Security News

Accenture Acquires Critical Infrastructure Protection Firm Revolutionary Security
2020-04-08 19:33

Consulting giant Accenture announced this week that it has acquired critical infrastructure protection firm Revolutionary Security for an undisclosed sum. A privately held startup, Philadelphia-based Revolutionary Security provides security solutions for both information technology and operational technology environments.

Google Patches Critical RCE Vulnerabilities in Android's System Component
2020-04-07 13:00

Google this week released the April 2020 set of security patches for the Android operating system to address over 50 vulnerabilities, including four critical issues in the System component. "The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process," Google notes in an advisory.

Qualys VMDR: Discover, prioritize, and patch critical vulnerabilities in real time
2020-04-07 04:00

VMDR continuously assesses these assets for the latest vulnerabilities and applies the latest threat intel analysis to prioritize actively exploitable vulnerabilities. The reason is, if you look at the statistics over the last 10 years, you would see that the total number of vulnerabilities which get discovered in a year, maybe let's say 15,000 to 16,000 of vulnerabilities that are getting discovered, out of those vulnerabilities, only a handful, like 1000 vulnerabilities get exploited.

These are the countries trying to hack US critical infrastructure
2020-04-06 14:45

Robert Lee, founder & CEO of Dragos, Inc., speaks with Dan Patterson about which countries pose a threat to US industrial infrastructures.

Why critical infrastructure is vulnerable to cyberattacks
2020-04-06 14:41

Robert Lee, founder and CEO of Dragos, discusses the dangers cyberattacks pose to critical industrial infrastructures. Dan Patterson: What do we mean when we talk about this abstract idea of infrastructure and connected infrastructure?

Why critical infrastructure is vulnerable to cyberattacks
2020-04-06 14:39

Robert Lee, founder and CEO of Dragos, discusses the dangers cyberattacks pose to critical industrial infrastructures.

These are the countries trying to hack US critical infrastructure
2020-04-06 14:00

Dan Patterson speaks with cybersecurity expert Robert Lee about how Russia, Iran, China, and North Korea pose a threat to US industrial infrastructures. Robert Lee: The [countries] we've seen over the years would be Russia, Iran, China, North Korea-the normal players.

Two critical Firefox vulnerabilities exploited by attackers, patch now!
2020-04-06 10:09

Mozilla has released critical security updates for Firefox and Firefox ESR on Friday, patching two vulnerabilities that are being actively exploited by attackers. Update ASAP. Home users and enterprise admins are advised to implement the provided updates as soon as possible.

Critical WordPress Plugin Bug Can Lock Admins Out of Websites
2020-04-01 18:03

A pair of security vulnerabilities in the WordPress search engine optimization plugin, known as Rank Math, could allow remote cybercriminals to elevate privileges and install malicious redirects onto a target site, according to researchers. The Rank Math plugin also comes with an optional module that can be used to create redirects on a site.

Critical Flaw in SEO Plugin Exposed Many WordPress Sites to Attacks
2020-04-01 12:05

A critical vulnerability in the Rank Math SEO plugin for WordPress could allow attackers to lock administrators out of their own websites, WordPress security company Defiant reports. Meant to help site owners get access to search engine optimization tools that would improve their SEO and attract more traffic, the plugin has over 200,000 installations.