Cybersec News

Qualitians Cyber Security Practice

Many Medical Device Makers Skimp on Security Practices

Barely over a quarter of medical device companies surveyed maintain a software bill-of-materials, and less than half set security requirements at the design stage...
Qualitians Alert Monitoring

Sophos Buys Alert-Monitoring Automation Vendor

Acquisition of cloud-based alert security company will help Sophos automate tasks bogging down security teams, the company says...
Qualitians Ransomware

FBI Warns Ransomware Attacks on Agriculture Co-ops Could Upend Food Supply Chain

Ransomware groups are looking to strike large agriculture cooperatives during strategic seasons, when they are most vulnerable, according to law enforcement...
Pipedream Malware

Early Discovery of Pipedream Malware a Success Story for Industrial Security

Cybersecurity professionals discovered, analyzed, and created defenses against the ICS malware framework before it was deployed, but expect the stakes to keep rising...

Apple’s Zero-Day Woes Continue

Two new bugs in macOS and iOS disclosed this week add to the growing list of zero-days the company has rushed to patch over the past year...
Qualitians Data Breach

NSA Employee Indicted for Sending Classified Data Outside the Agency

Even the NSA has a malicious insider problem. The employee used his personal emails to send classified data to unauthorized outsiders on 13 different occasions...
Qualitians PCI Compliance

What You Need to Know About PCI DSS 4.0’s New Requirements

The updated security payment standard's goal is to “address emerging threats and technologies and enable innovative methods to combat new threats” to customer payment information, the PCI Security Standards Council says...
Qualitians Cyber Security Matters

More Than Ever, Security Matters

Public policy proposals must consider technical, practical, and real-world security effects, and make sure we avoid unintended consequences...
Qualitians Cyber Security Matters

Vulnerabilities in Rockwell Automation PLCs Could Enable Stuxnet-Like Attacks

CISA urges organizations using affected technologies to implement recommended mitigation measures...
Qualitians GitLab

GitLab addresses critical account hijack bug

Monthly release also addresses pair of stored XSS flaws...
Qualitians PHP

PHP bug allows attackers to bypass domain filters, stage DoS attacks against servers

Filter bypass flaw is triggered only on very large user input, which puts restrictions on its exploitability...
Qualitians Hacking Tools

Latest web hacking tools – Q2 2022

We take a look at the latest additions to security researchers’ armory...
Qualitians Spring Cloud

Spring4Shell: Spring users face new, zero-day vulnerability

Both security bugs are now reportedly being exploited in the wild...
Qualitians WAF

Half of Orgs Use Web Application Firewalls to Paper Over Flaws

WAFs remain a popular backfill for complex and fraught patch management...
Qualitians Code-Sabotage

Code-Sabotage Incident in Protest of Ukraine War Exposed Open Source Risks

The maintainer of a widely used npm module served up an unwelcome surprise for developers...
Qualitians Exploitation Intelligence

CyCognito Launches Exploit Intelligence

Risk intelligence solution provides insight, visibility, and guidance to identify, prioritize, and remediate vulnerabilities like Log4j...
Qualitians Default Featured Image

A Chance to Raise Shields Right

CISA's "Shields Up" alert provides urgency — and opportunity — for supply chain conversations...
Qualitians Cyber Security Controls

Menlo Security: Less Than Three in 10 Organizations Are Equipped to Combat Growing Wave of Web-Based Cyber Threats

Report finds that 62 percent of IT decision makers have suffered a browser-based attack in the past 12 months...