ISO 27001, sometimes referred to as ISO/IEC 27001 is an international standard that addresses organizational information security. Issued in 2005 and with a second revision in 2013, the ISO 27001 standard describes the Information Security Management Systems requirements for global…
Category: EN
More ways for users to identify independently security tested apps on Google Play
Posted by Nataliya Stanetsky, Android Security and Privacy Team Keeping Google Play safe for users and developers remains a top priority for Google. As users increasingly prioritize their digital privacy and security, we continue to invest in our Data Safety…
Qualified certificates with qualified risks
Posted by Chrome Security team Improving the interoperability of web services is an important and worthy goal. We believe that it should be easier for people to maintain and control their digital identities. And we appreciate that policymakers working on…
Defense in depth: Layering your security coverage
The more valuable a possession, the more steps you take to protect it. A home, for example, is protected by the lock systems on doors and windows, but the valuable or sensitive items that a criminal might steal are stored…
Kinsing threat actors probed the Looney Tunables flaws in recent attacks
Kinsing threat actors are exploiting the recently disclosed Linux privilege escalation flaw Looney Tunables to target cloud environments. Researchers are cloud security firm Aqua have observed threat actors exploiting the recently disclosed Linux privilege escalation flaw Looney Tunables in attacks against…
New Secaucus Point of Presence Increases Resilience for Financial Services
We are thrilled to announce the opening of a new cutting-edge Point of Presence (PoP) in Secaucus, New Jersey, which adds resilience to our network infrastructure located in the Northeastern United States region. This PoP represents the first build using…
Imperva customers are protected against CVE-2023-22518 in Confluence Data Center and Server
Atlassian released patches for the recently released vulnerability CVE-2023-22518 in their Confluence Data Center and Confluence Server products. This is a critical vulnerability, allowing attackers to bypass the authentication mechanism to potentially gain unauthorized access to sensitive information and systems.…
Apache ActiveMQ Vulnerability Exploited as Zero-Day
The recently patched Apache ActiveMQ vulnerability tracked as CVE-2023-46604 has been exploited as a zero-day since at least October 10. The post Apache ActiveMQ Vulnerability Exploited as Zero-Day appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS…
North Korean Hackers Use New ‘KandyKorn’ macOS Malware in Attacks
Security researchers uncover new macOS and Windows malware associated with the North Korea-linked Lazarus Group. The post North Korean Hackers Use New ‘KandyKorn’ macOS Malware in Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS Feed…
In Other News: Airport Taxi Hacking, Post-Quantum Crypto Guidance, Stanford Breach
Noteworthy stories that might have slipped under the radar: US airport taxi hacking by Russians, Stanford ransomware attack, and post-quantum crypto guidance. The post In Other News: Airport Taxi Hacking, Post-Quantum Crypto Guidance, Stanford Breach appeared first on SecurityWeek. This…