Equifax breach report highlights multiple security failures

By |2019-04-22T05:33:36+00:00December 14th, 2018|Expert Analysis on Hacks & Attacks, Virsec in the News|

Search Security, December 12, 2018, with comments by Satya Gupta; An Equifax breach report, based on a government investigation, blamed the incident on multiple security failures and concluded the breach was preventable. Equifax's own accountability in their data breach After a 14-month congressional investigation into the Equifax breach, the US House Committee on Oversight and [...]

The Dark Web: Your Information Is Likely There – What Can You Do?

By |2019-04-22T06:48:26+00:00November 25th, 2018|Expert Analysis on Hacks & Attacks, Security News|

Data breaches have become so commonplace that we can count them by the week, if not the day. Breaches in 2018 have far surpassed the count of 2017, with no signs of slowing. Applications that track these daily breaches have reached counts of literally millions per day, showing graphically as beams of light arcing across [...]

With Apache Struts Vulnerabilities, Never Throw Caution to the Wind

By |2019-04-22T05:42:28+00:00August 28th, 2018|Blog, Expert Analysis on Hacks & Attacks|

Apache Struts framework vulnerabilities continue to emerge. Even if you are on top of Apache vulnerability patching, your website could still be in jeopardy if it was developed using the Apache Struts 2 Framework. A new related patch was recently announced. And as we saw with Equifax, many organizations are not on top of patching. [...]

Spectre Will Haunt Us for a Long Time

By |2019-04-22T05:36:08+00:00July 24th, 2018|Blog, Expert Analysis on Hacks & Attacks, Security News|

These vulnerabilities have existed for over 20 years, and we are not even close to closing the door on these significant risks. During a recent Congressional hearing, Senators voiced concerns about the ongoing Spectre and Meltdown vulnerabilities. While the technical details were predictably glossed over, most of the hearing focused on Intel informing Chinese partners [...]

Guest Blog: Explaining the latest chip flaws to my mother (Spectre & Meltdown)

By |2018-08-27T23:19:22+00:00January 26th, 2018|Expert Analysis on Hacks & Attacks, Security News, Virsec in the News|

by Adi Gadwale, Chief Enterprise Architect at General Dynamics The New York Times declares “all phones and computers at risk”! How? How can every modern processor going back to the early '90s have the same architectural choices leading to a flaw today? How can a vulnerability be so bad that it can’t be fixed until the [...]

You Must Remember This: Memory-Based Attacks Are the New Battleground

By |2018-08-27T22:32:23+00:00October 30th, 2017|Expert Analysis on Hacks & Attacks, Security News, Virsec in the News|

SC Magazine, October 30, 2017; by Willy Leichter, VP Marketing, Virsec; Now, even B-Grade actors have easy access to cyber warfare tools created at the nation-state level The multitude of recent cyberattacks have a number of things in common: they are sophisticated, multi-pronged, use fileless techniques, and target applications at the memory level – largely [...]

Patching the Iron Tail Is Easier Said than Done

By |2018-08-27T22:10:04+00:00October 12th, 2017|Expert Analysis on Hacks & Attacks, Virsec in the News|

Cyber Defense, October 10, 2017; Willy Leichter contributes article to eMagazine While Patching Is Best Practices Approach, Some Organizations Have Complex Reasons for Delaying In our new reality of a new hack every week, if not every day, it’s easy to want to find someone to blame. An easy place to point a finger is [...]

Mobile apps cited in Deloitte trophy breach

By |2018-08-27T22:16:11+00:00September 29th, 2017|Expert Analysis on Hacks & Attacks, Security News, Virsec in the News|

The Green Sheet, September 29, 2017, Ray DeMeo comments on Deloitte breach; Deloitte’s recent breach resulted in customer emails and other personal info being stolen. Deloitte ended up on the hot seat for that and for not knowing until recently the breach had been going on since late 2016. It appears that the attackers got [...]

What is a fileless attack? How hackers invade systems without installing software

By |2018-12-31T03:11:44+00:00September 21st, 2017|Equifax, Expert Analysis on Hacks & Attacks, Security News, Virsec in the News|

CSO Online, September 21, 2017, comments by Satya Gupta; Fileless malware attacks operate in a computer’s RAM memory rather than on hard drives and this gives hackers a stealthier way to invade networks and applications. Because no (or very little) malware or foreign code is placed inside the victim’s system, such attacks are called “zero [...]

Equifax: Web App Breach Exposed Data of 143 Million Consumers

By |2018-08-28T21:30:23+00:00September 8th, 2017|Equifax, Expert Analysis on Hacks & Attacks, Virsec in the News|

Bank Info Security, September 7, 2017, comments from Atiq Raza and Satya Gupta; Data Includes Drivers Licenses, Social Security Numbers, Birth Dates and Addresses  A few statistics about the 143 million people affected by the Equifax breach announced yesterday make this number all the more alarming, possibly even for you reading this article. According to [...]