Patches

‘Distributed guessing’ attack lets hackers verify Visa card details

Armed with a card number, researchers tricked websites into helping them guess the expiry date and CVV.

GrayKey: What you need to know about this iPhone hacker and how to protect yourself

Updated information about a turnkey, automated cracking system marketed to law enforcement makes it clear users should pick longer passcodes.

The clearer the CSO role, the easier to get budget approved: Mushtaq Ahmed, CSS Corp

For an organization to be secure from any cyber threats, investments should be made in technology, people, and policy, says Mushtaq Ahmed of CSS Corp.

MS Office vulnerabilities, unexplained outage puts Microsoft in a tough spot

The biggest software company in the world, Microsoft has had a rough month with significant spikes in targeted malware attacks and an out-of-the-blue Office 365 outage that threw enterprises out of gear all over the globe. 

Verizon report: Ransomware top malware threat of 2017, moving into critical systems

DDoS attacks are also on the rise, but spying reports are down. Fewer people are clicking on phishing links.

What hackers do: their motivations and their malware

Whether a hacker uses a computer exploit or malware, their motivations are the same. Understanding why and how hackers hack is key to your defense.

Want to hack a voting machine? Hack the voting machine vendor first

How password reuse and third-party breaches leave voting machine vendors vulnerable to attack.

ManageEngine fixes critical zero-day vulnerabilities that could affect close to 10,000 companies in India

Here’s all you need to know about ManageEngine’s zero-day vulnerabilities, and what the company has done to remediate the problem

5 biggest healthcare security threats for 2018

Healthcare continues to be a popular target for ransomware, cryptomining, data theft, phishing, and insider threats.

Intel issues Meltdown/Spectre fixes for Ivy Bridge, Sandy Bridge as patch effort winds down

Intel has issued patches for the Spectre and Meltdown vulnerabilities to PCs using its Ivy Bridge and Sandy Bridge families of Core microprocessors, leaving just a few niche chips left to patch.

Insecure by design: What you need to know about defending critical infrastructure

Patching is useless most of the time, industrial control systems (ICS) security expert tells Senate committee.

Microsoft will host Intel's Spectre and Meltdown patches on its own site

If you've built a PC using a motherboard from a smaller vendor who doesn't patch regularly, you may not have received a Spectre or Meltdown patch. Microsoft's here to help.