vulnerability
Shallow Defense In Depth
Are More Security Controls Really Making You More Secure? The average enterprise uses 75 security products just to secure their network. Organizations mistakenly believe that layered security controls help them achieve a defense-in-depth strategy that will keep their systems safe. They think that when an attack breaches one control, another one will certainly fend off […]
Windows 10’s Controlled Folder Access Won’t Protect Your Data
What is Controlled Folder Access? With the release of Windows 10 Fall Creators Update, Microsoft added a new feature called Controlled Folder Access (CFA) to Windows Defender Exploit Guard. This features allows users to control which processes can access certain folders to help protect data from malicious programs, such as ransomware or wipers. CFA is […]
Case study: CloudPassage enables security for the Centrify DevOps team with vulnerability assessment and reporting, along with compliance reporting
This post was originally published here by casey pechan. We love our customers, especially when they make for the perfect case study! This was particularly true for Centrify, an Identity-as-a Service (IDaaS), enterprise mobility management and privileged access management solution that serves over 5,000 organizations worldwide. Being a security organization themselves, Centrify needed continuous visibility into […]
DHS hacks into Trumps Airplane triggering a Cyber Threat alert!
All these days we witnessed hackers cyber attacking IT assets of small and big companies. But can anyone imagine cyber crooks hacking an airliner and taking the cockpit controls into their hands? And what if the jet airliner belongs to the 45th American President Donald Trump? Yes, you’ve read it right! The Department of Homeland […]
Twilio app vulnerability exposes data from over 180 million Smart Phone Users
All those who are using Twilio app are hereby alerted about a security error which has could have exposed data of more than 180 million smartphone users. Daily Mail reports that all calls and text messages of those using the Twilio app are now being intercepted by hackers who could post them on the dark […]
FDA to recall 745,000 pacemakers vulnerable to Cyber Attack
The Food and Drug Administration (FDA) of United States has issued an alert this week for a voluntary recall of approximately 745,000 pacemakers made by St Jude Medical, now owned by US Manufacturer Abbott. And as per the data available with the FDA, more than 465,000 of the pacemakers are implanted in US patients and […]
Foscam USA issues a cyber security alert to all its users
Chinese company Foscam has warned all its remote controlled CCTV camera users about a flaw which when exploited by hackers can pave the way to cyber espionage. In an email notice sent by Foscam USA, a subsidiary of Foscam Intelligent Technology Co. LTD, the company specified that 12 models of its cameras contain security flaws […]
Japan to certify IoT devices based on their Cyber Attack Vulnerabilities
All these years, we witnessed electronic manufacturers offering appliances marked with energy consumption ratings. But Japan which is considered as an electronics hub to the whole world will soon be coming up with a new trend to certify ‘Internet of Things’ with a security certification. Japan’s Internal Affairs and Communications Ministry plans to introduce a […]
Serious Heartbleed vulnerability exposes Indian Power Plants to hackers!
Power Plants across India have been put on high alert against a Heartbleed bug having the capability to disrupt the functioning of the critical infrastructure of the energy departments in a big way. The National Security Council of India after receiving a tip-off from Intelligence agencies has issued a warning to the energy departments (both […]
protection at work: NTPD vulnerability CVE-2016-7434
Last week the team that supports the Network Time Protocol (NTP) software released an advisorydescribing a number of vulnerabilities in NTP and announced patches that address them. One of the announced vulnerabilities could be used to crash the NTP daemon, causing a denial of service attack against the NTP service. If you are already using CloudPassage Halo to monitor your […]