Joomla flaws - unpatched websites may already be infected
Which vulnerability do you fix first, the one that's quickest to fix or the one that can cause the most damage? Targetting the most prevelant vulnerabilities may not always be the best option.
Critical bug in patch means OPenSSL security fix needs fixing.
As yet another well-known consumer brand falls victim to 'old version syndrome' and serves up malware to its customers; we ask, why lessons aren't being learned?
Apple patches critical vulnerabilities in iOS and OS X that could allow remote code execution.
CVE-2012-0158 allocated in 2011, patched in 2012, still being actively exploited in 2016: the question is why?
Old malware is the zombie apocalypse of the cyber -ecurity world. So why is that and why can't we fix it?
The latest In Case You Missed It (ICYMI) looks at Malware targeting malware; Was airport attacked?; Ransomware, malvertising & phishing; Quicktime unfixed; Short urls a risk
Endpoint security continues to be one of the weakest areas for organisations around the world and a key factor behind a large amount of data breaches.
Node.js admits to two critical security flaws but delays patching
When a high percentage of users have unpatched systems and unpatched programs, as found in a recent Secunia report, can you protect them from themselves?
Nearly 88 percent of Android devices have been exposed to at least one critical vulnerability, according to research from the University of Cambridge.
ICYMI: Big data leaking; Salesforce vulnerability; suppressed car hack; sound authentication and critical IE fixAugust 21, 2015
In this week's In Case You Missed It (ICYMI): Big data leaking; Salesforce vulnerability patched; suppressed car hack; ambient sound authentication and critical IE fix.
Patching can be a significant pain for organisations. Similar to eating our vegetables, it's something we know we should do but is still hard to swallow for various reasons, says Rob Juncker.
The apple CORED/XARA vulnerability remains unpatched but appears unexploited in the wild.
For all the talk of cyber-warfare and black-hat hackers, most information security experts still get the basics wrong, said speakers at today's 44CON conference in London.
Ford's announcement of software updates to its cars via WiFi highlights security concerns about Smart Car software.
The response of Microsoft and cloud companies to the Freak vulnerability has been far too slow say commentators.
CISOs are increasingly taking on greater management responsibilities - but are they as a result being divorced from their firm's true security maturity and the tools needed to avoid being breached?
Google today ended support for patching the WebView tool that is used on Android 4.3 Jelly Bean and earlier versions of the operating system.
Microsoft says outdated software can be almost as insecure as having no protection at all.
The future of computing infrastructure, mobile applications, and personal data protection has been altered by Heartbleed says Joram Borenstein.
Some eight months after discovery and paying a bug bounty of US100,000, Microsoft Windows remains vulnerable to the weakness found by James Forshaw.
Microsoft's upcoming Patch Tuesday will address remote code execution vulnerabilities, elevation of privileges, a security feature bypass and a denial-of-service issue across various platforms.
The cycle of updating software at the end of life has, itself, reached its end of life with managed services the way ahead says Kevin Linsell
Half of all servers affected by the global Heartbleed flaw remain unpatched - and it could be months before vulnerable systems are fixed, if ever.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry