At the Intersection of Technology and Real Life

Spotlight Podcast: Public Sector levels up to tackle Cyber Threats

Spotlight Podcast: Public Sector levels up to tackle Cyber Threats

Michael York Reading, PA Syndicated Stories, The Security Ledger

In this Spotlight edition of the podcast, sponsored* by RSA Security, we go deep on public sector cyber risk with two interviews from the most recent RSA Conference: Kelvin Coleman, the Executive Director of the National Cyber Security Alliance (NCSA) and Sean McHenry, the CISO of the Utah State Board of Education. In our second segment, we shift…

Read the whole entry… »

Related Stories

Read the full article here

Google Assistant, Maps and Search can now help you figure out where to vote

Syndicated Stories, TechCrunch

Google Assistant, Maps and Search can now help you figure out where to vote

Election Day approaches! Still not sure where the nearest polling place or ballot drop box is? Google wants to help. This morning the company rolled out a handful of features across Google Assistant, Google Maps and Google Search, all meant to kick in when a user seems to be looking for information on voting locations. […] …

Episode 190: 20 Years, 300 CVEs. Also: COVID’s Lasting Security Lessons

Syndicated Stories, The Security Ledger

Episode 190: 20 Years, 300 CVEs. Also: COVID’s Lasting Security Lessons

In this episode of the podcast (#190), sponsored by LastPass, Larry Cashdollar of Akamai joins us to talk about how finding his first CVE vulnerability, more than 20 years ago, nearly got him fired. Also: Katie Petrillo of LastPass joins us to talk about how some of the security adjustments we’ve made for COVID might not go away any time soon. …Read the whole entry… » Related StoriesPodcast Episode 189: AppSec for Pandemic Times, A Conversation with GitLab Security VP Jonathan HuntSpotlight Podcast: QOMPLX CISO Andy Jaquith on COVID, Ransomware and ResilienceSpotlight Podcast: Taking a Risk-Based Approach to Election Security …

Syndicated Stories, The Security Ledger

Report: Critical Infrastructure Cyber Attacks A Global Crisis

The systems we rely on to keep the lights on, heat our homes, make our medicines and move our goods are increasingly connecting to the Internet, and increasingly vulnerable to devastating cyber attacks in what a new report calls a looming “global crisis.” The post Report: Critical Infrastructure Cyber Attacks A Global Crisis appeared first on The…Read the whole entry… »Related StoriesPKI Points the Way for Identity and Authentication in IoTChina Attacks Surge as Cyber Criminals Capitalize on COVID-19As Cybercrooks Specialize, More Snooping, Less Smash and Grab …

Latest Headlines

1
2
3
4
5
6
7
8
9
10
11
12
13

One Woman’s High-Touch Bid to Upend the Sex-Toy Industry

16 October 2020

Lora DiCarlo said her company’s robotic vibrator, the Osé, would redefine the market. But her hyped-up personal brand would be the real master stroke. [...]

Schools (and Children) Need a Fresh Air Fix

14 October 2020

Classrooms have needed better ventilation for years. It took a pandemic to get us to pay attention. [...]

The Man Who Speaks Softly—and Commands a Big Cyber Army

13 October 2020

Meet General Paul Nakasone. He reined in chaos at the NSA and taught the US military how to launch pervasive cyberattacks. And he did it all without you noticing. [...]

His Writing Radicalized Young Hackers. Now He Wants to Redeem Them

12 October 2020

Cory Doctorow’s Little Brother series has been a young-adult sci-fi bible for teen hacktivists. But with the latest and darkest book in the trilogy, it’s all grown up. [...]

In a World Gone Mad, Paper Planners Offer Order and Delight

8 October 2020

On Instagram and Facebook, members of a wonderfully obsessive community organize every aspect of their lives—through pandemics and protests—with binders and stickers. [...]

The True Story of the Antifa Invasion of Forks, Washington

8 October 2020

A false report on Twitter exploded into a call to arms. Then a bus, carrying a family and two dogs, rolled into a remote Northwestern town. [...]

Amazon Wants to ‘Win at Games.’ So Why Hasn’t It?

7 October 2020

After brute-forcing its way to dominance in so many industries, the tech leviathan may finally have met its match. [...]

A Poker Pro Accused of Cheating Wants $330M in Damages

6 October 2020

Mike Postle claims he was the victim of an elaborate online campaign to tar him as a fraud—and he's suing a dozen defendants. [...]

The Dispersed Family Is Hurting

1 October 2020

The dispersed modern family depends on easy travel. Now that it’s much harder, the question becomes: How long is too long to not see a parent? [...]

The West’s Infernos Are Melting Our Sense of How Fire Works

30 September 2020

42,000-foot plumes of ash. 143-mph firenadoes. 1,500-degree heat. These wildfires are a new kind of hell on earth, and scientists are racing to learn its rules. [...]

Windows 10 KB4579311 update won't install, causes Explorer crashes

19 October 2020

Windows 10 users face numerous issues installing the latest KB4579311 cumulative update, and for those who can install, they are reporting various bugs, including performance issues. [...]

US Treasury hits bitcoin mixer with $60 million penalty

19 October 2020

The US Department of Treasury's Financial Crimes Enforcement Network (FinCEN) today announced the first-ever penalty against a Helix and Coin Ninja cryptocurrency mixing services. [...]

Coinbase phishing hijacks Microsoft 365 accounts via OAuth app

19 October 2020

A new phishing campaign uses a Coinbase-themed email to install an Office 365 consent app that gives attackers access to a victim's email. [...]

FBI warns of newly registered domains spoofing US Census Bureau

19 October 2020

The Federal Bureau of Investigation (FBI) issued a flash alert to warn of the potential use of spoofed US Census Bureau domains in future malicious campaigns including phishing and credential theft attacks. [...]

US indicts Russian GRU 'Sandworm' hackers for NotPetya, worldwide attacks

19 October 2020

The U.S. Department of Justice has charged six Russian intelligence operatives for hacking operations related to the Pyeongchang Winter Olympics, the 2017 French elections, and the notorious NotPetya ransomware attack. [...]

Hackers hijack Telegram, email accounts in SS7 mobile attack

19 October 2020

Hackers with access to the Signaling System 7 (SS7) used for connecting mobile networks across the world were able to gain access to Telegram messenger and email data of high-profile individuals in the cryptocurrency business. [...]

Windows GravityRAT malware now also targets Android, macOS

19 October 2020

GravityRAT, a malware strain known for checking the CPU temperature of Windows computers to detect virtual machines or sandboxes, is now multi-platform spyware as it can now also be used to infect Android and macOS devices. [...]

Microsoft removed another Windows 10 2004 safeguard hold

19 October 2020

Microsoft removed a Windows 10, version 2004 compatibility hold blocking devices with certain WWAN LTE modems from upgrading to the latest Windows version. [...]

Bug bounty reporter cashes out on someone else's exploit

19 October 2020

While bug bounty programs have gained increased momentum and interest from the security research community for their role in promoting security awareness and responsible vulnerability disclosure, they are not without their share of problems. [...]

Watch out for Emotet malware's new 'Windows Update' attachment

18 October 2020

The Emotet botnet has begun to use a new malicious attachment that pretends to be a message from Windows Update telling you to upgrade Microsoft Word. [...]

Trump and Biden mics will be muted in the final presidential debate - CNET

20 October 2020

The debate commission has adopted new rules for this week's debate, AP reports. [...]

Disney Plus: Every new movie and TV show coming in November 2020 - CNET

19 October 2020

The Mandalorian season 2 will be in full flight. [...]

Archaeologists discover massive 2,000-year-old cat doodle carving in Peru - CNET

19 October 2020

Pointy-eared kitty sprawls for 121 feet across a hillside in the Nazca desert. [...]

Bill Gates reveals details of his upcoming climate change book - CNET

19 October 2020

How to Avoid a Climate Disaster will be published in February 2021. [...]

51 of the best TV shows to binge-watch on Netflix - CNET

19 October 2020

Searching for a great show to binge? Here are some of the best Netflix has to offer. [...]

16 best TV shows to stream on Amazon Prime Video - CNET

19 October 2020

Searching for a great show to watch tonight? Let's round up Amazon's best gems. [...]

NASA's Osiris-Rex set to grab a piece of asteroid Bennu: How to watch live - CNET

19 October 2020

NASA's van-size asteroid-chaser will attempt to swipe space souvenirs from Bennu Tuesday to bring home to Earth. But it might not be easy. [...]

Avatar 2 image reveals new character heading to Pandora - CNET

19 October 2020

Meet General Ardmore, played by Nurse Jackie's Edie Falco. [...]

Facebook and Twitter's handling of NY Post article fuels concern about their power - CNET

19 October 2020

Republicans say social networks suppress conservative speech, but the companies have long denied such allegations. [...]

The rarest primate on Earth is in danger. A rope bridge could help it survive - CNET

19 October 2020

The Hainan gibbon faces high extinction rates, and conservationists want to reverse the trend. [...]

NSS Labs Shuttered

19 October 2020

The testing firm's website says it has 'ceased operations' as of Oct. 15. [...]

Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns

19 October 2020

US Department of Justice charges members of Sandworm/APT28 for BlackEnergy, NotPetya, Olympic Destroyer, and other major attacks. [...]

GravityRAT Spyware Targets Android & MacOS in India

19 October 2020

The Trojan once used in attacks against Windows systems has been transformed into a multiplatform tool targeting macOS and Android. [...]

IoT Vulnerability Disclosure Platform Launched

19 October 2020

VulnerableThings.com is intended to help vendors meet the terms of a host of new international IoT security laws and regulations. [...]

Microsoft Tops Q3 List of Most-Impersonated Brands

19 October 2020

The technology sector was also the most likely targeted industry for brand phishing attacks, according to Check Point's latest report on brand phishing. [...]

Trickbot, Phishing, Ransomware & Elections

19 October 2020

The botnet has taken some hits lately, but that doesn't mean the threat is over. Here are some steps you can take to keep it from your door. [...]

7 Tips for Choosing Security Metrics That Matter

19 October 2020

Experts weigh in on picking metrics that demonstrate how the security team is handling operational efficiency and reducing risk. [...]

Chart: The Pandemic Reprioritizes Security Projects

19 October 2020

Responses among IT and security pros reflect concern over vulnerabilities incurred by workers accessing the enterprise network from poorly protected home networks. [...]

A Swift Reminder About Cybersecurity

19 October 2020

The hackers gonna crack, crack, crack, crack, crack ... [...]

Expert Tips to Keep WordPress Safe

19 October 2020

The most widely used content management system on the Web relies heavily on plug-ins and add-on software -- and that requires rigorous security measures at every level. [...]

Will Robo-Helpers Help Themselves to Your Data?

8 September 2020

Are you sure that your robo-helpers are secure? [...]

Securing the Hybrid Workforce Begins with Three Crucial Steps

2 September 2020

The global shift to a remote workforce has redefined the way organizations structure their business models. [...]

A New Strategy for DDoS Protection: Log Analysis on Steroids

26 August 2020

Incorporating a data lake philosophy into your security strategy is like putting log analysis on steroids. [...]

COVID-19 Aside, Data Protection Regulations March Ahead: What To Consider

26 August 2020

Despite the COVID-19 pandemic, companies are obligated to comply with many laws governing data security and privacy [...]

SecurityWeek Extends ICS Cyber Security Conference Call for Presentations to August 31, 2020

12 August 2020

The official Call for Presentations (speakers) for SecurityWeek’s 2020 Industrial Control Systems (ICS) Cyber Security Conference, being held October 19 – 22, 2020 in SecurityWeek’s Virtual Conference Center, has been extended to August 31st. [...]

SecurityWeek to Host Cloud Security Summit Virtual Event on August 13, 2020

12 August 2020

SecurityWeek will host its 2020 Cloud Security Summit virtual eventon Thursday, August 13, 2020. [...]

Avoiding Fuelling the Cyber-Crime Economy

11 August 2020

What drives the cyber-crime economy, and how can organizations prevent their data being used as a criminal commodity? [...]

Expect Behavioral Analytics to Trigger a Consumer Backlash

10 August 2020

The deployment of cameras, sensors and applications in public and private places for behavioral analytics will be followed by consumer and regulatory backlash. [...]

Holding public cloud security to account

10 August 2020

The public cloud provides great flexibility and cost management for organizations, but what about security? [...]

No Silver Bullet for Addressing Cybersecurity Challenges During Pandemic

10 August 2020

As the coronavirus pandemic forced organizations to migrate to a work-from-home context, security professionals faced new challenges. [...]

Optus turns to AWS for help with becoming 'end-to-end' cloud solutions supplier

20 October 2020

Telco has also launched the Optus Cloud Academy, which will provide training for an estimated 2,000 employees on AWS cloud skills. [...]

Westpac brings Afterpay on as first digital 'bank-as-a-service' platform partner

20 October 2020

Afterpay will soon be offering Westpac products and tools to its customers under the deal. [...]

Pakistan overturns ban on TikTok after promises of improved moderation practices

19 October 2020

The ban was ordered after TikTok failed to comply with local content laws. [...]

Australia's ocean patrolling drones and water surveillance project in tender limbo

19 October 2020

The Future Maritime Surveillance Capability project was announced nearly two years ago, but the department is still sitting on pitches from the market. [...]

UK says Russia was preparing cyber-attacks against the Tokyo Olympics

19 October 2020

Targets included the Games' organizers, logistics services, and sponsors, UK officials said. [...]

NSW government inks AU$328m internet upgrade deal with Telstra

19 October 2020

More than 5,200 km of fibre will be rolled out, which is set to benefit 2,000-plus public schools. [...]

CyberCX pays AU$25m for Decipher Works and CloudTen

19 October 2020

Cybersecurity megamix continues its shopping spree by adding identity management firm Decipher Works and cloud security specialists CloudTen to its growing list of brands. [...]

Zendesk adding customer support via Instagram, says social is surging

19 October 2020

Helpdesk software provider Zendesk this afternoon said it will add the ability for customer support reps to take inbound requests directly from Instagram. [...]

OpenStack Foundation transforms into the Open Infrastructure Foundation

19 October 2020

In a move, which has been coming for a while, OpenStack widens its focus from the OpenStack IaaS cloud to a variety of open-source cloud technologies. [...]

IBM's Q3 solid with strength in Red Hat, hybrid cloud

19 October 2020

The company reported non-GAAP third quarter earnings of $2.58 a share on revenue of $17.6 billion, down 2.6% from a year ago. [...]

Crisis and an Incontestable Need for Security — A Business Viewpoint

19 October 2020

Data, data, data. We have plenty of it, and in the eyes of some, it’s considered too much of a good thing. In practical terms, too much data often translates into blurred sight lines or the likely abetting of threats hiding within our environment. Improperly managed, it surely affects one’s ability to simply ‘see’ what’s […] The post Crisis and an Incontestable Need for Security — A Business Viewpoint appeared first on Security Intelligence. [...]

New Vizom Malware Discovered Targets Brazilian Bank Customers with Remote Overlay Attacks

19 October 2020

IBM Security Trusteer researchers have discovered a new malware code and active campaign targeting online banking users in Brazil. The malware, coined “Vizom” by the team, uses familiar remote overlay attack tactics to take over user devices in real time, as the intended victim logs in, and then initiates fraudulent transactions from their bank account. […] The post New Vizom Malware Discovered Targets Brazilian Bank Customers with Remote Overlay Attacks appeared first on Security Intelligence. [...]

Facing a Privacy Breach Under Growing GDPR-inspired Laws Can Pose Challenges for Companies

16 October 2020

Almost everyone at this point has heard about the European Union’s (EU) General Data Protection Regulation (GDPR). You’ve probably received an email from a company that you have shopped with explaining the recent changes in their privacy policy. Or, you’ve sat through a GDPR training at work, or you’re simply aware that some of the […] The post Facing a Privacy Breach Under Growing GDPR-inspired Laws Can Pose Challenges for Companies appeared first on Security Intelligence. [...]

Modernizing Your Security Operations Center for the Cloud

14 October 2020

Several factors are converging to exert pressure on how security operations centers (SOCs) traditionally function. Evolving information technology (IT) infrastructure, such as cloud migration, serverless services and endpoints being off-network, are straining existing SOC methodologies and tooling. The attack surface is expanding as a result of the distributed workforce and adoption of cloud-based infrastructure and […] The post Modernizing Your Security Operations Center for the Cloud appeared first on Security Intelligence. [...]

Are Bug Bounty Programs Worth It?

12 October 2020

Bug bounty programs are on the rise, and participating security researchers earned big bucks as a result. According to a report released by HackerOne in February 2020, hackers had collectively earned approximately $40 million from those programs in 2019. This amount is nearly equal to the bounty totals hackers received for all preceding years combined. […] The post Are Bug Bounty Programs Worth It? appeared first on Security Intelligence. [...]

How Cybersecurity Threat Intelligence Teams Spot Attacks Before They Start

9 October 2020

Rigorous intelligence assists clients in the critical moment — when an attacker is already on the network and defenders need to act swiftly before significant damage is done. Yet even when the critical moment is over, intelligence has a multiplying effect by injecting new information gained into platforms that inform incident response consultants, managed security […] The post How Cybersecurity Threat Intelligence Teams Spot Attacks Before They Start appeared first on Security Intelligence. [...]

IBM Named a CIAM Leader in the Forrester Wave Report

8 October 2020

Not all leading identity and access management (IAM) vendors can also be successful as consumer identity and access management (CIAM) vendors. But with the right identity expertise, it’s possible. As Zero Trust mantras permeate the security and IT landscape, we know by now that everything’s about context, and not a single identity is to be […] The post IBM Named a CIAM Leader in the Forrester Wave Report appeared first on Security Intelligence. [...]

Autonomous Vehicle Security Needs From A Hacker’s Perspective

8 October 2020

With connected cars becoming more common, the industry has more standards and options when it comes to autonomous vehicle security. Adam Laurie, known in hacker circles as Major Malfunction, leads X-Force Red’s automotive testing practice. He has seen firsthand how easy it can be to compromise an autonomous vehicle if strong security processes and controls […] The post Autonomous Vehicle Security Needs From A Hacker’s Perspective appeared first on Security Intelligence. [...]

Cybersecurity Awareness: 6 Myths And How To Combat Them

7 October 2020

National Cybersecurity Awareness month is upon us. And, so is the opportunity to look at what common C-suite misconceptions could be handcuffing security awareness efforts. As we enter the back half of 2020, now is the time to look at myths and highlight their relevancy in this chaotic year. Which myths are in the modern threat landscape? […] The post Cybersecurity Awareness: 6 Myths And How To Combat Them appeared first on Security Intelligence. [...]

Thinking Outside the Dox: What IT Security Can Learn From Doxing

6 October 2020

Doxing is rightfully regarded as a dangerous threat, potentially exposing personal information where it shouldn’t be. But, defenses derived from doxing may strengthen corporate cybersecurity at scale. Doxing is the dark side to widespread data dispersal and discovery. Data is leveraged to harm individuals or organizations, often as retaliation for real or perceived slights. As […] The post Thinking Outside the Dox: What IT Security Can Learn From Doxing appeared first on Security Intelligence. [...]

Android, macOS Versions of GravityRAT Spyware Spotted in Ongoing Campaign

19 October 2020

Kaspersky security researchers have identified versions of the GravityRAT spyware that are targeting Android and macOS devices. read more [...]

Scammers Seize on US Election, But It's Not Votes They Want

19 October 2020

The email from a political action committee seemed harmless: if you support Joe Biden, it urged, click here to make sure you’re registered to vote. read more [...]

U.S. Charges Russian Intelligence Officers for NotPetya, Industroyer Attacks

19 October 2020

The U.S. Department of Justice on Monday announced charges against six Russian intelligence officers for their alleged role in several major cyberattacks conducted over the past years. read more [...]

CISA Warns of Remote Code Execution Bugs in Visual Studio, Windows Codecs Library

19 October 2020

The Cybersecurity and Infrastructure Security Agency (CISA) on Friday informed users about the availability of patches for two remote code execution vulnerabilities that affect Windows Codecs Library and Visual Studio Code. read more [...]

Google Says No Significant Election Influence Campaigns Targeting Its Users

19 October 2020

Google says its Threat Analysis Group (TAG) hasn’t observed any significant coordinated influence campaigns that are targeting United States voters on its platform. Despite that, however, the search giant did observe foreign actors launching phishing attacks targeting the U.S. presidential elections, albeit the attempts did not appear to be successful. read more [...]

French Court Tries Russian for Multi-Million-Euro Cyberfraud

19 October 2020

A Russian goes on trial in Paris Monday accused of having defrauded nearly 200 victims across the world of 135 million euros using ransomware. read more [...]

Google Targeted in Record-Breaking 2.5 Tbps DDoS Attack in 2017

19 October 2020

Google revealed last week that its infrastructure was targeted in a record-breaking distributed denial-of-service (DDoS) attack back in September 2017. read more [...]

UK Data Privacy Watchdog Slashes BA Fine as Virus Bites

19 October 2020

The UK's data privacy watchdog on Friday slashed a fine imposed on British Airways over a cyber attack after taking into account coronavirus fallout on the embattled airline's finances. read more [...]

Dickey's Barbecue Pit Investigating Possible Breach Affecting 3M Payment Cards

16 October 2020

A data set of millions of payment card records apparently stolen from US-based restaurant franchise Dickey’s Barbecue Pit has emerged on a Dark Web marketplace, Gemini Advisory reports. read more [...]

TikTok Launches Public Bug Bounty Program

16 October 2020

TikTok announced this week that it has launched a public bug bounty program in collaboration with HackerOne. read more [...]

Trump says ‘nobody gets hacked’ but forgot his hotel chain was hacked — twice

20 October 2020

According to President Trump speaking at a campaign event in Tucson, Arizona, on Monday, “nobody gets hacked.” You don’t need someone who covers security day in and day out to call bullshit on this one. “Nobody gets hacked. To get hacked you need somebody with 197 IQ and he needs about 15 percent of your […] [...]

ShopUp raises $22.5 million to digitize millions of mom-and-pop shops in Bangladesh

20 October 2020

A startup that is aiming to digitize millions of neighborhood stores in Bangladesh just raised the country’s largest Series A financing round. Dhaka-headquartered ShopUp said on Tuesday it has raised $22.5 million in a round co-led by Sequoia Capital India and Flourish Ventures. For both the venture firms, this is the first time they are […] [...]

SAIF Partners rebrands as Elevation Capital, secures $400 million for its new India fund

19 October 2020

SAIF Partners has raised $400 million for a new fund and rebranded the 18-year-old influential venture capital firm as it looks to back more early-stage startups in the world’s second largest internet market. The new fund is SAIF Partners’ seventh for early-stage startups in India. Its previous two funds were each $350 million in size, […] [...]

Lee Fixel is already raising a massive second fund

19 October 2020

On Friday, former Tiger Global Management investor Lee Fixel registered plans for the second fund of his new investment firm, Addition, just four months after closing the first. According to a report on Friday by the Financial Times, the outfit spent last week finalizing the fundraising for the $1.4 billion fund, which Addition reportedly doesn’t […] [...]

TikTok’s QAnon ban has been ‘buggy’

19 October 2020

TikTok has been cracking down on QAnon-related content, in line with similar moves by other major social media companies, including Facebook and YouTube, which focus on reducing the spread the baseless conspiracy theory across their respective platforms. According to a report by NPR this weekend, TikTok had quietly banned several hashtags associated with the QAnon […] [...]

Daily Crunch: Pakistan un-bans TikTok

19 October 2020

TikTok returns to Pakistan, Apple launches a music-focused streaming station and SpaceX launches more Starlink satellites. This is your Daily Crunch for October 19, 2020. The big story: Pakistan un-bans TikTok The Pakistan Telecommunication Authority blocked the video app 11 days ago, over what it described as “immoral,” “obscene” and “vulgar” videos. The authority said […] [...]

Amazon Echo Dot with Clock review: A mostly aesthetic update

19 October 2020

It’s been a busy few weeks for smart speakers. Amazon kicked things off in late September with newer, rounder versions of both the Echo and Echo Dot. Less than a week later, Google updated the Home, after four years, with the rebranded Nest Audio. And then, last week, Apple unveiled the long-awaited $99 HomePod Mini, […] [...]

Who regulates social media?

19 October 2020

Social media platforms have repeatedly found themselves in the United States government’s crosshairs over the last few years, as it has been progressively revealed just how much power they really wield, and to what purposes they’ve chosen to wield it. But unlike, say, a firearm or drug manufacturer, there is no designated authority that says […] [...]

Juniper Networks acquires Boston-area AI SD-WAN startup 128 Technology for $450M

19 October 2020

Today Juniper Networks announced it was acquiring smart wide area networking startup 128 Technology for $450 million. This marks the second AI-fueled networking company Juniper has acquired in the last year and a half after purchasing Mist Systems in March 2019 for $405 million. With 128 Technology, the company gets more AI SD-WAN technology. SD-WAN […] [...]

Lockheed picks Relativity’s 3D-printed rocket for experimental NASA mission

19 October 2020

Relativity Space has bagged its first public government contract, and with a major defense contractor at that. The launch startup’s 3D-printed rockets are a great match for a particularly complex mission Lockheed is undertaking for NASA’s Tipping Point program. The mission is a test of a dozen different cryogenic fluid management systems, including liquid hydrogen, […] [...]

Google Warns of Zero-Click Bluetooth Flaws in Linux-based Devices

16 October 2020

Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices. According to security engineer Andy Nguyen, the three flaws — collectively called BleedingTooth — reside in the open-source BlueZ protocol stack [...]

India Witnessed Spike in Cyber Attacks Amidst Covid-19 - Here's Why?

15 October 2020

The COVID-19 outreach is turning out to be not only health, social, and economic hazard but also a cybersecurity crisis. The pandemic has presented new challenges for businesses in the areas of remote collaboration and business continuity. With increased remote working for better business continuity, employees are using numerous Internet tools. As businesses and people have started relying more [...]

Police Raided German Spyware Company FinFisher Offices

14 October 2020

German investigating authorities have raided the offices of Munich-based company FinFisher that sells the infamous commercial surveillance spyware dubbed 'FinSpy,' reportedly in suspicion of illegally exporting the software to abroad without the required authorization. Investigators from the German Customs Investigation Bureau (ZKA), ordered by the Munich Public Prosecutor's Office, searched a [...]

FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks

14 October 2020

A financially-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion. According to FireEye's Mandiant threat intelligence team, the collective — known as FIN11 — has engaged in a pattern of cybercrime campaigns at least since 2016 that involves monetizing their access to organizations' networks, in addition to deploying [...]

Guide: Scale or Fail — Why MSSPs Need Multitenant Security Solutions

14 October 2020

Managed Security Services Providers (MSSPs) have it rough. They have the burden of protecting their client organizations from cyberattacks, with clients from different industries, different security stacks, and different support requirements. And everything is in a constant state of flux. MSSPs are turning to multitenant solutions to help reduce the complexity of managing multiple security [...]

Microsoft Releases Patches For Critical Windows TCP/IP and Other Bugs

16 October 2020

Microsoft on Tuesday issued fixes for 87 newly discovered security vulnerabilities as part of its October 2020 Patch Tuesday, including two critical remote code execution (RCE) flaws in Windows TCP/IP stack and Microsoft Outlook. The flaws, 11 of which are categorized as Critical, 75 are ranked Important, and one is classified Moderate in severity, affect Windows, Office and Office Services and [...]

Microsoft and Other Tech Companies Take Down TrickBot Botnet

13 October 2020

Days after the US Government took steps to disrupt the notorious TrickBot botnet, a group of cybersecurity and tech companies has detailed a separate coordinated effort to take down the malware's back-end infrastructure. The joint collaboration, which involved Microsoft's Digital Crimes Unit, Lumen's Black Lotus Labs, ESET, Financial Services Information Sharing and Analysis Center (FS-ISAC), [...]

A Self-Service Password Reset Project Can Be A Quick Win For IT

12 October 2020

Since the beginning of this year, organizations' IT staff have faced numerous challenges and an increased workload as a result of the global pandemic and shift to a mainly remote workforce. Supporting end-users that are now working from home has introduced new challenges in troubleshooting since it isn’t as simple as visiting an end user’s desk to resolve issues as they arise. One support issue [...]

Watch Out — Microsoft Warns Android Users About A New Ransomware

12 October 2020

Microsoft has warned about a new strain of mobile ransomware that takes advantage of incoming call notifications and Android's Home button to lock the device behind a ransom note. The findings concern a variant of a known Android ransomware family dubbed "MalLocker.B" which has now resurfaced with new techniques, including a novel means to deliver the ransom demand on infected devices as well as [...]

55 New Security Flaws Reported in Apple Software and Services

9 October 2020

A team of five security researchers analyzed several Apple online services for three months and found as many as 55 vulnerabilities, 11 of which are critical in severity. The flaws — including 29 high severity, 13 medium severity, and 2 low severity vulnerabilities — could have allowed an attacker to "fully compromise both customer and employee applications, launch a worm capable of [...]

Episode 190: 20 Years, 300 CVEs. Also: COVID’s Lasting Security Lessons

11 October 2020

In this episode of the podcast (#190), sponsored by LastPass, Larry Cashdollar of Akamai joins us to talk about how finding his first CVE vulnerability, more than 20 years ago, nearly got him fired. Also: Katie Petrillo of LastPass joins us to talk about how some of the security adjustments we've made for COVID might not go away any time soon. ...Read the whole entry... » Related StoriesPodcast Episode 189: AppSec for Pandemic Times, A Conversation with GitLab Security VP Jonathan HuntSpotlight Podcast: Taking a Risk-Based Approach to Election SecuritySpotlight Podcast: QOMPLX CISO Andy Jaquith on COVID, Ransomware and Resilience [...]

Opinion: Staying Secure Through 5G Migration

8 October 2020

To achieve their 5G transformation, telecommunications providers require security solutions and platforms built from the ground up for modern, dynamic business models. The post Opinion: Staying Secure Through 5G Migration appeared first on The Security Ledger. Related StoriesPKI Points the Way for Identity and Authentication in IoTChina Attacks Surge as Cyber Criminals Capitalize on COVID-19Report: China Rides Cyber Attacks to Superpower Status [...]

Report: Critical Infrastructure Cyber Attacks A Global Crisis

7 October 2020

The systems we rely on to keep the lights on, heat our homes, make our medicines and move our goods are increasingly connecting to the Internet, and increasingly vulnerable to devastating cyber attacks in what a new report calls a looming "global crisis." The post Report: Critical Infrastructure Cyber Attacks A Global Crisis appeared first on The...Read the whole entry... »Related StoriesPKI Points the Way for Identity and Authentication in IoTChina Attacks Surge as Cyber Criminals Capitalize on COVID-19As Cybercrooks Specialize, More Snooping, Less Smash and Grab [...]

Security Ledger Turns 8!

2 October 2020

Today marks eight years since the first Security Ledger post went live back on October 2, 2012. We're celebrating with a new look and exciting plans for 2021! The post Security Ledger Turns 8! appeared first on The Security Ledger. Related StoriesOpinion: Staying Secure Through 5G MigrationPodcast Episode 189: AppSec for Pandemic Times, A Conversation with GitLab Security VP Jonathan HuntPublic Sector Mega-Vendor Tyler Technologies Says It Was Hacked [...]

Podcast Episode 189: AppSec for Pandemic Times, A Conversation with GitLab Security VP Jonathan Hunt

30 September 2020

The pandemic isn't the only thing shaking up development organizations. Application security is a top concern and security work is "shifting left" and becoming more intertwined with development. In this podcast, Security Ledger Editor in Chief Paul Roberts talks about it with Jonathan Hunt, Vice President of Security at the firm GitLab. The post ...Read the whole entry... » Related StoriesEpisode 190: 20 Years, 300 CVEs. Also: COVID’s Lasting Security LessonsSpotlight Podcast: Taking a Risk-Based Approach to Election SecuritySpotlight Podcast: How Machine Learning is redefining Application Fuzzing [...]

Public Sector Mega-Vendor Tyler Technologies Says It Was Hacked

24 September 2020

Tyler Technologies, the U.S.’s largest provider of software and services to the public sector said on Wednesday that it was hacked by unknown assailants, who gained “unauthorized access” to the company’s IT and phone systems. Tyler, which sells software that supports a wide range of public sector functions such as...Read the whole entry... »Related StoriesSpotlight Podcast: Taking a Risk-Based Approach to Election SecuritySpotlight Podcast: QOMPLX CISO Andy Jaquith on COVID, Ransomware and ResiliencePodcast Episode 189: AppSec for Pandemic Times, A Conversation with GitLab Security VP Jonathan Hunt [...]

Spotlight Podcast: Intel’s Matt Areno – Supply Chain is the New Security Battlefield

18 September 2020

In this Spotlight Podcast, sponsored by The Trusted Computing Group, we speak with Matthew Areno, a Principal Engineer in the Intel Product Assurance and Security (IPAS) group about the fast-changing landscape of cyber threats including attacks on hardware and software supply chains. The post Spotlight Podcast: Intel’s Matt Areno –...Read the whole entry... » Related StoriesSpotlight Podcast: CTO Zulfikar Ramzan on RSA’s Next Act: Security Start-UpSpotlight Podcast: Taking a Risk-Based Approach to Election SecurityEpisode 190: 20 Years, 300 CVEs. Also: COVID’s Lasting Security Lessons [...]

As Election Day Nears, Kremlin Leans on Hackers-for-Hire

14 September 2020

The DOJ indicted a Russian national for his role in a campaign to undermine the U.S. election...and mine some cryptocurrency along the way. It is the latest evidence of Russia's willingness to use cyber criminals to conduct state-sponsored espionage. The post As Election Day Nears, Kremlin Leans on Hackers-for-Hire appeared first on The Security...Read the whole entry... »Related StoriesSpotlight Podcast: Taking a Risk-Based Approach to Election SecurityReport: China Rides Cyber Attacks to Superpower Status401(k) Cyber Fraud Is Growing. Everyone Could Be Liable [...]

PKI Points the Way for Identity and Authentication in IoT

10 September 2020

Modern enterprise networks are populated by both people and, increasingly, "things." But securing the growing population of Internet of Things devices presents unique challenges. In this thought leadership article, Brian Trzupek, the Senior Vice President of Emerging Markets at DigiCert discusses what is needed for effective IoT security. The post ...Read the whole entry... »Related StoriesThe Essential Role of IAM in Remote WorkWhat’s Good IAM? The Answer may depend on your IndustryHow NIST Is Securing The Quantum Era [...]

Spotlight Podcast: Dr. Zulfikar Ramzan on RSA’s Next Act: Security Start-Up

2 September 2020

Thirty eight years after it was founded, RSA Security is embarking on what may be its most challenging journey yet: cybersecurity startup. In this Spotlight podcast we're joined by RSA CTO Zulfikar Ramzan about the company's path forward as an independent company. The post Spotlight Podcast: Dr. Zulfikar Ramzan on RSA’s Next Act: Security...Read the whole entry... » Related StoriesSpotlight Podcast: Taking a Risk-Based Approach to Election SecurityPodcast Episode 189: AppSec for Pandemic Times, A Conversation with GitLab Security VP Jonathan HuntSpotlight Podcast: Intel’s Matt Areno – Supply Chain is the New Security Battlefield [...]

After outcry, Microsoft presses pause on unsolicited Windows 10 web app installs

20 October 2020

On Saturday, I pointed out how Microsoft force-restarting Windows 10 computers to install unwanted web apps was the latest proof you don’t own your own Windows PC. Today, the company says it was at least partly a mistake — and will be pausing the “migration” that brought web apps to your Start Menu this way. Originally, Microsoft tells The Verge, the idea was that any website you pinned to the Start Menu would launch in Microsoft Edge. If your website of choice had a PWA web app version, the Edge browser could automatically launch that as well. But — in… [...]

Microsoft’s new Xbox app lets you stream Xbox One games to your iPhone or iPad

19 October 2020

Illustration by Alex Castro / The Verge Microsoft’s Xbox app update for iOS and iPadOS is now live, allowing Xbox One owners to stream games to their devices. A new Xbox app is available in the App Store that includes a remote play feature, which lets Xbox One console owners stream their games to an iPhone or iPad. Remote play is different to Microsoft’s xCloud service, which streams games directly from servers instead of your own Xbox One console. This Xbox remote play feature will only connect to your own Xbox console, not to xCloud. It’s similar to Sony’s own… [...]

Google discontinues its Google Nest Secure alarm system

19 October 2020

Photo by Nick Statt / The Verge Google has discontinued its Google Nest Secure alarm system, the company first confirmed to Android Police. And sure enough, if you visit the Nest Secure’s page on the Google Store right now, there’s a big button right at the top that says the product is no longer available. “Google Nest will no longer be producing Nest Secure, however we will continue to support our security users in all the same ways,” a Google spokesperson said in a statement to The Verge. Google introduced the Google Nest Secure system in 2017. It was designed… [...]

Twitch stars are lining up to stream Among Us with AOC

19 October 2020

Rep. Alexandria Ocasio-Cortez (D-NY) is looking for Among Us teammates. On Twitter, Ocasio-Cortez put out an open call for people to play with “to get out the vote.” In a follow-up tweet, she shared a Twitch page for AOC with the note “getting set up!” Her tweet has already drawn attention from streamers like Pokimane and HasanAbi. “It’d be an honor,” wrote Pokimane. As Election Day 2020 closes in, politicians have been turning to game spaces to reach prospective voters. Last week, Democratic candidate Joe Biden’s campaign created a virtual field office in Animal Crossing: New Horizons; in September, the… [...]

Apple should switch the iPhone to USB-C if it really wants to help the environment

19 October 2020

Image: Apple If you buy an iPhone in the future, you’re not getting an included charging brick or earbuds. Apple says the reasons are environmental. Giving out fewer “free” accessories with every phone means using less materials, the company claims, and also makes for smaller boxes that can be shipped more efficiently. So going forward, those boxes will just come with a phone and a Lightning to USB-C cable. I think Apple’s approach is generally a good thing, but it should have gone further by switching away from its proprietary Lightning port entirely and fully embracing USB-C. Right away, that… [...]

US charges six Russian intelligence officers with hacking Ukraine, 2018 Olympics, and Skripal investigation

19 October 2020

Illustration by Alex Castro / The Verge The Justice Department has charged six Russian intelligence officers with involvement in an extensive hacking campaign, including the notorious Petya ransomware attacks that targeted Ukraine in 2015. According to the indictment, the efforts also targeted the country of Georgia, the French elections, the 2018 winter Olympics, and investigations into the poisoning of former Russian military officer Sergei Skripal. Many of the specific incidents in the indictment have been previously reported, but no law enforcement agency has publicly charged Russia’s GRU with orchestrating the attacks. Russia’s primary military intelligence agency, the GRU has previously… [...]

The iPhone 12 won’t support 5G in dual SIM mode at launch

19 October 2020

Image: Apple Apple’s latest iPhone supports 5G networks, but not if you use the device in dual SIM mode, according to an internal Apple training document revealing the issue that began circulating on Reddit over the weekend. Dual SIM mode is a feature introduced on the iPhone line with the iPhone XS, and it’s useful for those traveling or staying abroad (or people who maintain work and personal lines on the same device) by allowing both a physical Nano SIM line and data-only service from another carrier using an eSIM simultaneously. But that apparently interferes with the iPhone 12’s ability… [...]

This app lets you do custom iOS icons without the Shortcuts app

19 October 2020

iPhone icon customization is booming, thanks to new features in iOS 14, but there’s still some big catches. The workaround for a bespoke iPhone homescreen requires routing through Apple’s Shortcuts app every time you want to open an app, and the process of customizing all your apps one-by-one is a time-consuming and frustrating task. But Launch Center Pro — a popular tool for customizing and creating quick shortcuts on iOS — has solved both of those issues with its latest update. With a clever workaround that uses Apple’s own Profiles system to install custom “web clip” profiles that directly link… [...]

Verizon acquires rural Kentucky wireless company Bluegrass Cellular

19 October 2020

Illustration by Alex Castro / The Verge Verizon said Monday it is acquiring “certain assets” of Bluegrass Cellular, a wireless service provider in rural Kentucky. According to a news release, Bluegrass Cellular was the first wireless provider in central Kentucky, launching in 1991. It serves 210,000 customers in 34 Kentucky counties. Terms of the deal were not disclosed, and it’s still subject to FCC approval, but is expected to close later this year or early in 2021, according to Verizon. The companies have had a working relationship for several years; in 2012 Bluegrass launched LTE service in Kentucky as part… [...]

Sony releases free Black Lives Matter PS4 theme

19 October 2020

Image: Sony Sony has provided a new way for PS4 owners to show their support for the Black Lives Matter movement inside their consoles. Today, the company released a new static theme on the PlayStation Store called the “Black Lives Matter Theme.” The theme is available now for free on the PlayStation Store. As you can see from the images above, when the theme is enabled, the lower portion of the PS4’s user interface displays a solid black wallpaper with a yellow outline of the black raised fist, a symbol associated with the movement, on the right side of the… [...]

US Indicts Sandworm, Russia's Most Destructive Cyberwar Unit

19 October 2020

The Department of Justice has named and charged six men for allegedly carrying out many of the most costly cyberattacks in history. [...]

The Hair-Raising, Record-Setting Race to 331 MPH

19 October 2020

Hang on to your stomach: In two thunderous dashes, supercar maker SSC set multiple production-car speed records. [...]

Babies May Be Drinking Millions of Microplastic Particles a Day

19 October 2020

Scientists discover that baby bottles shed up to 16 million bits of plastic per liter of fluid. What that means for infants’ health, no one can yet say. [...]

The 5 Best Photo Printing Services (2020): Tips, Recommendations, and More

19 October 2020

Print memories you can hang on the wall, stash in your wallet, or just hold in your hand with our favorite online picks. [...]

Joe Biden Is Very Offline—and That’s OK

19 October 2020

If the former veep wins, it won’t be because he had an online meme army behind him. That’s a good sign for American politics. [...]

The Election Will Bring a Hurricane of Misinformation

19 October 2020

Here’s how to prepare yourself for the disaster online. [...]

NASA’s OSIRIS-REx Is About to Touch an Asteroid

19 October 2020

After years of studying Bennu, the spacecraft will make its first attempt at a sample collection on Tuesday. [...]

The New Science of Wildfire Prediction

19 October 2020

On this week's Get WIRED podcast, writer Dan Duane dives into the inevitability of fires in the west and how better models would help combat them. [...]

‘Wait, Sylvie’s Dad Plays?!’ The Joy of Fortnite Parenting

19 October 2020

I picked up the controller to keep tabs on my fifth-grader. What I got was a window into her world—and a lesson in 21st-century fatherhood. [...]

Give These Apps Some Notes and They'll Write Emails for You

18 October 2020

Entrepreneurs are building tools that create emails or marketing copy using GPT-3, text-generation technology released earlier this year. [...]