The 2022 Common Weakness Enumeration (CWE™) Top 25 Most Dangerous Software Weaknesses list demonstrates the currently most common and impactful software weaknesses. Often easy to find and exploit, these can lead to exploitable vulnerabilities that allow adversaries to completely take over a system, steal data, or prevent applications from working.
The Australian government advises citizens in the country to set up a secure passphrase for each email account. “Passwords are passé. It’s time to use passphrases,” said the Australian Cyber Security Center (ACSC). A passphrase is a password that consists of several words. This makes it easier for users to remember, but more difficult for […]
A website using Google Analytics (GA) without the safeguards set out in the EU GDPR violates data protection law because it transfers users’ data to the USA, which is a country without an adequate level of data protection. The set of data collected in this connection included the user device IP address along with information […]
75% of the most popular websites on the web allow weak passwords such as 12345678, abc123456, and P@$$w0rd. In addition, nearly half of these sites tax users by requiring a special character in their password. This is the result of research by Princeton University into the password policies of popular websites. For the study, the […]
The Chinese Hikvision’s products can be found anywhere from police surveillance systems to baby monitors with 4.8 million networks of Hikvision devices in more than 191 countries. Hikvision could be sanctioned for aiding the Chinese government’s human rights violations in Xinjiang. The US Treasury is reportedly considering adding Hikvision to the Specially Designated Nationals and […]
With remote working now the norm agent-based scanning is becoming a must, while network-based scanning is an optional extra.External vulnerability scanning can give a great overview of what you look like to a hacker, the information that can be gleaned without access to your systems can be limited. Internal vulnerability scanning is about protecting the […]
Not only by visiting but also when making a appointment or login data is shared with the Technology giant. The Meta Pixel is a snippet of code that tracks users as they navigate through a website, logging which pages they visit, which buttons they click, and certain information they enter into forms. It’s one of […]
Microsoft’s market dominance creates a big disucssion as they also have the most critical vulnerabilities. Does your organisation assess the 3rd party risk of technology suppliers?
The European Commission unveiled plans to introduce a bloc-wide digital ID. If approved, the plan would allow people to use an app to prove their identity online, whether that’s to verify their age or to check their driver’s license. The EU plans to start testing the app (wallet) in October 2022 after it has a […]
Citrix warned customers to deploy security updates that address a critical Citrix Application Delivery Management (ADM) vulnerability that can let attackers reset admin passwords.Citrix ADM is a web-based solution that provides admins with a centralized cloud-based console for managing on-premises or cloud Citrix deployments, including Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix Secure […]