October 2019

cybersecurity

The security landscape is never static. Smarter cybercriminals, evolving malware, more regulations and higher financial and national security stakes force organizations and their security teams to constantly adjust priorities. The IDG 2019 Security Priorities Study, released at the end of July 2019, helps to define how those priorities are changing for the next 12 months. The study is based on a survey of 528 security professionals...

Read More

A team of German cybersecurity researchers has discovered a new cache poisoning attack against web caching systems that could be used by an attacker to force a targeted website into delivering error pages to most of its visitors instead of legitimate content or resources. The issue affects reverse proxy cache systems like Varnish and some widely-used Content Distribution Networks (CDNs) services, including Amazon CloudFront, Cloudflare, Fastly,...

Read More

In rush to fix newly discovered security issues, developers are neglecting to address older ones, Veracode study finds. The latest edition of Veracode's annual "State of Software Security" study released this week shows that many enterprise organizations are at increased breach risk because of aging, unaddressed application security flaws. Veracode recently analyzed data from application security tests on more than 85,000 applications and found that, on average,...

Read More

Cisco this week said it issued a software update to address a vulnerability in its Cisco REST API virtual service container for Cisco IOS XE software that scored a critical 10 out of 10 on the Common Vulnerability Scoring System (CVSS) system. With the vulnerability an attacker could submit malicious HTTP requests to the targeted device and if successful, obtain the token-id of an authenticated user....

Read More