersecurity professionals are digital warriors who use their knowledge and skill to battle malicious hackers. According to ZipRecruiter, the average salary of a cybersecurity professional is just over $100,000 a year.

Windows 10 comes with built-in personalization settings to help you customize the desktop and it provides plenty of options by default. Unlike Windows Search, Fluent Search offers accurate results and it lets you jump easily between running apps and browser tabs.