Blogs - Content posted in November 2019

ABTV

Application

Cloud

Endpoint

Blogs

Content posted in November 2019

View Content by Month

recent | most commented | bloggers

The Top 25 Most Dangerous Software Errors
Larry Loeb 11/29/2019 1 comment
'Improper Restriction of Operations within the Bounds of a Memory Buffer' tops this year's list.

Solr Search Tool Can Allow Remote Code Execution (RCE) by Default
Larry Loeb 11/28/2019 1 comment
A security vulnerability affecting the Linux enterprise search tool Apache Solr has been reclassified by Tenable as 'high severity status.'

False Training Information Can Dupe Machine Learning Models
Larry Loeb 11/27/2019 1 comment
Researchers from Boston University have shown how really small amounts of disinformation can taint the learning process used by many AI programs.

Dangerous 'RIPlace' Exploit Able to Bypass AV & EDR Protections
Larry Loeb 11/26/2019 4 comments
Researchers discover way that ransomware can bypass the protections which operating system vendors have built into their products.

DePriMon: A New & Unique Way to Download Malware
Larry Loeb 11/25/2019 1 comment
ESET calls it 'a powerful, flexible and persistent tool.'

Artisans & Commercials Gang Up on Third Parties
Larry Loeb 11/22/2019 1 comment
Cybersecurity and intelligence firm AdvIntel has reported about a trend it has seen happening in the ransomware arena.

Phoenix Keylogger Rises & Steals Information
Larry Loeb 11/21/2019 1 comment
Keylogger first emerged in July 2019, and is packed with myriad information-stealing features.

MSFT Jumps on DoH
Larry Loeb 11/20/2019 3 comments
Microsoft has announced that an upcoming version of Windows 10 will have support for DNS over HTTPS.

Security & the Internet of Things: What You Need to Know
Steve Durbin 11/19/2019 2 comments
The Internet of Things (IoT) has burst into the connected world and promises much: from enabling the digital organization, to making domestic life richer and easier. However, with those promises come inevitable risks: the rush to adoption has highlighted serious deficiencies in both the security design of IoT devices and their implementation.

Iran Rustles Up Its Own VPN to Hide Itself
Larry Loeb 11/18/2019 1 comment
Trend Micro has found recent traces of APT33 operations, with about a dozen Command and Control servers being used for extremely narrow targeting.

Problems With EU Payment Security Persist
Oliver Schonschek 11/14/2019 2 comments
Proposed new security procedures within the EU have troubled some payment service providers, leading to the postponement of their implementation.

Keeping It Real Can Pay Off for Old-School Attacks
Larry Loeb 11/14/2019 2 comments
Even a previously known attack can fool the security team if it is well crafted.

How PureLocker Ransomware Bypasses AV Checks
Larry Loeb 11/13/2019 1 comment
Intezer and IBM X-Force have found a new ransomware targeted at production servers. And it's sneaky...

TCP DDoS Reflection Attacks on the Rise
Larry Loeb 11/12/2019 1 comment
Radware report picks up on a change in attacker strategy.

'Quantum Dawn' Raid as Financial Industry Simulates Global Ransomware Attack
Larry Loeb 11/8/2019 Post a comment
Financial institutions in Asia, the US and the UK are put through their paces.

Study Finds Customer Data to Be Most at Risk From Insiders
Larry Loeb 11/6/2019 1 comment
Companies say that they are somewhat more worried about inadvertent insider breaches and negligent data breaches than they are about malicious intent by bad actors.

Complex Q3 DDoS Can Have 11 Attack Vectors
Larry Loeb 11/5/2019 1 comment
Link 11 has issued a summary of what they have found out about characteristics of DDoS attacks that occurred in Q3 2019.

Building Your Secure Cloud-Ready Branch
Nirav Shah 11/5/2019 1 comment
Many organizations are developing a cloud-ready branch strategy that relies on SD-WAN to enable direct Internet access for fast cloud access and improved cloud application performance.

75% of Enterprises Will Adopt a Zero Trust Solution Within a Year – Zscaler
Larry Loeb 11/5/2019 1 comment
Zero Trust Network Access (ZTNA) services are built to ensure that only authorized users can access specific applications on a network based on business policies.

View Content by Month

Latest Articles

Cisco: Privacy Efforts Pay Off Directly

6 comments

Cisco's research has proven that beyond meeting compliance requirements, good privacy is good for business and individuals.

All Your Intel L1 Cache Belongs to CacheOut

14 comments

Once again, a novel 'speculative execution side-channel' attack has been discovered by researchers.

RDG Gets Fooled by UDP

7 comments

Security researchers have found that the implementation in Remote Desktop Gateway of string segmentation lays it open to memory corruption vulnerabilities.

Ransomware Costs More in Q4

4 comments

In Q4 of 2019, the average ransom payment increased by 104% to $84,116, finds Coveware report.

GE Medical Instrumentation on the Critical List

6 comments

DHS-CISA has issued a security advisory about GE Carescape medical instrumentation that enumerates many vulnerabilities present in them.

More Blogs

Information Resources

•

Special Report: SD-Wan Security

•

Zero Trust: Organizations can begin to trust users, devices and transactions starting with a high level of IAM services and support

•

How to Unite Your Active Directories: Mergers, Acquisitions and Divestitures

•

Deliver a True Omni-Channel Experience

•

The Smart Way to Simplify PCI Compliance

•

Versa SD-WAN – Simple, Secure and Reliable Branch to Multi-Cloud Connectivity

•

Fortifying Your Branch Security

•

The Essential Guide to Understanding Risk and Quantification

•

7 Experts on Threat and Vulnerability Management

•

A CISO’S Guide to Hybrid Cloud Security

All resources

upcoming Webinars

ARCHIVED

Top Tips for Blocking pwned [email protected]$$wOrds in Your Organization

Tuesday, October 29, 2019
12 p.m. New York/ 4:00 p.m. London

More Webinars Webinar Archives

Podcasts

Podcast: Infrastructure Hunting – Stopping Bad Actors in Their Tracks
Being able to effectively build a threat intelligence ecosystem or threat-hunting identification response requires both user and systems sophistication and capabilities. Security, orchestration, automation and response (SOAR) is a new technology designed to provide organizations a single comprehensive platform they can use to implement an intelligence driven security strategy.

Podcast: Digital Transformation, SD-WAN & Optimal Security
Dan Reis chats to Cybera's Josh Flynn about how to achieve digital transformation without sacrificing security.

Podcast archive

Analysts Corner

Ovum Resources

•

Ovum 2018 Trends to Watch: IT & Cybersecurity

•

Ovum IoT Security: Technology Strategies & Vendor Profiles

•

Ovum 2018 Trends to Watch: Managed Security Services

•

Ovum's Mini-Guide to GDPR

Analysts Corner archive

Flash Poll

All polls

Video

In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...

CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...

You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...

Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...

Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...

All Videos