What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
Blog.png 2019-07-18 14:35:00 Robot Account Apocalypse: RPA Risk Exploding with Adoption (lien direct)

Robotic Process Automation is taking over mundane tasks in the workplace. But those bots may pose a serious security risk, according to researchers from the firm CyberArk.  Robotic Process Automation (RPA) may be the Holy Grail for enterprises these days, but all those bots pose a serious risk to enterprise security, according to research by the...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/604614670/0/thesecurityledger -->»

Blog.png 2019-07-15 14:55:01 Opinion: We need a way to talk about Cyber Physical Risk (lien direct)

Last week’s warnings about serious, remote access flaws affecting GE anesthesiology machines underscore a major gap in our understanding of cyber risk. Namely: we don’t have a good way to measure security flaws that carry cyber physical risk.  Join me in considering warnings about two, recent software vulnerabilities. The first,...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/604488482/0/thesecurityledger -->»

Blog.png 2019-07-12 21:24:02 Episode 153: Hacking Anesthesia Machines and Mayors say No to Ransoms (lien direct)

In this week\'s podcast episode (#153): The researcher who discovered serious remote access security flaws in anesthesia machines by GE says such security holes are common. Also: the US Conference of Mayors voted unanimously to swear off paying ransoms for cyber attacks. But is that a smart idea? We\'re joined by Andrew Dolan of the Multi State...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/604390430/0/thesecurityledger -->»

Blog.png 2019-07-10 21:05:02 Breathe Deeply: DHS warns of Flaw in Hospital Anesthesia Machines (lien direct)

GE learned of a serious vulnerability affecting two brands of anesthesia machines in October. The company on Tuesday advised customers to take steps to protect them from being remotely tampered with.

The post Breathe Deeply: DHS warns of Flaw in Hospital Anesthesia Machines appeared first on The Security Ledger.

-->
Blog.png 2019-07-05 20:31:05 Ahead of Black Hat: Fear and Pessimism in Las Vegas (lien direct)

A survey of security professionals who have attended Black Hat reveals fears for From the 2020 Election, U.S. infrastructure

The post Ahead of Black Hat: Fear and Pessimism in Las Vegas appeared first on The Security Ledger.

-->
Blog.png 2019-07-04 01:52:04 Episode 152: What the Silex Malware says about IoT Insecurity and Cloud Security CEO Steve Mullaney on Amazon ReInforce (lien direct)

In this week\'s podcast episode, #152: we talk with Akamai researcher Larry Cashdollar about his discovery of Silex, a new example of IoT killing malware allegedly authored by a 14 year old. Also: Steve Mullaney, the CEO of the cloud security start up Aviatrix joins us to talk about Amazon\'s new cloud security conference: Re:Inforce.

The post ...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/604063522/0/thesecurityledger -->»

Blog.png 2019-06-28 02:49:04 Episode 151: Ransoming the City with Cesar Cerrudo of IOActive (lien direct)

In this week\'s episode, #151: Cesar Cerrudo, the head of research at the firm IOActive joins us to talk about the recent spate of massive ransomware payouts and why municipal government networks are the favorite target of hackers these days.

The post Episode 151: Ransoming the City with Cesar Cerrudo of IOActive appeared first on The Security...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/603765706/0/thesecurityledger -->»

Blog.png 2019-06-28 02:49:04 Podcast Episode 151: Ransoming the City with Cesar Cerrudo of IOActive (lien direct)

In this week\'s episode, #151: Cesar Cerrudo, the head of research at the firm IOActive joins us to talk about the recent spate of massive ransomware payouts and why municipal government networks are the favorite target of hackers these days.

The post Podcast Episode 151: Ransoming the City with Cesar Cerrudo of IOActive appeared first on ...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/603765706/0/thesecurityledger -->»

Blog.png 2019-06-26 17:47:00 Firm Uncovers Major Cyber-Espionage Campaign Against Telcos (lien direct)

The security firm Cybereason has uncovered a persistent cyber espionage attack on telecommunications companies worldwide to steal data on high-profile users and then spy on them.

The post Firm Uncovers Major Cyber-Espionage Campaign Against Telcos appeared first on The Security Ledger.

-->
Blog.png 2019-06-20 16:10:05 Attack on Tesla Autopilot highlights Bigger Risk of Insecure Sensors (lien direct)

Researchers from the firm Regulus Cyber say that they demonstrated a type of GPS spoofing attack that caused vehicles by Tesla to veer off the road. The impact could be much broader than just Tesla, however.

The post Attack on Tesla Autopilot highlights Bigger Risk of Insecure Sensors appeared first on The Security Ledger.

-->
Blog.png 2019-06-20 01:00:05 Podcast Episode 150: Microsoft\'s Tanya Janca on securing Azure and Armor Scientific\'s CTO on Life after Passwords (lien direct)

In this week\'s episode, #150: Microsoft cloud evangelist Tanya Janca joins us to talk about securing Azure and the challenges of pushing security left. Also: we continue our series on life after passwords as we speak with Nick Buchanan, CTO of Armor Scientific joins us to talk about the imminent demise of the password and what might replace it....

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/603289080/0/thesecurityledger -->»

Blog.png 2019-06-17 12:28:03 Cognitive Bias is the Threat Actor you may never detect (lien direct)

Cognitive bias among workers can undermine security work and lead to critical misinterpretations of data, warns Forcepoint X-Labs research scientist, Dr. Margaret Cunningham.

The post Cognitive Bias is the Threat Actor you may never detect appeared first on The Security Ledger.

-->
Blog.png 2019-06-13 20:47:04 Episode 149: How Real is the Huawei Risk? (lien direct)

In this episode of the podcast we\'re joined by Priscilla Moriuchi of the firm Recorded Future, which released a report this week analyzing the security risks posed by Huawei, the Chinese telecommunications and technology giant.

The post Episode 149: How Real is the Huawei Risk? appeared first on The Security Ledger.

-->
Blog.png 2019-06-13 12:00:01 Expert: Patch Bluekeep Now or Face WannaCry Scenario (lien direct)

The flaw known as BlueKeep could be as dangerous as EternalBlue, the basis of recent malware like WannaCry, according to a report by BitSight.

The post Expert: Patch Bluekeep Now or Face WannaCry Scenario appeared first on The Security Ledger.

-->
Blog.png 2019-06-06 12:00:02 Dark Web Looms Large as Enterprise Threat (lien direct)

New research from the firm Bromium finds dark web listings are booming as operators offer tailored access to enterprise networks.

The post Dark Web Looms Large as Enterprise Threat appeared first on The Security Ledger.

-->
Blog.png 2019-06-05 14:48:00 Episode 148: Joseph Menn on Cult of the Dead Cow also Veracode CEO Sam King on InfoSec\'s Leaky Talent Pipeline (lien direct)

In this week\'s episode of the podcast: Joseph Menn\'s new book Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World hit store shelves this week. We reprise our March interview with Joe and talk about the origins of CDC. Also: is the talent pipeline for information security empty, or has it sprung a leak? We\'re joined...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/602747570/0/thesecurityledger -->»

Blog.png 2019-05-31 16:42:04 Do Cities deserve Federal Disaster Aid after Cyber Attacks? (lien direct)

As cyber attacks on municipalities mount, is it time to start treating them like the manmade disasters they are?

The post Do Cities deserve Federal Disaster Aid after Cyber Attacks? appeared first on The Security Ledger.

-->
Blog.png 2019-05-29 21:52:01 Episode 147: Forty Year Old GPS Satellites offer a Warning about securing the Internet of Things (lien direct)

A programming glitch in GPS satellite software grounded planes in China and other countries. But what does it tell us about the security of the Internet of Things? Bill Malik of Trend Micro joins us to discuss.

The post Episode 147: Forty Year Old GPS Satellites offer a Warning about securing the Internet of Things appeared first on The Security...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/602524426/0/thesecurityledger -->»

Blog.png 2019-05-29 21:52:01 Forty Year Old GPS Satellites tell us lots about securing the Internet of Things (lien direct)

A programming glitch in GPS satellite software grounded planes in China and other countries. But what does it tell us about the security of the Internet of Things? Bill Malik of Trend Micro joins us to discuss.

The post Forty Year Old GPS Satellites tell us lots about securing the Internet of Things appeared first on The Security Ledger.

-->
Blog.png 2019-05-29 14:37:00 Microsoft \'Bluekeep\' Flaw threatens Medical Devices, IoT (lien direct)

Microsoft\'s worm-friendly Bluekeep flaw affects medical devices and other Internet of Things endpoints, security experts are warning.

The post Microsoft ‘Bluekeep’ Flaw threatens Medical Devices, IoT appeared first on The Security Ledger.

-->
Blog.png 2019-05-22 20:49:05 DHS Warns That Drones Made in China Could Steal U.S. Data (lien direct)

The Department of Homeland Security is warning U.S. firms that drones made in China may be spying on them and sending sensitive data to the Chinese government.

The post DHS Warns That Drones Made in China Could Steal U.S. Data appeared first on The Security Ledger.

-->
Blog.png 2019-05-22 13:41:04 Episode 146: Elections Loom, Political Parties struggle with Cyber Security and Securing Cloud with Aporeto\'s Amir Sharif (lien direct)

his week\'s episode, #146: we speak with the researchers behind a new analysis of more than 40 political parties in the US and Europe showing that many suffer from poor cyber security. Also: DEV-OPS methodologies are transforming the way organizations are creating and consuming software. But security technology is stuck in the past. In our second...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/602256100/0/thesecurityledger -->»

Blog.png 2019-05-22 13:41:04 Episode 146: Elections Loom, Political Parties struggle with Cyber Security and Securing Cloud with Aporeto CEO Amir Sharif (lien direct)

his week\'s episode, #146: we speak with the researchers behind a new analysis of more than 40 political parties in the US and Europe showing that many suffer from poor cyber security. Also: DEV-OPS methodologies are transforming the way organizations are creating and consuming software. But security technology is stuck in the past. In our second...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/602256100/0/thesecurityledger -->»

Blog.png 2019-05-17 13:27:02 Researchers Hack Aircraft Landing System with $600 Radios (lien direct)

Airplane radio navigation systems are vulnerable to manipulation using software defined radio, researchers have shown.

The post Researchers Hack Aircraft Landing System with $600 Radios appeared first on The Security Ledger.

-->
Blog.png 2019-05-16 23:00:01 Spotlight Podcast: Managing the Digital Risk in your Digital Transformation (lien direct)

Companies are pursuing digital transformation at all costs. But do they really understand the risks lurking in their digital transformation strategies? In this Spotlight Podcast, sponsored by RSA,* we\'re joined by RSA Portfolio Strategist Steve Schlarman for a discussion of managing the risks in digital transformation.

The post Spotlight Podcast:...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/602061824/0/thesecurityledger -->»

Blog.png 2019-05-15 02:31:05 Israeli Group Exploited WhatsApp to Spy on Users (lien direct)

An Israeli firm has exploited a flaw in the popular messaging mobile app WhatsApp to plant spyware on iPhones and Android. One phone call is all it takes for software developed by the Israeli firm NSO Group to install itself on a vulnerable iPhone or Android device, according to a published report in the FT Times. The publication broke the news,...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/601981834/0/thesecurityledger -->»

Blog.png 2019-05-09 19:38:04 Chinese APT Group, Used Stolen NSA Hacking Tools Before Shadow Brokers (lien direct)

A group with links to the government of China was using hacking tools developed by the NSA even before they are believed to have been stolen, a new report contends.

The post Chinese APT Group, Used Stolen NSA Hacking Tools Before Shadow Brokers appeared first on The Security Ledger.

-->
Blog.png 2019-05-09 01:37:03 Episode 145: Veracode CTO Chris Wysopal and Life After Passwords with Plurilock (lien direct)

In this week\'s episode, #145 Veracode CTO Chris Wysopal joins us to talk about the early days of the information security industry with L0pht and securing software supply chains. Also: we continue our series on life after the password by speaking to Ian Paterson, the CEO of behavioral authentication vendor Plurilock.

The post Episode 145:...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/601758732/0/thesecurityledger -->»

Blog.png 2019-05-08 14:31:01 Report: Companies Still Grappling with IoT Security (lien direct)

Data breaches relating to unsecured Internet of Things devices have jumped by more than 10 percent since 2017, suggesting security efforts aren\'t keeping pace with the growth of the Internet of Things, a new study finds.

The post Report: Companies Still Grappling with IoT Security appeared first on The Security Ledger.

-->
Blog.png 2019-05-02 12:31:01 New IoT Security Regulations on Tap in U.S., U.K. (lien direct)

Lawmakers in the U.S. and U.K. are readying new laws that will crack down on insecure Internet of Things devices in both the public and private sectors.

The post New IoT Security Regulations on Tap in U.S., U.K. appeared first on The Security Ledger.

-->
Blog.png 2019-05-01 03:27:04 Episode 144: Infosec Supporting Right to Repair with Joe Grand and Kyle Wiens (lien direct)

In this week\'s podcast, Joe Grand of Grand Idea Studio and Kyle Wiens of iFixit join me to talk about the launch of securepairs.org and fighting cybersecurity FUD in the right to repair.

The post Episode 144: Infosec Supporting Right to Repair with Joe Grand and Kyle Wiens appeared first on The Security Ledger.

-->
Blog.png 2019-04-30 21:26:05 Unsecured Database Exposes Data of 80M U.S. Households (lien direct)

Researchers have found an unsecured Microsoft-hosted cloud database that holds personal information from 80 million U.S. households, exposing sensitive data and putting people at risk for identity theft, ransomware and other cybercrimes.

The post Unsecured Database Exposes Data of 80M U.S. Households appeared first on The Security Ledger.

-->
Blog.png 2019-04-30 04:05:03 Introducing Securepairs.org: Fighting Infosec FUD for the Right to Repair (lien direct)

Cybersecurity luminaries including Bruce Schneier, Gary McGraw, Joe Grand, Chris Wysopal and Katie Moussouris are backing securepairs.org, countering industry efforts to paint proposed right to repair laws in 20 states as a cyber security risk.

The post Introducing Securepairs.org: Fighting Infosec FUD for the Right to Repair appeared first on ...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/601388550/0/thesecurityledger -->»

Blog.png 2019-04-25 01:19:00 FBI: Cybercrime Accounted for $2.7B in Losses in 2018 (lien direct)

Organizations lost $2.7 billion to Internet-enabled theft, fraud and exploitation in 2018, with business e-mail compromise scams resulting in the highest of these financial losses, according to the FBI\'s Internet Crime Complaint Center (IC3).

The post FBI: Cybercrime Accounted for $2.7B in Losses in 2018 appeared first on The Security Ledger...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/601162276/0/thesecurityledger -->»

Blog.png 2019-04-23 18:27:04 Podcast Episode 143: Tufin\'s IPO with CEO Ruvi Kitov and Capsule8 on securing Linux at Scale (lien direct)

Tufin (TUFN) became the latest cyber security firm to have an initial public offering. In our first segment, we speak to its co-founder and CEO Reuven Kitov. Also: as more and more applications and workloads shift to the cloud, securing high-performance Linux environments has become a priority. In our second segment, we speak with Kelly Shortridge...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/601113080/0/thesecurityledger -->»

Blog.png 2019-04-23 16:00:01 Drive-By Malware Uses Google Sites for Drive by Download Attacks (lien direct)

New malware, LoadPCBanker, is leveraging Google\'s Sites to spread via drive-by download attacks, according to a new report. Companies are advised to block uploads and downloads from the service.

The post Drive-By Malware Uses Google Sites for Drive by Download Attacks appeared first on The Security Ledger.

-->
Blog.png 2019-04-17 13:00:00 Report: Bad Bots sent One in Five Web Requests in 2018 (lien direct)

Distil Network\'s annual assessment of bad bots, “Bad Bot Report 2019: The Bot Arms Race Continues,” found that bad bots accounted for one in five website requests in 2018, or 20.4 percent of web traffic.

The post Report: Bad Bots sent One in Five Web Requests in 2018 appeared first on The Security Ledger.

-->
Blog.png 2019-04-17 03:54:00 Podcast Episode 142: On Supply Chains Diamond-based Identities are forever (lien direct)

In this week\'s episode, #142:  we continue our series on Life after Passwords: the Future of Online Identity as we are joined by Ophir Gaathon, the CEO of the firm Dust Identity.

The post Podcast Episode 142: On Supply Chains Diamond-based Identities are forever appeared first on The Security Ledger.

-->
Blog.png 2019-04-11 17:10:02 Spotlight Podcast: Fixing Supply Chain Hacks with Strong Device Identities (lien direct)

Supply chain hacks like ME Docs and ASUS aren\'t inevitable. In this Spotlight Podcast, sponsored by Trusted Computing Group, I speak with Dennis Mattoon, a Principal Researcher at Microsoft Research and the Chairman of the Trusted Computing Group\'s DICE Architectures Working Group* about how strong device identities for IoT endpoints can stop...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/600730472/0/thesecurityledger -->»

Blog.png 2019-04-11 14:20:00 Mysterious Trisis Malware Strikes Again (lien direct)

Researchers at the firm FireEye warn that TRITON, a type of malware that targets industrial control safety systems, has resurfaced at a facility in the Middle East.

The post Mysterious Trisis Malware Strikes Again appeared first on The Security Ledger.

-->
Blog.png 2019-04-10 12:12:01 Warning: Trump Terrorist Designation May Prompt Iranian Cyber Attacks (lien direct)

The Trump Administration\'s designation of Iran\'s Islamic Revolutionary Guard Corps as a foreign terrorist organization could prompt retaliatory cyber attacks from state-sponsored actors from the Islamic Republic, security researchers from Recorded Future warn.

The post Warning: Trump Terrorist Designation May Prompt Iranian Cyber Attacks appeared...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/600679906/0/thesecurityledger -->»

Blog.png 2019-04-09 22:49:01 Podcast Episode 141: Massive Data Breaches Just Keep Happening. We Talk about Why. (lien direct)

Countless Congressional hearings, 48 state data privacy laws and GDPR and mega breaches like the discovery of data on 500 million Facebook users just keep happening. Why? In this episode of the podcast, Paul is joined by experts from the firm BitSight and BigID to discuss why we can\'t seem to stop the breaches.

The post Podcast Episode 141:...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/600658366/0/thesecurityledger -->»

Blog.png 2019-04-08 19:49:04 Interview: securing the University using NIST\'s Cyber Framework (lien direct)

College and university campuses are notoriously difficult to tame. In this one-on-one interview, I speak with Plamen Martinov, the Chief Information Security Officer for the Biological Sciences Division at the University of Chicago about how his organization has used NIST\'s Cybersecurity Framework to create a security lingua franca at UChicago and...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/600581716/0/thesecurityledger -->»

Blog.png 2019-04-03 12:26:01 Hackers Remotely Steer Tesla Model S Using Autopilot System (lien direct)

Security researchers managed to take remote control of the Autopilot feature of Tesla Model S car using a wireless gaming keypad, highlighting the potential security issues with next-generation automobiles\' Advanced Driver Assistance Systems (ADAS) that are meant to enhance driver safety.

The post Hackers Remotely Steer Tesla Model S Using...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/600291374/0/thesecurityledger -->»

Blog.png 2019-04-03 03:11:03 Podcast Episode 140: passwords are dying. What will replace them? (lien direct)

Alpha-numeric passwords have been with us almost since the dawn of the computing age. But our guest this week, Phil Dunkelberger the CEO of Nok Nok Labs, says they\'ve overstayed their welcome, and that the next few years may see them disappear altogether. We talk about what will replace them and how.

The post Podcast Episode 140: passwords are...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/600280106/0/thesecurityledger -->»

Blog.png 2019-03-27 14:02:03 Asus ShadowHammer suggests Supply Chain Hacks are the New Normal (lien direct)

The compromise of device maker Asus Live Update Utility is just the latest evidence that sophisticated attackers have software supply chains in the crosshairs.

The post Asus ShadowHammer suggests Supply Chain Hacks are the New Normal appeared first on The Security Ledger.

-->
Blog.png 2019-03-27 03:18:00 Podcast Episode 139: the State(s) of Right to Repair and API Insecurity on GitHub (lien direct)

In our latest podcast episode we\'re joined by Kyle Wiens of iFixit to talk about right to repair legislation pending in 20 states. Also: Dmitry Sotnikov of 42Crunch joins us to talk about API insecurity on GitHub.

The post Podcast Episode 139: the State(s) of Right to Repair and API Insecurity on GitHub appeared first on The Security Ledger...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/600033828/0/thesecurityledger -->»

Blog.png 2019-03-27 03:18:00 Podcast Episode 139: the State of Right to Repair and API Insecurity on GitHub (lien direct)

In this week\'s episode, number 139: California became the latest state to bring forward right to repair legislation. We speak with Kyle Wiens of iFixit about the state of right to repair legislation in the states. Also: researchers at North Carolina State University are sounding the alarm about leaked API and crypto keys on platforms like...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/600033828/0/thesecurityledger -->»

Blog.png 2019-03-21 16:03:01 Opinion: my Grandfather\'s John Deere would support our Right to Repair (lien direct)

Willie Cade\'s grandfather, Theo, an engineer at John Deere, helped invent the manure spreader. His grandson thinks John Deere\'s efforts to kill right to repair legislation is what stinks.

The post Opinion: my Grandfather\'s John Deere would support our Right to Repair appeared first on The Security Ledger.

-->
Blog.png 2019-03-21 12:40:04 Report: with most exploited vuln of 2018, it\'s really Really REALLY time to ditch IE! (lien direct)

Microsoft\'s products are still a leading source of exploitable security vulnerabilities used by hackers, according to a report by the firm Recorded Future.

The post Report: with most exploited vuln of 2018, it’s really Really REALLY time to ditch IE! appeared first on The Security Ledger.

-->
1 2 3 4 5 6 7 8 9 10

Information mise à jours le: 2019-07-22 04:01:37
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter