Editor's News

Phoenix Contact, a German electrical engineering and automation company, has disclosed four vulnerabilities in FL SWITCH industrial switches. These devices are used for automation at digital substations and in oil and gas, maritime, and other industries. The vulnerabilities were discovered by Positive Technologies experts Vyacheslav Moskvin, Semyon Sokolov, Evgeny Druzhinin, Ilya Karpov, and Georgy Zaytsev. The most hazardous of the vulnerabilities is CVE-2018-10730 (CVSS base score 9.1), which enables an attacker to run arbitrary commands...

New insight from global cyber security and risk mitigation expert, NCC Group, has revealed that two thirds of MPs consider the compromise of critical national infrastructure to be the biggest cyber security threat facing the UK.   A year on from the cyber attack on parliamentary emails, a YouGov survey commissioned by NCC Group has gauged the opinions of MPs in the House of Commons with regards to their personal cyber security, the cyber risks associated...

Kaspersky Lab researchers tracking the Olympic Destroyer threat that famously struck the opening of the Winter Olympic Games in Pyeongchang with a destructive network worm have discovered that the hacking group behind it is still active. It appears to be targeting Germany, France, Switzerland, the Netherlands, Ukraine and Russia, with a focus on organisations involved in protection against chemical and biological threats.   Olympic Destroyer is an advanced threat that hit organisers, suppliers and partners...

Ever wondered what the role of a Chief Information Security Officer (CISO) encompasses? To put it simply, they are the guardians and protectors of everything information security related to a business. However, the tasks are far from simple as their teams work around the clock to respond to incidences that directly affect the safety of the company and its data. As the issues in cyber have evolved, so too has the role of the CISO,...

The vulnerability allowed exploiting a critical flaw in Intel Management Engine and still can be present in equipment of vendors that use Intel processors Apple released an update for macOS High Sierra 10.13.4, which fixes the firmware vulnerability CVE-2018-4251 found by Positive Technologies experts Maxim Goryachy and Mark Ermolov. For more details, see Apple Support. Maxim Goryachy notes: "The vulnerability allows an attacker with administrator rights to gain unauthorized access to critical parts of firmware,...

New analysis from NCC Group has revealed that only 26% of vulnerabilities discovered over the last nine years by its research team are likely to have been fixed. For the first time, the global cyber security and risk mitigation expert analysed nine years of vulnerabilities discovered by its researchers. Of these, just 289 were classed as “closed”, meaning they were either fixed or dismissed once the risk was accepted by the vendor. Of these resolved...

Since early 2018, some of your WhatsApp contacts may have sent you a very interesting offer for sport shoes: “Adidas is offering 2,500 pairs of shoes to celebrate its 69th anniversary” The message is followed by a link from which to obtain the promised item. Looking closer at the link in the message, there’s no dot above the short vertical line that should be the letter “i”. This is a homoglyph (often referred to as...

Alert Logic, the leading provider of Security-as-a-Service solutions, announced new executives have joined the company’s leadership team to accelerate adoption of the company’s security platform and analyst services that protect organisations at a lower cost with less effort and faster time to value. Sydna Kelley joins as Senior Vice President of Customer Success & Technology Operations, Matt Selheimer as Chief Marketing Officer, Sheila Flaherty as Chief Legal Officer, and Tim Alguire as Chief Financial Officer....

A survey of 1000 UK adults, carried out in May 2018^, showed that the main reason people upgrade their smartphone is due to the embarrassment of having an older handset, rather than the desire to have the latest tech.   Despite mobile technology drastically improving in recent years, the survey, by Satsuma Loans, revealed that 63% of respondents would be embarrassed if their peers saw them using a handset that was more than a couple...

New analysis from NCC Group has revealed that only 26% of vulnerabilities discovered over the last nine years by its research team are likely to have been fixed.   For the first time, the global cyber security and risk mitigation expert analysed nine years of vulnerabilities discovered by its researchers. Of these, just 289 were classed as “closed”, meaning they were either fixed or dismissed once the risk was accepted by the vendor. Of these...