A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Yet more, and for a change and not just a problem with Ring.
Have you ever looked for a file but didn’t remember which application it was stored in? Did you perhaps wish the application had the same search capabilities as Google? As internet search continues to evolve and provide a better user experience, business leaders are mired with complaints because their knowledge workers search “store-by-store” and can’t find what they are looking for inside their organization’s file share or cloud-content repositories.
A growing number of businesses are allowing their employees to work remotely for at least part of their work week. Right now, it’s estimated that 42% of workers in the U.S. are working from home. Even though working from home is becoming more common, many companies have still not taken the necessary steps to complete their digital workforce transformation. The key to successfully shifting to remote work is keeping tabs on your team with the help of employee monitoring software.
In the midst of the COVID-19 pandemic, even companies that had said no to BYOD have come to terms with it, as a fair share of remote work would not even be possible without such a policy. Pandemic or no pandemic, on-the-go data access has always enabled employees to get work done quickly and efficiently. It guarantees better communication with colleagues, improves customer service, and device familiarity brings employee satisfaction and increased productivity.
It is that time of year again where we start planning resolutions for the coming year. A good start is putting cybersecurity on the top of the list whether you are a business or individual. According to a University of Maryland study, Hackers attack every 39 seconds, on average 2,244 times a day. It may be even higher now that more of us are working remotely because of Covid19 and the attack surface has greatly expanded in numbers and vulnerability.
Our article provides an overview of the most common forms of computer viruses along with some punches of computer fun facts, history & interesting facts about computer viruses and other types of malware. A few weeks ago, we also published cyber security glossary, simplifying geeky terms for general readers.
On October 29th, Detectify released a security test to detect a critical Oracle WebLogic Server RCE – CVE-2020-14882. Again in November, Oracle released an out-of-band security patch to fix a related RCE for Oracle Fusion Middleware. These vulnerabilities are currently being exploited by multiple botnets in the wild. Detectify scans your application for both of these vulnerabilities and will alert you if you are running a vulnerable version of Oracle WebLogic Server.
Organizations are modernizing IT infrastructure, restructuring teams, and accelerating application delivery with containers and Kubernetes. As with any technology, organizations are at various places within their journey. However, according to Gartner, more than 75% of global organizations will be running containerized apps in production by 2022. Chances are your team is using containers for some applications.
Today, cybersecurity, risk, and data protection are issues that are on upper management’s radar. Seeking to minimize the potential for business disruption, board members are getting more involved with the organization’s security program. Recent surveys indicate that 65% of companies are recruiting board members who are knowledgeable about security issues.
Modern languages like Python, NodeJS, and Go make it easy to handle concurrent requests for multiple customers at the same time by using threads or goroutines. Such services seem very cost effective because one process can handle hundreds or thousands of tenants. However, this efficiency comes at a hidden, steep price. When language runtime scheduling breaks down, one tenant can cause an outage for everyone.
