What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-10-09 16:05:56 | Cold War Special: Office Depot Offers Free Kaspersky Removal over Spy Concerns (lien direct) | Pressure is mounting on Russian antivirus vendor Kaspersky Lab with office supplies giant Office Depot offering to remove it from customers’ computers for free and a Congressional hearing on the company’s links to Russian intelligence scheduled for later in October. Office supplies giant Office Depot, once one of the biggest sellers of...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/467117314/0/thesecurityledger -->» | |||
|
2017-10-06 21:22:05 | Now Online: Securing DevOps without Sinking Productivity (lien direct) | If you missed attending it last month, our September discussion with Jason Sabin, CSO of DigiCert and Davi Ottenheimer of IANS on securing DevOps environments is available for viewing. One of the recurrent themes in our reporting is the difficulty that development organizations have building secure products. That’s especially true as...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/465995808/0/thesecurityledger -->»Related StoriesIs CCleaner the Tip of an Iceberg of Supply Chain Hacks? And Alexa: did China hack us Last Night?Is CCleaner the Tip of an Iceberg of Supply Chain Hacks? And Alexa: did China hack us Last Night? - EnclosureLate to Bed, Early to Rise: Security Ledger at The RSA Conference | CCleaner | ||
|
2017-10-06 13:34:01 | Kaspersky Lab CEO says company may be hacking victim (lien direct) | CEO Eugene Kaspersky likened a Wall Street Journal report on his company’s software being used to hack an NSA contractor to “the script of a C movie” and said his company was in the middle of a geopolitical dispute. The CEO of Russian antivirus firm Kaspersky Lab* hit back at a report in the Wall Street Journal on Thursday...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/465978246/0/thesecurityledger -->»Related StoriesFacebook: Russia’s Hand in Disinformation Campaign That Reached MillionsInside the Equifax Hack, Facebook’s Problem with Authoritarianism & ASPertise harnesses Asperger’s Syndrome to solve Cyber Security ProblemsInside the Equifax Hack, Facebook’s Problem with Authoritarianism & ASPertise harnesses Asperger’s Syndrome to solve Cyber Security Problems - Enclosure | Equifax | ||
|
2017-10-05 02:22:43 | In Boston, Deputy AG Rosenstein picks up call for Encryption Back Doors (lien direct) | US Deputy Attorney General Rod Rosenstein used a speech in Boston to criticize the technology industry’s use of strong encryption which he called “warrant proof,” even as he said law enforcement had no issue with its use. Deputy Attorney General Rod Rosenstein on Wednesday warned about the risk of so-called ‘dark...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/464969674/0/thesecurityledger -->»Related StoriesSecurity Ledger Turns 5!Firm that discovered CCleaner Compromise: There may be OthersOpinion: NIST Guidelines make Digital Identity all about Risk | CCleaner | ||
|
2017-10-02 22:43:07 | Security Ledger Turns 5! (lien direct) | I’m not much of one for milestones and the record will show that I’ve rarely taken the occasion to note significant Security Ledger dates. Actually, it would be more accurate to say that I’ve never noted them. But October 2nd marks what I consider an important one: the fifth anniversary of our first blog post. On October 2,...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/463658524/0/thesecurityledger -->»Related StoriesCourt Balks at FTC’s D-Link Complaint, Wants Proof of HarmReport: 1.9b Records Lost in First Half of 2017, topping 2016Opinion: when they say your major is a problem, what they mean is your gender is a problem | |||
|
2017-10-02 21:12:43 | Hacker Eye on the Consultant Guy: Deloitte and the Art of spotting Vulnerable Firms from the Outside (lien direct) | In the latest Security Ledger podcast, we analyze the breach of Deloitte by talking to two people who spend a lot of time judging the security of firms by how they look to the outside world. Dan Tentler of the firm Phobos Group tells us what he found out about Deloitte doing some fast and dirty open source research. Also: we talk to Stephen...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/463606098/0/thesecurityledger -->»
Related StoriesHacker Eye on the Consultant Guy: Deloitte and the Art of spotting Vulnerable Firms from the Outside - EnclosureAfter Equifax: What Makes a Good CSO? Also: App Sec is a Mess. We Talk about Why.After Equifax: What Makes a Good CSO? Also: App Sec is a Mess. We Talk about Why. - Enclosure
|
Equifax Deloitte | ||
|
2017-09-28 18:27:59 | (Déjà vu) Firm that discovered CCleaner Compromise: there may be Others (lien direct) | The firm that discovered the CCleaner attack thinks there may be other common applications that, like CCleaner, have been secretly compromised and used to gain access to corporate networks. Engineers at the firm Morphisec are reviewing historical reports that were considered “false positives” to determine if any of those reports may...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/462245700/0/thesecurityledger -->»Related StoriesOpinion: NIST Guidelines make Digital Identity all about RiskHole in Mobile Apps Leave Home Automation Systems Vulnerable to HackingOur Analog Future: Election Hacking puts Paper Ballots back in Vogue | CCleaner | ||
|
2017-09-28 18:27:59 | Firm that discovered CCleaner Compromise: There may be Others (lien direct) | The firm that discovered the CCleaner attack thinks there may be other common applications that, like CCleaner, have been secretly compromised and used to gain access to corporate networks. Engineers at the firm Morphisec are reviewing historical reports that were considered “false positives” to determine if any of those reports may...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/462245700/0/thesecurityledger -->»Related StoriesOpinion: NIST Guidelines make Digital Identity all about RiskHole in Mobile Apps Leave Home Automation Systems Vulnerable to HackingOur Analog Future: Election Hacking puts Paper Ballots back in Vogue | CCleaner | ||
|
2017-09-28 01:59:43 | Opinion: NIST Guidelines make Digital Identity all about Risk (lien direct) | Contributing writer Chip Block of the firm Evolver says the new NIST Digital Identity guidelines do much more than rethink passwords. They help solve an age old problem: how to prioritize security spending. Editor’s Note: NIST’s updated guidelines on Digital Identity mostly got noticed for the changes to password recommendations and...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/462079938/0/thesecurityledger -->»Related StoriesMush and Muscle: Mixed Reaction to Trump’s Executive Order on CyberOpinion: Disrupt Fraud by Devaluing DataOur Analog Future: Election Hacking puts Paper Ballots back in Vogue | |||
|
2017-09-27 16:00:17 | Hole in Mobile Apps Leave Home Automation Systems Vulnerable to Hacking (lien direct) | Mobile applications used with two, popular home automation platforms by Wink and Insteon fail to protect user login information, leaving the devices vulnerable to hacking, a researcher at Rapid7 found. A researcher at the firm Rapid7 is warning that two popular home automation systems: the Wink Hub 2 and Insteon Hub save administrator user names...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/461954140/0/thesecurityledger -->»Related StoriesA Year After Mirai: Insecure Devices are still a Huge ProblemBluetooth Flaw affects Billions of Devices and has a Name: BlueBorneCourt Balks at FTC’s D-Link Complaint, Wants Proof of Harm | |||
|
2017-09-25 16:50:28 | Is CCleaner the Tip of an Iceberg of Supply Chain Hacks? And Alexa: did China hack us Last Night? (lien direct) | In the latest Security Ledger podcast, Paul speaks with Michael Gorelik of the firm Morphisec about the hack of security software vendor CCleaner – a hack that Gorelik’s firm discovered. CCleaner, he says, may just be the tip of the iceberg when it comes to supply chain hacks. And: “Alexa: have we been hacked by China?”...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/461342024/0/thesecurityledger -->»
Related StoriesIs CCleaner the Tip of an Iceberg of Supply Chain Hacks? And Alexa: did China hack us Last Night? - EnclosureReport: 1.9b Records Lost in First Half of 2017, topping 2016FedEx: NotPetya Cost $300m, Wrecked Q1 Earnings
|
CCleaner FedEx NotPetya | ||
|
2017-09-22 15:53:26 | Our Analog Future: Election Hacking puts Paper Ballots back in Vogue (lien direct) | Virginia is reverting from electronic to paper ballots while Rhode Island’s legislature this week passed a law to mandate audits comparing paper and electronic voting records. One of the natural responses to an increasingly digital world is to fall back to non-digital and electronic alternatives to digital technologies that we’ve...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/460710140/0/thesecurityledger -->»Related StoriesIt’s the Corruption, Stupid: why Russians aren’t the biggest threat to Election SecurityFacebook: Russia’s Hand in Disinformation Campaign That Reached MillionsBeset by Lawsuits, Scams, Investigations, Equifax names Source of Breach | Equifax | ||
|
2017-09-21 22:21:31 | Court Balks at FTC\'s D-Link Complaint, Wants Proof of Harm (lien direct) | A federal judge in California put the brakes on the U.S. Federal Trade Commission’s complaint against D-Link Systems over lax security in its consumer routers and IP cameras, saying that the Commission needs to produce evidence of concrete harm to consumers. A federal judge in California has put the brakes on the U.S. Federal Trade...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/460548382/0/thesecurityledger -->»Related StoriesEquifax Executives Depart Amid Growing BacklashA Year Later: FDA approves Software Fix for Security Flaws in PacemakersBeset by Lawsuits, Scams, Investigations, Equifax names Source of Breach | Equifax | ||
|
2017-09-20 16:03:58 | Report: 1.9b Records Lost in First Half of 2017, topping 2016 (lien direct) | A survey of public data breaches has found a large increase in the number of records that have been stolen, lost or compromised in the first six months of 2017. The firm Gemalto said that the number of records caught up in breaches jumped 164% from the second half of 2016 and the first half 2017 to almost 2 billion lost records. That is more than...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/460186528/0/thesecurityledger -->»Related StoriesBeset by Lawsuits, Scams, Investigations, Equifax names Source of BreachEquifax Executives Depart Amid Growing BacklashHeading to College? Job 1: Lock Down your ‘Directory Information’ | Equifax | ||
|
2017-09-20 02:19:33 | FedEx: NotPetya Cost $300m, Wrecked Q1 Earnings (lien direct) | FedEx, the worldwide package delivery giant, said in a regulatory filing on Tuesday that the NotPetya ransomware outbreak in late June has cost it an estimated $300 million dollars and forced the company to miss its fiscal first quarter earnings. The company said in its quarterly “8K” report to the U.S. Securities and Exchange...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/460060256/0/thesecurityledger -->»Related StoriesEquifax Executives Depart Amid Growing BacklashBeset by Lawsuits, Scams, Investigations, Equifax names Source of BreachBluetooth Flaw affects Billions of Devices and has a Name: BlueBorne | FedEx NotPetya Equifax | ||
|
2017-09-18 22:07:05 | After Equifax: What Makes a Good CSO? Also: App Sec is a Mess. We Talk about Why. (lien direct) | What makes a good CSO? In the wake of the Equifax breach, we talk about the controversy over that company’s CSO’s music degree. Also: we talk with Signal Sciences about why companies keep getting hacked via application vulnerabilities like the Apache Struts hole that felled Equifax. What makes a good CSO? In the wake of the Equifax...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/459821364/0/thesecurityledger -->»
Related StoriesAfter Equifax: What Makes a Good CSO? Also: App Sec is a Mess. We Talk about Why. - EnclosureBeset by Lawsuits, Scams, Investigations, Equifax names Source of BreachEquifax Executives Depart Amid Growing Backlash
|
Equifax | ||
|
2017-09-16 22:10:21 | Opinion: when they say your major is a problem, what they mean is your gender is a problem (lien direct) | In-brief: Talking about Susan Mauldin’s music degree is a socially acceptable way for men to vent about a woman who they don’t feel belongs in their workplace – especially not in a senior role. Have you heard the latest scandal about Equifax? Not content to lose sensitive and personally identifying information on 143 million...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/459428158/0/thesecurityledger -->»Related StoriesInside the Equifax Hack, Facebook’s Problem with Authoritarianism & ASPertise harnesses Asperger’s Syndrome to solve Cyber Security ProblemsInside the Equifax Hack, Facebook’s Problem with Authoritarianism & ASPertise harnesses Asperger’s Syndrome to solve Cyber Security Problems - EnclosureHeading to College? Job 1: Lock Down your ‘Directory Information’ | Equifax | ||
|
2017-09-16 18:55:40 | Equifax Executives Depart Amid Growing Backlash (lien direct) | In-brief: Equifax said on Friday that its Chief Information Officer and Chief Security Officer had “retired” in the wake of a massive data breach that leaked sensitive on some 143 million people. Equifax said on Friday that two of its senior executives had “retired” in the wake of a massive data breach that leaked...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/459407974/0/thesecurityledger -->»Related StoriesBeset by Lawsuits, Scams, Investigations, Equifax names Source of BreachMcKinsey: CEOs need IoT Security PlanAnalysis: there is both Means and Motive for Cyber Attacks on Navy Vessels | Equifax | ||
|
2017-09-14 22:51:57 | Beset by Lawsuits, Scams, Investigations, Equifax names Source of Breach (lien direct) | In-brief:Â Beset by a plunging share price, class action lawsuits in dozens of states, pending Congressional hearings and a FTC investigation, Equifax on Wednesday finally settled speculation and named a six month old hole in a common software platform, Apache Struts, as the cause of a massive hack. Beset by a plunging share price, class action...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/459006806/0/thesecurityledger -->»Related StoriesBluetooth Flaw affects Billions of Devices and has a Name: BlueBorneMcKinsey: CEOs need IoT Security PlanA Year Later: FDA approves Software Fix for Security Flaws in Pacemakers | Equifax | ||
|
2017-09-12 21:05:23 | Bluetooth Flaw affects Billions of Devices and has a Name: BlueBorne (lien direct) | In-brief: Dubbed BlueBorne, the flaw could affect billions of devices that use the Bluetooth wireless protocol, enabling remote hacks, the security firm Armis warned. Billions of wireless, connected devices may be vulnerable to being hacked as the result of a previously undiscovered flaw in Bluetooth, the popular wireless communications...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/458498662/0/thesecurityledger -->»Related StoriesA Year Later: FDA approves Software Fix for Security Flaws in PacemakersHacking Warships, Capitol Hill takes a Swing at IoT Security and why CS Grads don’t get Security - EnclosureHacking Warships, Capitol Hill takes a Swing at IoT Security and why CS Grads don’t get Security | |||
|
2017-09-11 13:08:24 | Inside the Equifax Hack, Facebook\'s Problem with Authoritarianism & ASPertise harnesses Asperger\'s Syndrome (lien direct) | In-brief: In this week’s podcast, Security Ledger Editor in Chief Paul Roberts talks with noted security researcher Robert “RSnake” Hansen about the data breach at Equifax and why the company’s response to it was so lacking. Also: Chris Sumner of the Online Privacy Foundation talks about why Facebook is a killer app for...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/458212892/0/thesecurityledger -->»
Related StoriesInside the Equifax Hack, Facebook’s Problem with Authoritarianism & ASPertise harnesses Asperger’s Syndrome to solve Cyber Security Problems - EnclosureThe Spectrum of Mobile Risk: Protecting Your Corporate DataA Right to Repair the Internet of Things? Spear Phishing Detection and Nonstop Attacks on DVRs - Enclosure
|
Equifax | ||
|
2017-09-08 21:51:39 | Facebook: Russia\'s Hand in Disinformation Campaign That Reached Millions (lien direct) | In-brief: Facebook said thousands of ads that ran on its site in 2015 and 2016 have links to Russian information operations. The ads were designed to foment discord around a range of issues. In the wake of the 2016 election and reports of widespread, online disinformation campaigns, the social media giant Facebook found itself in the crosshairs...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/457782742/0/thesecurityledger -->»Related StoriesAnalysis: there is both Means and Motive for Cyber Attacks on Navy VesselsIt’s the Corruption, Stupid: why Russians aren’t the biggest threat to Election SecurityMassachusetts on Front Lines (Again) in Battle for Right to Repair | |||
|
2017-09-07 12:50:22 | Dragonfly: Western energy sector targeted by sophisticated attack group | Symantec Connect Community (lien direct) | The energy sector in Europe and North America is being targeted by a new wave of cyber attacks that could provide attackers with the means to severely disrupt affected operations. The group behind these attacks is known as Dragonfly. The group has been in operation since at least 2011 but has re-emerged over the past two years from a quiet period...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/457502998/0/thesecurityledger -->»Related StoriesSouth Carolina School District Does the Ransomware Two Step | Digital GuardianA Year After Mirai: Insecure Devices are still a Huge ProblemMcKinsey: CEOs need IoT Security Plan | |||
|
2017-09-07 12:49:40 | South Carolina School District Does the Ransomware Two Step | Digital Guardian (lien direct) | One of the convenient fictions of ransomware attacks is that the cybercriminals who operate ransomware schemes have no interest in the data they're encrypting – they just want to get paid. By this logic, ransomware attacks aren't data breaches because the data isn't exfiltrated or stolen – just encrypted and left where it is.And it's a...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/457503000/0/thesecurityledger -->»Related StoriesDragonfly: Western energy sector targeted by sophisticated attack group | Symantec Connect CommunityA Year After Mirai: Insecure Devices are still a Huge ProblemMcKinsey: CEOs need IoT Security Plan | |||
|
2017-09-06 11:23:33 | A Year After Mirai: Insecure Devices are still a Huge Problem (lien direct) | In-brief: A year after Mirai, as many as 100,000 devices, globally, may be running some version of the Mirai malware, while countless others are vulnerable to being enlisted in a Mirai-like attack. Worse: these systems may not be patched for “years,” according to the SANS Internet Storm Center. As September rolls around we’re...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/457299810/0/thesecurityledger -->»Related StoriesMirai Victim Dyn Joins Team to Take Down Android Botnet WireXA Right to Repair the Internet of Things? Spear Phishing Detection and Nonstop Attacks on DVRs - EnclosureA Right to Repair the Internet of Things? Spear Phishing Detection and Nonstop Attacks on DVRs | |||
|
2017-09-04 16:55:59 | A Right to Repair the Internet of Things? Spear Phishing Detection and Nonstop Attacks on DVRs (lien direct) | In-brief: In the latest Security Ledger podcast we talk about pending right to repair laws and their impact on the Internet of Things. Also: Facebook’s Internet Defense Prize went to a better method for spear phishing detection. We talk to a member of the winning team. And, Johannes Ullrich of The Internet Storm Center joins us to talk...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/456919978/0/thesecurityledger -->»
Related StoriesWas the Devil’s Ivy Vulnerability a Dud? Don’t Count on It.McKinsey: CEOs need IoT Security PlanA Year Later: FDA approves Software Fix for Security Flaws in Pacemakers
|
|||
|
2017-09-01 02:07:03 | McKinsey: CEOs need IoT Security Plan (lien direct) | In-brief: Fewer than one in five managers say their company is ready for the challenge of securing the Internet of Things, and  global consulting firm McKinsey says that CEOs need to get a plan, fast. Fewer than one in five managers say their company is ready for the challenge of securing the Internet of Things, and  global consulting firm...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/455121488/0/thesecurityledger -->»Related StoriesAnalysis: there is both Means and Motive for Cyber Attacks on Navy VesselsA Year Later: FDA approves Software Fix for Security Flaws in PacemakersMassachusetts on Front Lines (Again) in Battle for Right to Repair | |||
|
2017-08-30 14:49:21 | A Year Later: FDA approves Software Fix for Security Flaws in Pacemakers (lien direct) | In-brief: The FDA as approved a software update to software security holes in pacemakers made by Abbott. But doctors and patients will have to weigh the risks of apply the patch. The U.S. Food and Drug Administration has approved a software update for a range of pacemakers and other implantable medical devices that will fix security holes...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/453243734/0/thesecurityledger -->»Related StoriesAnalysis: there is both Means and Motive for Cyber Attacks on Navy VesselsHacking Warships, Capitol Hill takes a Swing at IoT Security and why CS Grads don’t get Security - EnclosureHacking Warships, Capitol Hill takes a Swing at IoT Security and why CS Grads don’t get Security | |||
|
2017-08-29 17:40:34 | Mirai Victim Dyn Joins Team to Take Down Android Botnet WireX (lien direct) | In-brief: Managed DNS firm Dyn, a victim of the Mirai botnet, got its revenge: taking part in a coordinated takedown of WireX, a botnet of compromised Android devices, according to an announcement Monday. A group of security firms, including Dyn – a victim of the Mirai botnet – joined forces to take down WireX, a new botnet built on...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/452182152/0/thesecurityledger -->»Related StoriesThe Spectrum of Mobile Risk: Protecting Your Corporate DataMassachusetts on Front Lines (Again) in Battle for Right to RepairIoT’s Cloud Risk on Display with Flaws in Fuze Collaboration Platform | |||
|
2017-08-28 18:55:47 | Massachusetts on Front Lines (Again) in Battle for Right to Repair (lien direct) | In-brief: After legislation in five states stalled in the Spring, states like Massachusetts will be on the front line of renewed efforts to pass pro-consumer laws that create a “right to repair” for cell phones, medical devices and other software-driven products. At stake could be the right of consumers to control Internet of Things...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/451041844/0/thesecurityledger -->»Related StoriesHacking Warships, Capitol Hill takes a Swing at IoT Security and why CS Grads don’t get Security - EnclosureHacking Warships, Capitol Hill takes a Swing at IoT Security and why CS Grads don’t get SecurityAnalysis: there is both Means and Motive for Cyber Attacks on Navy Vessels | |||
|
2017-08-27 23:14:25 | Heading to College? Job 1: Lock Down your \'Directory Information\' (lien direct) | In-brief: Colleges in the U.S. give away personally identifying data on millions of students each year as unregulated “directory information.†Job 1 when arriving on campus: opting out and protecting your data. Editor’s note: This is cross posted from Digital Guardian’s Data Insider blog, where it first appeared and where you can...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/450026574/0/thesecurityledger -->»Related StoriesOSINT University: are Colleges and Universities protecting Student Data?OSINT University: are Colleges and Universities protecting Student Data? - EnclosureHacking Warships, Capitol Hill takes a Swing at IoT Security and why CS Grads don’t get Security - Enclosure | |||
|
2017-08-25 20:44:02 | Hacking Warships, Capitol Hill takes a Swing at IoT Security and why CS Grads don\'t get Security (lien direct) | In-brief: on this week’s Security Ledger Podcast, we delve deeper into the question of maritime cyber security, speaking with noted researcher Ruben Santamarta of the firm IOActive about the work he's done exposing vulnerabilities in the software that runs both commercial and navy vessels. Also: Alan Brill of Kroll joins us to talk about...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/447536374/0/thesecurityledger -->»
Related StoriesAnalysis: there is both Means and Motive for Cyber Attacks on Navy VesselsOSINT University: are Colleges and Universities protecting Student Data?OSINT University: are Colleges and Universities protecting Student Data? - Enclosure
|
|||
|
2017-08-23 17:35:15 | IoT\'s Cloud Risk on Display with Flaws in Fuze Collaboration Platform (lien direct) | In-brief: Rapid7 said it found a number of flaws that leaked data on users of collaboration technology by Fuze. In an increasingly common finding: poorly secured cloud resources, not the handsets, were the problem. The security firm Rapid7 unveiled a series of security flaws in collaboration technology by the firm Fuze, underscoring the risks...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/445017332/0/thesecurityledger -->»Related StoriesThe Spectrum of Mobile Risk: Protecting Your Corporate DataInterview: Chenxi Wang on Information Security’s Mr. Robot Problem and Enforcing IoT StandardsWas the Devil’s Ivy Vulnerability a Dud? Don’t Count on It. | |||
|
2017-08-21 23:48:30 | Analysis: there is both Means and Motive for Cyber Attacks on Navy Vessels (lien direct) | In-brief: could cyber attacks have played a role in recent collisions between US Navy vessels and commercial ships? The short answer is yes. Regardless of what caused the most recent incidents, both the means and the motive exist to launch such attacks in the future. A collision between a Liberian oil tanker Alnic NC and the USS John McCain over...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/442962532/0/thesecurityledger -->»Related StoriesGerman Electronics Store Sued for Selling Un-Patchable Android PhonesIt’s the Corruption, Stupid: why Russians aren’t the biggest threat to Election SecurityWas the Devil’s Ivy Vulnerability a Dud? Don’t Count on It. | |||
|
2017-08-17 19:25:09 | The Spectrum of Mobile Risk: Protecting Your Corporate Data (lien direct) | In-brief: organizations need to better understand mobile risks if they want to protect critical data, writes Aaron Cockerill of the firm Lookout. Mobile devices have become an integral part of enterprises' critical infrastructure, allowing for increased productivity and flexibility. As mobility increases, so does the amount of sensitive...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/438067450/0/thesecurityledger -->»Related StoriesGerman Electronics Store Sued for Selling Un-Patchable Android PhonesPetya-Bitten Subsidiary will materially impact FedExHeartbleed’s Heartburn: Why a 5 Year Old Vulnerability Continues to Bite | FedEx | ||
|
2017-08-17 18:22:09 | Report: GOP Border Wish List includes Drones, DNA & Voice Scans (lien direct) | Enlarge / A U.S. Customs and Border Protection officer checks identifications as people cross into the United States from Mexico on September 23, 2016 in San Ysidro, California. (credit: John Moore / Getty Images News) If a new Senate Republican border security bill is passed as currently drafted, it would dramatically increase the amount of...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/437981858/0/thesecurityledger -->»Related StoriesHero WannaCry Researcher Charged over Links to Kronos TrojanSecurity Ledger Voted Top Infosec PodcastOSINT University: are Colleges and Universities protecting Student Data? | Wannacry | ||
|
2017-08-15 14:57:54 | Uber\'s Endless Summer: FTC Settlement over Bogus Security, Privacy Claims (lien direct) | In-brief: Â Uber’s Endless Summer continued on Tuesday, when the ride sharing start-up settled with the U.S. Federal Trade Commission (FTC)Â over charges that the company failed to reasonably secure sensitive consumer data that it collected and stored. The U.S. Federal Trade Commission (FTC) said on Tuesday that it has reached a settlement...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/435373146/0/thesecurityledger -->»Related StoriesPetya-Bitten Subsidiary will materially impact FedExOSINT University: are Colleges and Universities protecting Student Data?OSINT University: are Colleges and Universities protecting Student Data? - Enclosure | FedEx Uber | ||
|
2017-08-14 18:53:33 | OSINT University: are Colleges and Universities protecting Student Data? (lien direct) | In-brief: Colleges and universities collect reams of student data – including personally identifying information- as part of their student “directory” files. They then distribute it to – basically – whomever asks. In this podcast, we talk with researcher Leah Figueroa who has researched the issue. Also: where are all...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/434366218/0/thesecurityledger -->»
Related StoriesOSINT University: are Colleges and Universities protecting Student Data? - EnclosurePetya-Bitten Subsidiary will materially impact FedExIt’s the Corruption, Stupid: why Russians aren’t the biggest threat to Election Security
|
FedEx | ||
|
2017-08-11 15:22:36 | Was the Devil\'s Ivy Vulnerability a Dud? Don\'t Count on It. (lien direct) | In-brief: The Devil’s Ivy vulnerability in the open source gSOAP library is widespread and supposedly trivial to exploit. So why, one month later, haven’t we seen any attacks? Is Devil’s Ivy a dud? ‘Don’t count on it,’ security experts tell us. In July, the warnings were all about the so-called...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/430806928/0/thesecurityledger -->»Related StoriesSecurity Camera Flaw could lurk in Thousands of DevicesFive Billion Tests Later: IoT and Industrial Control System Protocols Raise AlarmsGerman Electronics Store Sued for Selling Un-Patchable Android Phones | |||
|
2017-08-09 16:57:20 | Update: Five Billion Tests Later: IoT and Industrial Control System Protocols Raise Alarms (lien direct) | In-brief: Close to five billion “fuzzing” tests conducted during 2016 reveal protocols used by industrial control systems, vehicles and Internet of Things devices to be weaker, on average, with many crashing hundreds of times and revealing vulnerabilities that could be used by malicious actors. (Editor’s note: added comment by...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/428169820/0/thesecurityledger -->»Related StoriesIt’s the Corruption, Stupid: why Russians aren’t the biggest threat to Election SecurityOperation Lonely Guy: Iranians Use Cute Girl Profile to Cultivate, Compromise Targets in Middle EastGerman Electronics Store Sued for Selling Un-Patchable Android Phones | |||
|
2017-08-07 18:51:18 | It\'s the Corruption, Stupid: why Russians aren\'t the biggest threat to Election Security (lien direct) | In-brief: Russian hackers aren’t the biggest threat to the security and integrity of elections says Bev Harris of Black Box Voting. Instead, it’s a more common enemy: run of the mill political corruption, mostly at the local level. Also: Eric Hodge of CyberScout talks about the challenges of helping states secure their election...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/425910956/0/thesecurityledger -->»Related StoriesGerman Electronics Store Sued for Selling Un-Patchable Android PhonesAfter Petya, NATO will provide Cybersecurity Help to UkraineThe Big Dark: Motive, not Means, is what holds back a Crippling Grid Hack | |||
|
2017-08-03 22:55:42 | Hero WannaCry Researcher Charged over Links to Kronos Trojan (lien direct) | In-brief:Â A British researcher who became a hero after he stopped the WannaCry ransomware from spreading globally has been apprehended in Nevada and charged with distributing the Kronos banking trojan in the U.S. between July 2014 and July 2015. A British researcher who became a hero after he stopped the WannaCry ransomware from spreading...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/421293416/0/thesecurityledger -->»Related StoriesFinancial Malware, not Ransomware, drives most Cyber CrimeAt BlackHat: Hell is Other People’s Machine LearningPetya Malware may be an Early Test of Muscular Trump Cyber Doctrine | Wannacry | ||
|
2017-07-31 13:52:29 | Sea Level Rise, Runaway AI and Grid Hacks: Why We Ignore Warnings about Preventable Catastrophes (lien direct) | In-brief: is it ever the case that things happen that “nobody saw comingâ€? Our guest on this week's podcast would say “no.†He is Richard Clarke, a former National Coordinator for Security, Infrastructure Protection and Counter-terrorism for the United States and a veteran of four administrations, from President Ronald Reagan through...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/417229766/0/thesecurityledger -->»Related StoriesAfter Petya, NATO will provide Cybersecurity Help to UkraineThe Big Dark: Motive, not Means, is what holds back a Crippling Grid HackPetya Malware may be an Early Test of Muscular Trump Cyber Doctrine | |||
|
2017-07-29 02:10:16 | Jeep Hackers Miller and Valasek Reunite at Autonomous Driving Start-up Cruise (lien direct) | In-brief: Security researchers Charlie Miller and Chris Valasek are re-uniting at autonomous driving start-up Cruise after both, independently leaving ride hailing firm Uber in recent months. Security researchers Charlie Miller and Chris Valasek, whose 2015 wireless hack of a Jeep Grand Cherokee prompted a wholesale re-evaluation of the cyber...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/414456034/0/thesecurityledger -->»Related StoriesMaybe ignore that South Carolina Election Hacking StoryWill ‘Right to Repair’ imperil IoT Security?Dear SEC: More Companies Warn on Financial Impact from Petya Infection | Uber | ||
|
2017-07-27 21:07:59 | Operation Lonely Guy: Iranians Use Cute Girl Profile to Cultivate, Compromise Targets in Middle East (lien direct) | Hackers working on behalf of the government of Iran are using alluring social media profiles featuring a young, English photographer to entice and then compromise the systems of high value targets in the oil and gas industry, according to a report by Dell Secureworks. In a report released on Thursday, Secureworks’ Counter Threat Unit (CTU)...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/413103896/0/thesecurityledger -->»Related StoriesAfter Petya, NATO will provide Cybersecurity Help to UkraineThe Big Dark: Motive, not Means, is what holds back a Crippling Grid HackMaybe ignore that South Carolina Election Hacking Story | |||
|
2017-07-25 16:14:27 | At BlackHat: Hell is Other People\'s Machine Learning (lien direct) | In-brief: Machine learning is all the rage in the information security industry. But a study by Endgame and University of Virginia suggests that it may be vulnerable to manipulation by sophisticated AI-driven tools. When it comes to matters of war – or even cops and robbers – advances in technology are almost always double-edged...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/410524850/0/thesecurityledger -->»Related StoriesPetya Malware may be an Early Test of Muscular Trump Cyber DoctrinePetya-Bitten Subsidiary will materially impact FedExPetya Malware is about wreaking Havoc, not collecting Ransom | The Register | FedEx | ||
|
2017-07-24 11:35:35 | (Déjà vu) Update: WHISTL Labs will be Cyber Range for Medical Devices (lien direct) | In-brief: Â A global federation of labs will test the security of medical devices, according to an announcement on Monday by a consortium of healthcare industry firms, universities and technology firms. (Updated with comments from Dr. Nordenberg. PFR 7/25/2017) Amid increasing concerns about cyber threats to healthcare environments, a global...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/409155710/0/thesecurityledger -->»Related StoriesMaybe ignore that South Carolina Election Hacking StoryGerman Electronics Store Sued for Selling Un-Patchable Android PhonesSecurity Camera Flaw could lurk in Thousands of Devices | |||
|
2017-07-24 11:35:35 | (Déjà vu) Exclusive: WHISTL Labs will be Cyber Range for Medical Devices (lien direct) | In-brief: Â A global federation of labs will test the security of medical devices, according to an announcement on Monday by a consortium of healthcare industry firms, universities and technology firms. Amid increasing concerns about cyber threats to healthcare environments, a global network of labs will test the security of medical devices,...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/409155710/0/thesecurityledger -->»Related StoriesMaybe ignore that South Carolina Election Hacking StoryGerman Electronics Store Sued for Selling Un-Patchable Android PhonesSecurity Camera Flaw could lurk in Thousands of Devices | |||
|
2017-07-21 18:20:50 | German Electronics Store Sued for Selling Un-Patchable Android Phones (lien direct) | In-brief: That’ll be $99, or $150 without the vulnerabilities! A lawsuit in Germany is trying to force stores to come clean about security holes in the products they sell to consumers. ‘That’ll be $99, or $150 without the unpatchable mobile operating system vulnerabilities!’ That line may be more common if a case against...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/406068508/0/thesecurityledger -->»Related StoriesPetya-Bitten Subsidiary will materially impact FedExWill ‘Right to Repair’ imperil IoT Security?Heartbleed’s Heartburn: Why a 5 Year Old Vulnerability Continues to Bite | FedEx | ||
|
2017-07-21 01:30:53 | AlphaBay, the Largest Online “Dark Market,†Shut Down | Department of Justice (lien direct) | The Justice Department on Thursday said that it shut down AlphaBay, what it described as “the largest criminal marketplace on the internet,” more than two weeks after the market went dark. The site was used to sell a wide range of contraband to a customer base of some 200,000 individuals worldwide, the DOJ said in a statement. Among...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/405251260/0/thesecurityledger -->»Related StoriesSecurity Camera Flaw could lurk in Thousands of DevicesMaybe ignore that South Carolina Election Hacking StoryWith an Eye on IoT Security ARM buys Simulity for $15m |
To see everything:
Our RSS (filtrered)
