Cybersecurity Alerts, News, and Tips

For the second time in a week, a Google Chromium zero-day released online

For the second time in a week, a Chromium zero-day remote code execution exploit code has been released on Twitter, multiple browsers impacted. A new Chromium zero-day remote code execution exploit has been released on Twitter this week, kile the previous one that affects current versions of Google Chrome, Microsoft Edge, and likely other Chromium-based browsers. The […]
The post For the second time in a week, a Google Chromium zero-day released online appeared first on Security Affairs.


7 Practical Secure Coding Practices

Introduction
Software Security is important more than ever in today’s world. If we embed the security in the development phase of the application it not only benefits the overall security adherence but also creates multiple security checkpoints at multiple levels of software. This article provides multiple live secure coding examples one has to apply while developing modern-day software. This article uses Java to show case-live examples; these principles can be adopted with any language of choice.
1. Escape the Input
There are types of attack called injection attacks, where the attacker embeds an execution command/Query impersonating it as normal literal input.


WhatsApp flaws could have allowed hackers to remotely hack mobile devices

WhatsApp addressed two security vulnerabilities in its app for Android that could have been exploited to remotely hack the victim’s device. WhatsApp recently addressed two security vulnerabilities in its app for Android that could have been exploited by remote attackers to execute malicious code on a target device and potentially eavesdrop on communications. The vulnerabilities […]
The post WhatsApp flaws could have allowed hackers to remotely hack mobile devices appeared first on Security Affairs.


BrandPost: Remediate Insecure Configurations to Improve Cybersecurity

A data breach can result in catastrophic consequences for any organization. Ensuring that your IT environment is safe from cyber threats can be a real challenge.To keep intruders out of your networks and data, you need more than up-to-date guidance; you also need to continually assess system configurations for conformance to security best practices, and to harden thousands of individual settings in your environment.But, where do you start?Begin with Recognized Security Best Practices
The CIS Controls are a prioritized set of actions that mitigate the most common cyber-attacks. They translate cyber threat information into action. The CIS Benchmarks are secure configuration recommendations designed to safeguard systems against today’s evolving cyber threats. Both CIS best practices provide organizations of all sizes with specific and actionable recommendations to enhance cyber defenses. And, both are mapped to or referenced by a number of industry standards and frameworks like NIST, HIPAA, PCI DSS, and more.To read this article in full, please click here