Security researchers Mathy Vanhoef and Frank Piessens have detected a major vulnerability in the WPA2 protocol that secures all protected Wi-Fi networks. more
If you work in computer security, your Twitter feed and/or Inbox has just exploded with stories about not just one but two new holes in cryptographic protcols. One affects WiFi; the other affects RSA key pair generation by certain chips. How serious are these? I'm not going to go through the technical details. For KRACK, Matthew Green did an excellent blog post; for the other, full details are not yet available. There are also good articles on each of them. What's more interesting are the implications. more
Over the past few years, cyberattacks and internet harassment have escalated against abortion clinics intended to disrupt services, intimidate providers and patients. more
Security firm, Armis Labs, has revealed a new attack vector that can target major mobile, desktop, and IoT operating systems, including Android, iOS, Windows, and Linux, and the devices using them.
more
Deputy chief of naval operations for information warfare, Vice Adm. Jan Tigh, says the military is investigating the possibility of compromised computer systems behind two U.S. Navy destroyer collisions with merchant vessels that occurred in recent months. more
In an announcement today, credit reporting giant Equifax revealed a cybersecurity incident potentially impacting approximately 143 million U.S. consumers. more
The Western energy sector is being targeted by a new wave of cyberattacks capable of providing attackers ability to severely disrupt affected operations, according to reports on Wednesday. more
There's lots of security advice in the press: keep your systems patched, use a password manager, don't click on links in email, etc. But there's one thing these adages omit: an attacker who is targeting you, rather than whoever falls for the phishing email, won't be stopped by one defensive measure. Rather, they'll go after the weakest part of your defenses. You have to protect everything -- including things you hadn't realized were relevant. more
Failing to block a stealthy malicious host from making connections to your network could cost your company millions of dollars, a damaged reputation, and severe losses in sensitive private data. Threat intel teams have faced on-going problems: Expensive feeds that are slow to catch new threats; Chasing false positives in alerts wastes time and money; and Vendors selling a new appliance for every ill. Would 100% of your users Spot the Bot? more
Organizations who fail to implement effective cybersecurity measures could be fined as much as £17 million or 4% of global turnover, as part of Britain's plan to prevent cyberattacks. more
The Qatar Crisis started with a targeted Poli-Cyber hack of an unprecedented nature. Its shockwaves and repercussions continue to alter political and business fortunes, directions and paradigms not only in the Gulf region but globally. Almost everyone around the world is now aware of the this crisis that started early June. By mid July a Washington Post report cited US intelligence officials that the UAE orchestrated hacking of Qatari government sites, sparking regional upheaval that started it all. more
Hackers breached a Kansas Department of Commerce data system used across multiple states and gained access to more than 5.5 million Social Security Numbers, according to local news sources. more
A global cyberattack has the potential to cost $120bn in economic losses, roughly the equivalent of a catastrophic natural disaster like 2012’s Superstorm Sandy, a scenario described in new research by Lloyd’s of London and Cyence, a cyber-risk analytics modeling firm. more
Unless you have a team employing the latest proactive threat-hunting techniques, the stealthy Advanced Persistent Threat (APT) hiding in your network can pass by completely unnoticed. There are as many definitions of APT as experts writing about the topic, so let's boil it down to the simple essentials: APTs are usually implanted and maintained by a team of malicious actors with the intention of living long term in your network while extracting valuable private information. more
According to a 2017 Black Hat Attendee Survey, cyberattacks on U.S. enterprise and critical infrastructure are coming soon, and in most cases defenders are not prepared. more
A World-Renowned Source for Internet Developments. Serving Since 2002.