Cybersecurity

Bluetooth-Based Attack Vector Dubbed “BlueBorne” Exposes Almost Every Connected Device

Security firm, Armis Labs, has revealed a new attack vector that can target major mobile, desktop, and IoT operating systems, including Android, iOS, Windows, and Linux, and the devices using them.

 more

U.S. Navy Investigating Possibility of Cyberattack Behind Two Navy Destroyer Collisions

Deputy chief of naval operations for information warfare, Vice Adm. Jan Tigh, says the military is investigating the possibility of compromised computer systems behind two U.S. Navy destroyer collisions with merchant vessels that occurred in recent months. more

Equifax Breach Blamed on Open-Source Software Flaw

Equifax has blamed a flaw in the software running its online databases for the massive breach revealed last week that has allowed hackers to steal personal information of as many as 143 million customers. more

Equifax Hacked, Nearly Half of US Population Affected

In an announcement today, credit reporting giant Equifax revealed a cybersecurity incident potentially impacting approximately 143 million U.S. consumers. more

Fighting Phishing with Domain Name Disputes

I opened an email from GoDaddy over the weekend on my phone. Or so I initially thought. I had recently helped a client transfer a domain name to a GoDaddy account (to settle a domain name dispute), so the subject line of the email -- "Confirm this account" -- simply made me think that I needed to take another action to ensure everything was in working order. But quickly, my radar went off. more

Europe and North America Energy Sector Targeted by Sophisticated Cyberattack Group

The Western energy sector is being targeted by a new wave of cyberattacks capable of providing attackers ability to severely disrupt affected operations, according to reports on Wednesday. more

Researchers Expose Over 320 Million Hashed Passwords

A group of security researchers have succeeeded in cracking over 320 million passwords which were made public in an encrypted blacklist. more

Security is a System Property

There's lots of security advice in the press: keep your systems patched, use a password manager, don't click on links in email, etc. But there's one thing these adages omit: an attacker who is targeting you, rather than whoever falls for the phishing email, won't be stopped by one defensive measure. Rather, they'll go after the weakest part of your defenses. You have to protect everything -- including things you hadn't realized were relevant. more

Probability of ROI and Tighter Network Security by Blocking Malicious Subdomains

Failing to block a stealthy malicious host from making connections to your network could cost your company millions of dollars, a damaged reputation, and severe losses in sensitive private data. Threat intel teams have faced on-going problems: Expensive feeds that are slow to catch new threats; Chasing false positives in alerts wastes time and money; and Vendors selling a new appliance for every ill. Would 100% of your users Spot the Bot? more

British Organizations Could Face Massive Fines for Cybersecurity Failures

Organizations who fail to implement effective cybersecurity measures could be fined as much as £17 million or 4% of global turnover, as part of Britain's plan to prevent cyberattacks. more

British Security Researcher Credited for Stopping WannaCry Is Charged in a U.S. Cybercrime Case

The 23-year-old British security researcher, Marcus Hutchins, who a few months ago was credited with stopping the WannaCry outbreak by discovering a hidden "kill switch" for the malware, is now reported to have been arrested by the FBI over his alleged involvement in separate malicious software targeting bank accounts. more

Renewed Internet.nl Website: Modern Standards Need to be Used for a Free, Open and Secure Internet

Modern Internet Standards provide for more reliability and further growth of the Internet. But are you using them? You can test this on the Dutch website www.internet.nl (also available in English and Polish). Recently the website was renewed. Not only the style has been adapted, but also the way the tests are performed and the test results are shown. A lot of additional information has been added, so that even the tech savvy internet users can find an explanation underpinning the test results. more

U.S. Senators to Introduce IoT Security Bill

U.S. senators on Tuesday announced plans to introduce legislation seeking to address vulnerabilities in IoT devices. more

UDRP and the ACPA Differences, Advantages and Their Inconveniences

The ACPA and the UDRP provide two separate and distinct methods for resolving domain name disputes. Both alternatives have many critics and proponents, but the true value of each will ultimately be determined by how well each combats cyber-squatting. Separately, the UDRP and the ACPA will probably work well to defuse most of the cyber-squatting that is currently invading the Internet. If combined together the UDRP and the ACPA can be a cost saving and effective way to prevent cybersquatting... more

No One is Immune: Qatar Crisis Started by a Targeted Poli-Cyber Attack

The Qatar Crisis started with a targeted Poli-Cyber hack of an unprecedented nature. Its shockwaves and repercussions continue to alter political and business fortunes, directions and paradigms not only in the Gulf region but globally. Almost everyone around the world is now aware of the this crisis that started early June. By mid July a Washington Post report cited US intelligence officials that the UAE orchestrated hacking of Qatari government sites, sparking regional upheaval that started it all. more