Vulnerability - MySecurity Marketplace

2020 Open Source Security and Risk Analysis Report

Welcome to the 5th edition of Synopsys’ Open Source Security and Risk Analysis (OSSRA) report. The 2020 OSSRA includes insights and recommendations to help security, risk, legal, and development teams better understand the open source security and license risk landscape. To help organizations develop secure, high-quality software, the Synopsys Cybersecurity Research Center (CyRC) publishes research […]

2020 Open Source Security and Risk Analysis Report Read More »

2020 Phishing By Industry Benchmarking Report

By execassist

As cybercrime continues to surge, security leaders must understand that there is no such thing as a perfect, fool-proof, impenetrable secure environment. Many organizations fall into the trap of trying to use technology as the only means of defending their networks and forgetting that the power of human awareness and intervention is paramount in arriving

2020 Phishing By Industry Benchmarking Report Read More »

Kr00k – CVE-2019-15126

By execassist

Kr00k – CVE-2019-15126 is a vulnerability that affected billions of devices, potentially causing the leak of sensitive data and opening a new attack vector for blackhats. Following the discovery of the vulnerability, ESET responsibly disclosed it to the affected chip manufacturers Broadcom and Cypress (and, initially, to Amazon). We also contacted ICASI to ensure that

Kr00k – CVE-2019-15126 Read More »

2019 IBM X-Force Threat Intelligence Index

By haridas_mondal

Nearly a year has passed since Australia’s mandatory data breach notification regime came into force. Over the last quarter, the highest reported source of breaches involved human factors such as clicking on an attachment to a phishing email. This trend is in line with the global statistics revealed by the latest annual 2019 IBM X-Force Threat Intelligence Index report, which suggests that one third of attacks analysed by X Force IRIS globally involved compromises via phishing emails.

2019 IBM X-Force Threat Intelligence Index Read More »

NETSCOUT Threat Intelligence Report: Powered by ATLAS

By haridas_mondal

This report represents our view of the threat landscape, based on all our holdings and driven by analysis from our intelligence unit.

NETSCOUT Threat Intelligence Report: Powered by ATLAS Read More »

Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD)

By haridas_mondal

The guide’s example solutions demonstrate the effectiveness of the Internet Engineering Task Force’s Manufacturer Usage Description Specification in strengthening security for IoT devices on home and small-business networks.

Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD) Read More »

Internet Security Report for Q3 2019

By haridas_mondal

New research from WatchGuard Technologies shows that amid significant increases in both malware and network attacks, multiple Apache Struts vulnerabilities – including one used in the devastating Equifax data breach – appeared for the first time on WatchGuard’s list of most popular network attacks in Q3 2019.

Internet Security Report for Q3 2019 Read More »

Protecting People 2019

By haridas_mondal

The report highlights that Australian universities could be vulnerable to cyber attacks. The findings show education institutions are at risk of unauthorised login attempts to cloud accounts with 70% of attacks successful.

Protecting People 2019 Read More »

Cybersecurity Nexus (CSX) – Vulnerability and Exploitation Course (CVEC)

By haridas_mondal

The Vulnerability and Exploitation Course (CVEC) provides students, who possess a basic understanding of penetration testing, a deeper understanding of vulnerability identification and exploitation capabilities. Students will work with real systems in real environments and will leverage real vulnerability analysis and exploitation tools in a live environment.

Cybersecurity Nexus (CSX) – Vulnerability and Exploitation Course (CVEC) Read More »

2018 State of Bug Bounty Report

By execassist

The biggest difference between an unknown vulnerability and a known vulnerability, is the ability to take action on it.

Over the past year, there has been an increase of 21% in total vulnerabilities reported, and an increase of 36% in total bug bounty payouts.

Security leaders are beginning to realize that better awareness and information about disclosed vulnerabilities is critical to their operational success.

2018 State of Bug Bounty Report Read More »