An in-depth look at user awareness, vulnerability and resilience INTRODUCTION Do you have a good sense of how well users understand cybersecurity terms and best practices? Do you know the top issues infosec teams are dealing with as a result of phishing attacks? How about the ways organizations are fi ghting phishing attacks and the […]
Welcome to the 5th edition of Synopsys’ Open Source Security and Risk Analysis (OSSRA) report. The 2020 OSSRA includes insights and recommendations to help security, risk, legal, and development teams better understand the open source security and license risk landscape. To help organizations develop secure, high-quality software, the Synopsys Cybersecurity Research Center (CyRC) publishes research
2020 Open Source Security and Risk Analysis Report Read More »
As cybercrime continues to surge, security leaders must understand that there is no such thing as a perfect, fool-proof, impenetrable secure environment. Many organizations fall into the trap of trying to use technology as the only means of defending their networks and forgetting that the power of human awareness and intervention is paramount in arriving
Kr00k – CVE-2019-15126 is a vulnerability that affected billions of devices, potentially causing the leak of sensitive data and opening a new attack vector for blackhats. Following the discovery of the vulnerability, ESET responsibly disclosed it to the affected chip manufacturers Broadcom and Cypress (and, initially, to Amazon). We also contacted ICASI to ensure that
Nearly a year has passed since Australia’s mandatory data breach notification regime came into force. Over the last quarter, the highest reported source of breaches involved human factors such as clicking on an attachment to a phishing email. This trend is in line with the global statistics revealed by the latest annual 2019 IBM X-Force Threat Intelligence Index report, which suggests that one third of attacks analysed by X Force IRIS globally involved compromises via phishing emails.
This report represents our view of the threat landscape, based on all our holdings and driven by analysis from our intelligence unit.
NETSCOUT Threat Intelligence Report: Powered by ATLAS Read More »
The guide’s example solutions demonstrate the effectiveness of the Internet Engineering Task Force’s Manufacturer Usage Description Specification in strengthening security for IoT devices on home and small-business networks.
New research from WatchGuard Technologies shows that amid significant increases in both malware and network attacks, multiple Apache Struts vulnerabilities – including one used in the devastating Equifax data breach – appeared for the first time on WatchGuard’s list of most popular network attacks in Q3 2019.
The report highlights that Australian universities could be vulnerable to cyber attacks. The findings show education institutions are at risk of unauthorised login attempts to cloud accounts with 70% of attacks successful.
The Vulnerability and Exploitation Course (CVEC) provides students, who possess a basic understanding of penetration testing, a deeper understanding of vulnerability identification and exploitation capabilities. Students will work with real systems in real environments and will leverage real vulnerability analysis and exploitation tools in a live environment.
Cybersecurity Nexus (CSX) – Vulnerability and Exploitation Course (CVEC) Read More »
