For both white-hat and black-hat operators, the infamous “RockYou” lists have been a staple of the cyber-security landscape for well over a decade. They are lists of passwords, compiled and repeatedly expanded upon with data leaked over the years to form, in its most recent iteration, a list of approximately 10 billion plain-text passwords.

Sometimes, we need to escape the reality of the real world and detach from reality. In this world centered around technology, fewer people are relaxing by candlelight with a good book, and more are choosing to substitute the physical world by bringing in elements from augmented reality. Unfortunately, the privacy issues we face in the real world from companies are still present in augmented reality.

Read Also: Four cybercrime ring members arrested for hacking government websites, teen gets one year in prison for hacking teacher’s laptop, and more.

The business world continues to move to a knowledge-worker-based economy. Companies derive less and less value from widgets and more from the processes, ideas, and innovations they create — their intellectual property (IP). But IP needs to be protected. IP theft is the appropriation of unique ideas, inventions, or theft of trade secrets, usually by malicious insiders.

Many smaller organizations aren’t sure where to start with threat intelligence; it may seem like the kind of maturity reserved for large organizations. Threat intelligence is a proactive cybersecurity strategy focused on collecting information about current threats, analyzing it, and using that information to identify and mitigate threats within the network. It’s approachable even for smaller organizations that don’t have the resources for novel research and analysis.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! A couple of real nasty Open Source issues in the past week. The first and most recent is Ghostscript. Could well be a lot of SaaS products affected.

Over the last five to ten years cybersecurity has become a boardroom subject in the majority of enterprises. This would have never happened without ransomware. Ransomware has been the best board-level awareness tool ever.

The endpoint combines both opportunity and risk for most organizations. While an essential hub for modern business operations and the tools employees use, it also is the primary attack surface for today’s adversaries: Nearly 90% of successful cyberattacks start at the endpoint.1 An endpoint protection platform (EPP) is the essential foundation to a strong cybersecurity strategy.