Security News

Researcher Finds Vulnerabilities in Products of 10 Cybersecurity Vendors
2020-10-07 11:55

A researcher at privileged access management solutions provider CyberArk has discovered vulnerabilities in the products of 10 cybersecurity vendors. The research focused on vulnerabilities that can allow an attacker or a piece of malware to escalate privileges using symlink attacks or DLL hijacking.

ICS Vendors Release Advisories for CodeMeter Vulnerabilities
2020-09-11 16:25

Several major industrial control system vendors have released security advisories in response to the recently disclosed vulnerabilities affecting the CodeMeter licensing and DRM solution made by Germany-based Wibu-Systems. The company's researchers showed how an attacker can launch attacks by setting up a malicious website and luring targeted users to it, or by creating their own CodeMeter API and client and sending commands to devices running CodeMeter.

The Integration Imperative for Security Vendors
2020-08-06 15:59

Most organizations have a complex security infrastructure that consists of multiple products from multiple vendors to create layers of defense, including firewalls, IPS/IDS, routers, web and email security, and endpoint detection and response solutions. In the past couple of years, we've seen a movement towards Security Orchestration, Automation and Response platforms and tools.

Deep Packet Inspection challenges for telecom and security vendors
2020-07-23 03:00

The goal of the survey is to better understand how DPI, a technology that identifies and details network traffic, is used by telecommunications and cybersecurity solution vendors today, and what they need from DPI in the future. They show that telecom and security vendors and their customers are facing rapid changes as the cloud transformation, 5G networking, work from home practices, and the IoT have a profound effect on network users, devices, and services.

Phishing: Email fraudsters are impersonating colleagues, customers, and vendors, report says
2020-07-17 16:30

The latest form of business email phishing attacks involve impersonating familiar senders, a GreatHorn report found. GreatHorn also acknowledged this uptick the report noted that this view isn't fully adequate in understanding how phishing email attacks are evolving, and how security teams are responding to those threats.

Finding the Right Threat Intelligence Vendors
2020-07-13 11:02

In May 2019, Flashpoint CEO Josh Lefkowitz shared in SecurityWeek tips for evaluating threat intelligence vendors that cover the deep and dark web. I wanted to look at the entire threat intelligence space and provide some thoughts on how to evaluate the best vendors for you.

What do CISOs want from cybersecurity vendors right now?
2020-04-09 05:00

As COVID-19 spreads across the globe, what challenges are CISOs and other cybersecurity executives dealing with and what things they don't want to be dealing with at the moment? Finally, as the economy takes a hit due to COVID-19 and the widespread "Shelter in place" directives, cybersecurity executives can expect some of the previously allocated cybersecurity budget to be cut and the funds redirected towards measures that will keep the organization afloat.

Senator Urges Vendors to Secure Networking Devices Amid COVID-19 Outbreak
2020-03-27 15:58

U.S. Sen. Mark R. Warner this week sent letters to six Internet networking device vendors urging them to ensure that their products remain secure during the COVID-19 social distancing efforts. The coronavirus pandemic has forced many to isolate themselves at home to help stop the virus spread, which resulted in a significant increase in the use of Internet networking devices for remote work, health, and education purposes.

54% of healthcare vendors have experienced a data breach of protected health information
2020-03-06 05:00

More than half of all healthcare vendors have experienced a data breach that exposed protected health information, and it's a costly problem that points to broken third-party risk assessment processes, according to data released by the Ponemon Institute and Censinet. The report shows that 54 percent of healthcare vendors have experienced at least one data breach of protected health information belonging to patients of the healthcare providers they serve.

Most AV vendors will continue to support their products under Windows 7
2020-01-29 10:45

They can still upgrade from Windows 7 to Windows 10 for free, but those who continue to use Windows 7 now that support has ended are simply more vulnerable to security risks. In addition to that, the good news is that some browser and many AV manufacturers will continue to offer Windows 7 support.