Risk decisions are the foundation of information security. Sadly, they are also one of the most often misunderstood parts of information security. This is bad enough on its own but can sink any effort at education as an organization moves towards a DevOps philosophy. To properly evaluate the risk of an event, two components are…
Read More[Lightly edited transcript of the video above] Hi there, Mark Nunnikhoven from Trend Micro Research, I want to talk to you about the concept of lateral movement. And the reason why I want to tackle this today is because I’ve had some conversations in the last few days that have really kind of hit that…
Read More
Security vulnerabilities are popping up all the time, and can put any business that uses technological assets at risk. In a nutshell, vulnerabilities represent the ideal opportunity for malicious actors to break into systems and wreak all types of havoc. From data theft to information compromise and beyond, vulnerabilities are a particularly pertinent issue for…
Read More
This week a new vulnerability was published (CVE-2019-5736) that highlights everything bad and good about containers. Simply put, this vulnerability can be exploited using an infected container to attack the host. It’s a real world example of a breakout attack that has long been a major concern in virtualized and container environment. Here, the attack…
Read More
Cyberattacks happen constantly. Every day organizations are attackers online whether they realize it or not. Most of these attacks are passing affairs. The mere fact that systems are on to the internet makes them a target of opportunity. For the most part, these attacks are non-events. Security software, bugs in attack code, and updated applications…
Read More
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the span of categories for Trend Micro’s 2019 Security Predictions. Also, learn about a new exploit kit that targets home or small office routers which attacks…
Read More
One of the best ways for organizations to shore up their data security efforts and work toward more proactive protection is by examining trends within the threat environment. Taking a look at the strategies for attack, infiltration and infection currently being utilized by hackers can point toward the types of security issues that will continue…
Read More
In May of 1998, President Clinton issued Presidential Decision Directive 63: Protecting America’s Critical Infrastructures. This Directive proposed steps to enact the recommendations of the President’s Commission on Critical Infrastructure Protection, published in October 1997. Twenty years on, how are things going? The US Federal government has identified critical infrastructure sectors and associated each with…
Read More
Drupal is the latest platform to issue an emergency patch for a critical vulnerability. The issue (CVE-2018-7600) allows an attacker to execute code remotely with little effort. That’s bad. The Drupal team has been quick to respond and has already issued a patch and a mitigation for users unable to immediately patch. In addition to…
Read More
Adobe Flash Player is a free software plug-in used by web browsers to view multimedia, execute rich Internet applications, and stream video on your Mac. Adobe Flash Player is the most popular multimedia player plug-in available. However, recently there have been security concerns which has threatened its popularity as users seek safer alternative solutions. Opera,…
Read More
