Credit to Author: Pieter Arntz| Date: Fri, 31 Aug 2018 15:00:53 +0000
 | |
| What is regular expression (regex) and what makes it vulnerable to attack? Learn how to use regex safely and avoid ReDoS attacks in the process. Categories: Tags: ddosJavaScriptnode.jsredosregexsearchservervulnerability |
The post Explained: regular expression (regex) appeared first on Malwarebytes Labs.
Read moreCredit to Author: Jon Clay (Global Threat Communications)| Date: Fri, 31 Aug 2018 14:33:05 +0000
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, Air Canada reported a data breach that exposed passport details for more than 20,000 customers on their mobile app. Also, Trend Micro’s Midyear Security Roundup reported an…
The post This Week in Security News: Air Canada and Cryptojacking appeared first on .
Read more
Credit to Author: Jonny Evans| Date: Fri, 31 Aug 2018 06:45:00 -0700
Apple recently told the U.S. Congress that is sees customer privacy as a “human right”, though the explanation didn’t at that time extend to how third-party developers treat data they get from iOS apps. Now it does.
Starting October 3, Apple will insist that all third-party apps (including new apps and app updates) submitted to the App Store include a link to the app developer’s own privacy policy.
This is a big change as until now only subscription-based apps needed to supply this information – and it also extends to the privacy policy itself, which Apple insists must be clear and explicitly in explaining:
Credit to Author: Woody Leonhard| Date: Fri, 31 Aug 2018 05:02:00 -0700
Time for the final August patching shoe to drop.
Late last night Microsoft released a flurry of patches, posting them on the Microsoft Update Catalog. Some are available through Windows Update, some aren’t.
As of early Friday morning, the Win10 patches are not available through WSUS, the update server service. It’s not clear if that’s a mistake, a hesitation — or if somebody just went home last night and forgot.
Let’s hear it for patching predictability. And transparency.
Credit to Author: Sharky| Date: Fri, 31 Aug 2018 03:00:00 -0700
Flashback to the early 2000s, when this non-IT pilot fish works in a building where the level of computer literacy is hovering near absolute zero.
“I was the only person in my department who had any computer skills at all,” fish grumbles.
“One day we all got an email notice from management about a virus that was going around, spread by email. We were warned about clicking links and opening pages and all the other standard warnings.”
Fish suspects that most people in the department will just delete the warning, since they don’t use their computers for anything but the bare minimum required by company business — and they barely understand even that.
Credit to Author: Hervé Coureil| Date: Thu, 30 Aug 2018 15:42:37 +0000
We knew who they were — and they knew us. I am speaking of our competitors; that is, the ones before we embarked on our digital journey. Indeed, before digital… Read more »
The post Scanning the periphery of Digital Disruption appeared first on Schneider Electric Blog.
Read moreCredit to Author: Dave Johnson| Date: Thu, 30 Aug 2018 15:00:00 +0000
According to research firm MarketsandMarkets™, from 2017 through to 2022, edge computing will experience a Compound Annual Growth Rate (CAGR) of 35.4% (from $1.47 Billion USD to $6.72 Billion). Increased… Read more »
The post Why Support for Edge Data Centers Will Need to be “Lights Out” appeared first on Schneider Electric Blog.
Read moreCredit to Author: Daniel Desruisseaux| Date: Thu, 30 Aug 2018 13:55:46 +0000
In August of 2018, Modbus.org published the Modbus Security protocol. The use of secure protocols is a fundamental component in efforts to secure Industrial Control System (ICS) traffic. Secure protocols… Read more »
The post Modbus Security – New Protocol to Improve Control System Security appeared first on Schneider Electric Blog.
Read more