Popular WordPress plugin maker WPML said their website was hacked over the weekend and led to the loss of customer data. The culprit was an ex-employee who exploited a backdoor planted on an unsecured web server.
The National Institute of Standards and Technology (NIST) has released its Security Publication (SP) 800-37 Rev. 2: "Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy."
Does your organization have any Redis servers exposed to the internet? If so, you should disconnect them from the public and ensure Redis services are exposed to only "trusted" environments such as your internal company network.
A leaky Mongo database exposed nearly 25,000 personal records from a Bezop cryptocurrency server. Bezop is one of over 1,000 cryptocurrencies. The unprotected personal data included full names, scanned passports, driver’s licenses,…
Oracle has released its Critical Patch Update (CPU) for April 2018 that addresses 254 vulnerabilities across multiple products.
Red Hat released security guidance that addresses recent Distributed Denial of Service (DDoS) amplification attacks being performed by attackers who are exploiting vulnerable memcached systems exposed to the internet.
You may have wondered what application containers are, let alone how to secure them. The National Institute of Standards and Technology (NIST) sets out to explain the benefits and security concerns with application container technologies in the latest Special Publication (SP 800-190) Application Container Security Guide.
Multiple Linux distributions are at risk to a vulnerability in systemd service that could lead to a denial-of-service (DoS) attack on unpatched systems.
In case you missed it, the National Institute of Standards and Technologies (NIST) published a new guideline "An Introduction to Information Security" for individuals looking to get a better understanding of introductory information security best practices.
US-CERT released good security guidance, Reducing the Risk of SNMP Abuse, in a recent alert.