A selection of this week’s more interesting vulnerability disclosures and cyber security news. An bumper crop this week of news items of note, had to seriously prune them down to a manageable number which is a shame.

New research from Forescout found that healthcare organizations are increasingly at risk from legacy platforms, device complexity, and the use of frequently exploited protocols. Forescout analyzed 75 healthcare deployments running over 1.5 million devices across 10,000 VLANs (virtual local area networks).

The simplest explanation is that the page takes a value and then creates a redirect to it. If /red.php?url=https://example.com created a redirect to https://example.com that would be a typical Open Redirect-vulnerability.

Here at Devo’s Cambridge, MA office, we’ve been steeped in news of national sports league playoffs for several weeks. The games are great, even with the stress and uncertainty of overtime, but it’s gotten me thinking about the professional hockey and basketball players, and how they’ve become as successful as they are.

Insider Threats come in many different shapes and forms and can be a frustrating problem to diagnose. Adding to the problem is the fact that even the most reliable and seemingly harmless employees can change in an instant and pose a threat. Protecting your company against these sometimes-unpredictable actors requires an understanding of the various profiles that exist and their motivations.

Since financial services industry collects, stores, and transmits sensitive non-public informationinformatino, malicious actors continue to target it. As the financial services industry embraces digital transformation, it opens itself up to new risks. Cloud infrastructures act as a primary target, leading to new risks arising from the new technologies. Emerging risks facing the financial services industry require continuous monitoring to retain a robust cybersecurity posture.

Recent statistics show that 60% of businesses are forced to suspend operations after a cyber-attack are never able to reopen for business. This is largely due to revenue lost due to downtime as well as damage to the company’s reputation. The good news is that most of these threats can be mitigated with reliable cybersecurity. When it comes to cyberattacks, time is of the essence.

It was only a few years back that cloud technology was in its infancy and used only by tech-savvy, forward-thinking organisations. Today, it is commonplace. More businesses than ever are making use of cloud services in one form another. And recent statistics suggest that cloud adoption has reached 88 percent. It seems that businesses now rely on the technology for day-to-day operations.

Perhaps it’s too melodramatic to claim that the debate over how to define a data breach “rages on” because we haven’t seen bodies flying out of windows yet, but it is a serious question with genuine financial ramifications now that the General Data Protection Regulation (GDPR) and its accompanying fines for mishandling data have arrived to save (and sometimes confuse) the day.

We are excited to announce the new security capabilities of Tigera Secure Enterprise Edition 2.4. This release enables enterprise security teams to extend their existing zone-based architectures and easily connect to external resources. The highlights include DNS Policies, Threat Defense, Compliance Dashboard and Reporting, and easier installation options.