Security Bulletin

While technology innovations promise to deliver significant results for business managers, the reality of implementation and adoption is often very different. This blog from IDC shares how life-cycle services can help.

Organizational leaders increasingly recognize that privacy is more than a compliance exercise – it is a business imperative that is tied to customer trust.

By combining the strengths of the fraud and security teams, companies can get the visibility – and context – they need to keep their users, customers, and business partners safe.

Cisco released a security advisory to address a vulnerability (CVE-2024-20253) affecting multiple Unified Communications Products. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and...

CISA released two Industrial Control Systems (ICS) advisories on January 25, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-025-01 Opteev MachineSense FeverWarn...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: MachineSense LLC. Equipment: MachineSense FeverWarn Vulnerabilities: Missing Authentication for Critical Function, Use of Hard-coded Credentials...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: SystemK Equipment: NVR 504/508/516 Vulnerability: Command Injection 2. RISK EVALUATION Successful exploitation of...

These days, many pieces of malware are flagged as “infostealers” because, once running on the victim&#x27s computer, they search for interesting data and exfiltrate them. Classic collected data are:

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Security should not be treated as one-size-fits all, and that is doubly true when it comes to security awareness education. Training should be customized by age, learning styles, and preferred media if it is to be effective.

Ransomware attack hits Veolia North America Major global water and wastewater system operator Veolia had some of its internal back-end systems at its North America Municipal Water division impacted by a ransomware attack last week, resulting in the...