HP Patches High-Risk Vulnerability in Business Printers

HP released security firmware updates this week for dozens of printers, including enterprise models, to fix a high-risk vulnerability that could allow attackers to compromise the devices. The vulnerability, tracked as CVE-2017-2750, stems from a failure to properly validate DLL signatures and can be exploited to execute arbitrary code on the operating system of 54..
Read more

Capital One Debuts Beta of Critical Stack Container Orchestration Platform

Critical Stack, a division of Capital One, rolled out a beta program for its containerization management software and at least 41 Fortune 500 enterprises have signed up to take part. An application container orchestration platform, Critical Stack is designed to help enterprises manage secure containerized infrastructure at scale in the cloud. Capital One became the first..
Read more

Securing the Entire Container Stack, Lifecycle and Pipeline – Part 1

With the rise in popularity of containers, development and DevOps paradigms are experiencing a massive shift while security admins are left struggling to figure out how to secure this new class of assets and the environments they reside in. While containers do increase the complexity of the ecosystem that security admins are responsible for securing, … Read More The post Securing the Entire Container Stack, Lifecycle and Pipeline – Part 1 appeared first on The State of Security.
Read more

Insecure Storage Buckets Expose 1.8 Billion Online Posts Scraped for U.S. Military

A Pentagon contractor left three storage buckets publicly accessible on Amazon’s S3 service, exposing more than 1.8 billion online posts collected since 2009. The messages, posted by people from around the world, were likely collected as part of an intelligence-gathering operation for the U.S. military. The breach was discovered by researchers from UpGuard, a company..
Read more

Update Your WordPress Website Now, Researcher Warns

WordPress version 4.8.3, released Oct. 31, fixes a serious security issue that could result in SQL injection attacks. Details about the vulnerability are now public, so attacks could soon follow. “If you haven’t updated yet, stop right now and update,” Anthony Ferrara, VP of engineering at Lingo Live and the researcher who identified the flaw..
Read more
Page 1 of 1212345...10...Last »