News Items

  • news

    Visible to the public Pub Crawl #26

  • news

    Visible to the public "NIST Tool Enables More Comprehensive Tests on High-Risk Software"

    The National Institute of Standards and Technology (NIST) has updated a tool to improve the testing of safety-critical programs such as those used in the operation of cars, power plants, and more, to ensure that these programs are really safe. The Combinatorial Coverage Measurement (CCM) tool in the Automated Combinatorial Testing for Software (ACTS) toolkit can be used by software developers to prevent the input of simultaneous code combinations that may inadvertently give rise to dangerous errors. This article continues to discuss NIST's ACTS toolkit and the updated CCM tool.

    NIST reports "NIST Tool Enables More Comprehensive Tests on High-Risk Software"

  • news

    Visible to the public "New Technique Uses Power Anomalies to ID Malware in Embedded Systems"

    Using a new technique developed by researchers from North Carolina State University and the University of Texas at Austin, malware can be detected in embedded systems. Embedded systems in voice-activated virtual assistants, industrial control systems such as those used in power plants, and more, can be targeted by a type of malware that abuses a system's architectural design, called micro-architectural malware, for the purpose of hijacking these systems or stealing sensitive data. This article continues to discuss micro-architectural attacks against embedded systems and the power-monitoring technique developed by researchers to detect such attacks.

    NC State News report "New Technique Uses Power Anomalies to ID Malware in Embedded Systems"

  • news

    Visible to the public "Embracing Creativity to Improve Cyber-Readiness"

    Security teams are encouraged to be more creative in their responses to cyberthreats as cyberattacks continue to grow in complexity and frequency. In addition to focusing on employee access, restriction, and controls, to bolster the security of organizations, security teams should also focus on preemptive threat protection, responding rapidly to attacks, and threat mitigation. This article continues to discuss the need for security teams to embrace creativity in cybersecurity and different ways in which cybersecurity can be creatively approached.

    WeLiveSecurity reports "Embracing Creativity to Improve Cyber-Readiness"

  • news

    Visible to the public "Industrial Control Systems Security: To Test or Not to Test?"

    The increased connectivity of industrial control systems has made such systems more vulnerable to cyberattacks, which could have serious implications in regard to the security and well-being of the communities that rely on them. According to IBM's X-Force Red, which offers penetration testing and vulnerability management programs, the number of vulnerabilities contained by ICS environments has increased by 83 percent from 2011 to 2018. This article continues to discuss the reason behind the increase in ICS vulnerabilities, concerns surrounding the security of ICS environments, and possible solutions to ICS security problems.

    IBM Security Intelligence reports "Industrial Control Systems Security: To Test or Not to Test?"

  • news

    Visible to the public "DNSpionage Actors Adjust Tactics, Debut New Remote Administration Tool"

    Threat actors behind the launch of the DNSpionage DNS hijacking campaign have modified their tactics, techniques, and procedures (TTPs), adding a new reconnaissance stage. They have also introduced a new remote administration tool, called Karkoff. The main targets of this campaign appear to be Lebanon- and United Arab Emirates-affiliated .gov domains. These websites' DNS servers are hijacked to redirect traffic and capture login credentials. This article continues to discuss the targets, alleged perpetrators, and TTPs of the DNSpionage DNS hijacking campaign, as well as the new tool used in this campaign, Karkoff.

    SC Media reports "DNSpionage Actors Adjust Tactics, Debut New Remote Administration Tool"

  • news

    Visible to the public "Researchers Develop AI Tool Better Able to Identify Bad Data"

    The HoloClean tool detects bad data and corrects errors prior to processing the data. The new system also can automatically generate bad examples, without tainting source data. This process allows the system to learn to identify and correct errors on its own. Once HoloClean is trained, it can independently differentiate between errors and correct data, and determine the most likely value for missing data if an error exists.

    University of Waterloo reports: "Researchers Develop AI Tool Better Able to Identify Bad Data"

  • news

    Visible to the public SoS Musings #25 - Cloudy with a Chance of Data Hauls

    SoS Musings #25
    Cloudy with a Chance of Data Hauls

  • news

    Visible to the public "Computer Scientists Design Way to Close 'Backdoors' in AI-Based Security Systems"

    Security researchers at the University of Chicago are developing methods to defend against backdoor attacks in artificial neural network security systems. One technique that will be presented by researchers at the 2019 IEEE Symposium on Security and Privacy in San Francisco involves the scanning of machine learning (ML) systems for signs of a sleeper cell, which is a group of spies or terrorists that secretly remain inactive in a targeted environment until given instructions to act. The use of this technique also allows the owner of the system to trap potential infiltrators. This article continues to discuss the possible hiding of backdoors in AI-based security systems due to the black box nature of AI and the research behind the defense method designed to close backdoors in neural networks.

    TechXplore reports "Computer Scientists Design Way to Close 'Backdoors' in AI-Based Security Systems"

  • news

    Visible to the public "Password '123456' Used by 23.2 Million Users Worldwide"

    According to a report released by the National Cyber Security Centre (NCSC), significantly weak passwords such as "123456" and "ashley" have been used by 23.2 million users. This discovery was made from the examination of global cyber breaches. In addition, the report highlights that only 15% of those who responded to NCSC's first UK Cyber Survey know a great deal about how to protect themselves from harmful cyber activities, most of which are between the ages of 16 and 34. This article continues to discuss key findings of NCSC's UK Cyber Survey in relation to the use of weak passwords and other gaps in online security.

    Infosecurity Magazine reports "Password '123456' Used by 23.2 Million Users Worldwide"

  • news

    Visible to the public "Academics Hide Humans from Surveillance Cameras with 2D Prints"

    Researchers from the Catholic University in Leuven (KU Leuven) have developed a method that could be used to make humans invisible to AI-powered surveillance camera systems. The method involves the printing and strategic placement of 2D images on to shirt, bags, and other objects. Wearing clothing, bags, and other objects with these images would allow a person to become invisible to camera surveillance systems that use machine learning (ML) algorithms to detect humans in live video feeds. This article continues to discuss the research behind this method and other studies in relation to the tricking of image classification and object detection systems.

    ZDNet reports "Academics Hide Humans from Surveillance Cameras with 2D Prints"

  • news

    Visible to the public "Facebook Marketplace Flaw Revealed Seller's Exact Location"

    The JSON JavaScript object notation for advertisements that had been created with the Facebook mobile app were not approximate. The listing included not only the full postcode, but also the latitude and longitude coordinates of the seller. Since being notified about the problem, Facebook has fixed the issue.

    GovInfoSecurity reports: "Facebook Marketplace Flaw Revealed Seller's Exact Location"

  • news

    Visible to the public "There’s a Massive Cybersecurity Job Gap – We Should Fill It by Employing Hackers"

    The growing frequency and sophistication of cyberattacks calls for the increase in cybersecurity professionals. A study conducted by researchers at Bournemouth University suggests the filling of the cybersecurity workforce gap with hackers. Findings of this study highlight that the majority of people in hacking communities attempt to hack systems in order to find and fix flaws before they are exploited by malicious hackers. This article continues to discuss the growth of cybersecurity incidents and the employment of hackers to fill the cybersecurity workforce gap in addition to myths and perceptions associated with hacking.

    The Conversation reports "There's a Massive Cybersecurity Job Gap - We Should Fill It by Employing Hackers"

  • news

    Visible to the public "A 'Blockchain Bandit' Is Guessing Private Keys and Scoring Millions"

    Security researchers with the firm, Independent Security Evaluators, have discovered the storing of cryptocurrency with easily guessable private keys and the exploitation of these keys by a blockchain bandit to steal the cryptocurrency, Ethereum. According to researchers, the crypto bandit amassed a fortune worth over $50 million through the use of these guessable weak keys. This article continues to discuss the discoveries surrounding the generation of weak private keys and the abuse of these keys by a blockchain bandit to swipe 45,000 Ethereum valued at more than $50 million.

    Wired reports "A 'Blockchain Bandit' Is Guessing Private Keys and Scoring Millions"

  • news

    Visible to the public "Improving Security as Artificial Intelligence Moves to Smartphones"

    Devices such as smartphones, security cameras, and speakers, will soon rely more on artificial intelligence to increase the speed at which speech and images are processed. A compression technique, called quantization, reduces the size of deep learning models in order to lessen computation and energy costs. However, compressed AI models have been found to be more vulnerable to adversarial attacks that could cause models to misclassify altered images. MIT and IBM researchers have developed a technique to improve the security of compressed AI models against such attacks. This article continues to discuss findings of a new study conducted by MIT and IBM researchers in relation to the vulnerability of compressed deep learning models to adversarial attacks and the technique developed to reduce this vulnerability.

    MIT News report "Improving Security as Artificial Intelligence Moves to Smartphones"

  • news

    Visible to the public Cyber Scene #32 - Globalized Tech: Tightropes Everywhere

    Cyber Scene #32
    Globalized Tech: Tightropes Everywhere

  • news

    Visible to the public "LinkedIn Data Found in Unsecured Databases"

    LinkedIn used eight unsecured databases which held approximately 60 million records of LinkedIn user information. The unsecured data contained: LinkedIn profile information, including IDs, profile URLs, work history, education history, location, listed skills, other social profiles, the last time the profile was updated, and email address when the LinkedIn account was created. LinkedIn investigated the issue and concluded that a third-party company exposed a set of data aggregated from LinkedIn public profiles, as well as other, non-LinkedIn sources. LinkedIn has no indication that there has been a breach. Amazon, who was hosting the databases was notified, and as of April 15, 2019, the databases were secured and were no longer accessible via the internet.

    Infosecurity reports: "LinkedIn Data Found in Unsecured Databases"

  • news

    Visible to the public "6 Takeaways from Ransomware Attacks in Q1"

    Although there has been a decrease in the number of ransomware attacks, the intensity of such attacks have grown in that ransom payments are higher, downtime loss is greater, and the recovery time is longer. According to a new report released by Coverware in which the findings of a study on ransomware attacks in the first quarter of 2019 are presented, victims are being demanded to pay more, ransomware attacks are becoming less automated, manufacturing companies have become a more attractive target for ransomware attacks, downtime caused by ransomware is increasing, and more. In order for organizations to defend against ransomware attacks, multiple layers of security in addition to access restriction and backups must be implemented. This article continues to discuss six trends observed from ransomware attacks launched so far in 2019.

    Dark Reading reports "6 Takeaways from Ransomware Attacks in Q1"

  • news

    Visible to the public "Security Culture Questions to Consider"

    In order for enterprises to more effectively mitigate cybersecurity weaknesses, a security culture must be fostered within the workplace through the use of tools, training, and other technology aids. Enterprise security culture is an essential part of risk management. There are three questions that security and technology leaders should consider in the pursuit towards an enhanced security culture, which touch on how employees value security, why employees should care about security, and leadership. This article continues to discuss the importance of improving enterprise security culture and three questions that security leaders need to consider in the assessment of this culture within their organizations.

    GovTech reports "Security Culture Questions to Consider"

  • news

    Visible to the public "How an Annual ‘Cyber Shield’ Drill Helps the National Guard Secure Elections"

    Cyber Shield is an Army National Guard exercise aimed at testing and enhancing the cyber incident-response capabilities of the Guard. Participants of this year's exercise include National Guard units from 40 states, those working in the private sector, and people from federal agencies such as the Federal Bureau of Investigation (FBI) and National Security Agency (NSA). The ability to detect suspicious activity on a network and lock down unauthorized access to a system is tested in this exercise. This article continues to discuss the growth, participants, and aim of the National Gaurd's Cyber Shield, along with how this exercise helps election security.

    CyberScoop reports "How an Annual 'Cyber Shield' Drill Helps the National Guard Secure Elections"

  • news

    Visible to the public "Microsoft email breach gave hackers access to account information for months"

    Microsoft has been affected by a data breach involving attackers leveraging a customer support account to access customers' email information. Microsoft-managed email services such as @Outlook.com, @MSN.com and @Hotmail.com were affected by the breach. Microsoft notified users that hackers may have been able to access information about their accounts including: their email address, email subject lines, and frequent contacts. Microsoft reports that the contents of any messages or attachments were not able to be seen. This breach has been occurring from January 1 through March 28 of this year, but could have been occurring for six months. Once the breach was discovered, Microsoft immediately disabled the compromised credentials, prohibiting their use for any further unauthorized access.

    CyberScoop reports: "Microsoft email breach gave hackers access to account information for months"

  • news

    Visible to the public "Cybercriminals Attack Cloud Server Honeypot Within 52 Seconds"

    A report recently released by Sophos, titled "Exposed: Cyberattacks on Cloud Honeypots", highlights the speed at which a cloud server honeypot was attacked by cybercriminals, the average number of attempted attacks on cloud servers per minute, and more. According to the report, cybercriminals attacked one of Sophos' cloud server honeypots within 52 seconds of it going live. This article continues to discuss findings of Sophos' study of 10 cloud server honeypots in relation to the speed and scale of attacks on these honeypots, and the importance of constant visibility of public cloud infrastructure.

    Back End News report "Cybercriminals Attack Cloud Server Honeypot Within 52 Seconds"

  • news

    Visible to the public "DevSecOps: Fast Development Without Sacrificing Safety"

    DevOps is a set of practices that have been increasingly adopted by organizations to increase the speed at which software is developed and delivered. However, organizations are encouraged to adopt DevSecOps in which security is considered at every stage of the software delivery lifecycle. This article continues to discuss the adoption of DevOps by organizations, how organizations can transition from DevOps to DevSecOps, the challenges posed by cloud computing, and the adoption of tools that provide real-time visibility into potential attacks at the application layer.

    Help Net Security "DevSecOps: Fast Development Without Sacrificing Safety"

  • news

    Visible to the public "Cyberspies Hijacked the Internet Domains of Entire Countries"

    A hacker group, called Sea Turtle, has been discovered by researchers at Cisco's Talos security devision to be carrying out an espionage campaign primarily targeting government organizations in the Middle East and North Africa, including intelligence agencies, ministries of foreign affairs, and more, to gain access to sensitive networks. The espionage campaign was launched through the performance of DNS hijacking and impacted 40 different organizations in 13 countries. This article continues to discuss the Sea Turtle espionage campaign in relation to its targets and performance of DNS hijacking, as well as the growing popularity of DNS hijacking among hackers and a possible solution to DNS hijacking.

    Wired reports "Cyberspies Hijacked the Internet Domains of Entire Countries"

  • news

    Visible to the public "Malvertising Campaign Abducts Half a Billion Chrome on iOS Sessions to Push Fake Ads"

    Confidant, an IT security firm, recently published a blog post in which the details of a malvertising campaign, dubbed eGobbler, are presented. According to researchers, eGobbler, abused a vulnerability in Chrome for iOS. Through the exploitation of this vulnerability, hackers were able to push fake advertisements to 500 million user sessions as well as hijack sessions. This article continues to discuss the eGobbler malvertising campaign in relation to its targets, techniques, and discovery by researchers, along with the need to create an industry safeguard against malvertising.

    SC Media reports "Malvertising Campaign Abducts Half a Billion Chrome on iOS Sessions to Push Fake Ads"

  • news

    Visible to the public "Army Researchers Identify New Way to Improve Cybersecurity"

    Cyberattacks pose a significant threat to the security and privacy of individuals, government agencies, and businesses, making cybersecurity one of the biggest concerns of the nation. A new way in which network security can be improved has been identified by researchers at the U.S. Army Combat Capabilities Development Command's Army Research Laboratory and Towson University. Researchers have developed a strategy to compress network traffic without negatively impacting the ability of analysts to discover and investigate malicious activity in a network. This article continues to discuss how this strategy will help improve upon network security, the expected advancement of this technique, and the future of intrusion detection.

    ECN Magazine reports "Army Researchers Identify New Way to Improve Cybersecurity"

  • news

    Visible to the public "Cloud Security Spending Set to Top $12bn by 2023"

    A greater amount of companies are starting to use cloud services. Organizations spent $178 billion on public cloud services last year, and the amount of money spent on public cloud services is expected to grow to $236 billion by 2020. Global spending on cloud security is set to grow nearly 18% to reach $12.7 billion by 2023, with protection for public cloud deployments prioritized over the coming years. Since more and more companies are using cloud services, it is becoming more important to protect mission critical systems and sensitive data on the cloud.

    Infosecurity reports: "Cloud Security Spending Set to Top $12bn by 2023"

  • news

    Visible to the public "Hackers Could Read Your Hotmail, MSN, and Outlook Emails by Abusing Microsoft Support"

    Microsoft has confirmed that some of its email service users were the targets of an attack sometime between January 1st and March 28th. Hackers were able to access the contents of users' email accounts through the abuse of Microsoft's customer support portal. Information such as the subject lines of users' emails, who users have communicated with, and more, were accessed by hackers. This article continues to discuss the details of this incident and how Microsoft responded.

    Motherboard reports "Hackers Could Read Your Hotmail, MSN, and Outlook Emails by Abusing Microsoft Support"

  • news

    Visible to the public "Researchers in Singapore Demonstrate New Quantum Key Distribution Technique over Singtel's Fibre Network"

    A breakthrough in quantum key distribution (QKD) has been made by a team of researchers from the National University of Singapore (NUS) and Singtel, Asia's leading communications group. QKD differs from traditional encryption in that it is uses the laws of physics to protect the transport of keys between communicating parties. The new method demonstrated by researchers to bolster QKD, shows that QKD can be used over commercial fiber networks. This article continues to discuss the concept of QKD, the new technique developed by researchers to advance QKD, and what this advancement in QKD indicates.

    ZDNet reports "Researchers in Singapore Demonstrate New Quantum Key Distribution Technique over Singtel's Fibre Network"

  • news

    Visible to the public "Experts Explore Mystery of Security Metrics"

    The AFCEA Cyber Committee explored the area of security metrics by surveying and interviewing organizations with cybersecurity programs. The results from these surveys and interviews further highlight that measuring the adequacy of cybersecurity protections remains a challenge. Results showed that organizations still struggle to determine metrics for measuring security posture. Organizations also find it difficult to communicate their state of security to boards of directors or senior executives. This article continues to discuss the exploration of security metrics by the AFCEA Cyber Committee and key findings of this examination in relation to the challenges associated with security metrics, the existence of security metrics guidance, and organizations' efforts in security metrics.

    SIGNAL Magazine reports "Experts Explore Mystery of Security Metrics"

  • news

    Visible to the public "New Attacks (and Old Attacks Made New)"

    In todays world new malware and zero-day attacks are reasonably rare and are vastly outnumbered by reconfigured malware and the regular return of old attacks. It is important to be prepared for the new attacks, however it is also very important to not to forget about old attacks, since they happen more regularly.

    DARKReading reports: "New Attacks (and Old Attacks Made New)"

  • news

    Visible to the public "Aftershock-3PC: Polymorphic Malware Attack on 200+ Premium Publishers"

    A new form of malware targeting ad networks, called AfterShock-3PC, is said to have been designed to circumvent signature-based detection in that it continuously alters its identifiable features. According to the Digital Security and Operations (DSO) team at the ad verification firm, The Media Trust, AfterShock-3PC has already attacked more than 200 premium publishers. This article continues to discuss the capabilities, targets, and supposed perpetrators behind AfterShock-3PC, as well as the analysis of this malware and the rise in adaptive attacks.

    The Media Trust reports "Aftershock-3PC: Polymorphic Malware Attack on 200+ Premium Publishers"

  • news

    Visible to the public "TicTocTrack Smartwatch Flaws Can Be Abused to Track Kids"

    Researchers at Pen Test Partners have uncovered vulnerabilities contained by a popular Australian smartwatch for kids, called TicTocTrack. Parents can track the location of their children via the smartwatch. According to researchers, the vulnerabilities discovered in the watch could be exploited by hackers to perform malicious activities such as track the location of children, spoof locations, call children, and more. This article continues to discuss where these security flaws stem from, what their exploitation could allow attackers to do, and the response to the discovery of these vulnerabilities.

    Threatpost reports "TicTocTrack Smartwatch Flaws Can Be Abused to Track Kids"

  • news

    Visible to the public "Privacy 'Poisoning' Poses Threat to Companies Using Blockchain"

    Blockchain technology can be made unusable through the launch of a privacy poisoning attack. A privacy poisoning attack is a new kind of cyberattack that can be performed by loading private data such as names, home addresses, credit card numbers, and more, into the blockchain. This attack can also be performed through the loading of illegal material into the blockchain. An affected chain would be unusable due to conflicts with privacy laws such as the General Data Protection Regulation (GDPR). This article continues to discuss the increased interest surrounding the use of blockchain technology, the concept of privacy poisoning attacks, the rise in blockchain poisoning, and the potential impact of such attacks on the implementation of blockchain technology by organizations.

    Phys.org reports "Privacy 'Poisoning' Poses Threat to Companies Using Blockchain"

  • news

    Visible to the public "Cyber security – should your business be worried?"

    Every business no matter how big or small relies on computers and digitalization to perform their basic functions. If a company is breached, then it can cost a lot of money for the company to fix and mitigate the affect of the attacks. Every company, no matter how big or small, should take cybersecurity seriously. Many cybercrimes are result of human error, usually an employee causes the breach of information, so business owners should generate awareness and educate staff around security best practices. A business should also have a cyber security and disaster recovery strategy.

    BuisnessMattersMagazine reports: "Cyber security - should your business be worried?"

  • news

    Visible to the public ARCH 2019 Best Result Award

    The ARCH 2019 Best Result Award goes to Fabian Immler for his verification tool Isabelle/HOL-ODE-Numerics. The award comes with a 650 Euro prize sponsored by Bosch. Since Fabian couldn't be at the ceremony, Matthias Althoff accepted the certificate on his behalf, from Arne Hamann of Bosch.

  • news

    Visible to the public "DHS Alerts Industry to Insecure Enterprise VPN Apps"

    The Department of Homeland Security (DHS) recently issued an alert to the public pertaining to the presence of a vulnerability in virtual private network (VPN) applications made by Cisco, F5 Networks, Palo Alto Networks, and Pulse Secure. According to the warning released by DHS, the exploitation of this vulnerability could allow hackers to access other applications running on a VPN connection. This article continues to discuss the security flaw in relation to where it comes from, which VPN apps it affects, what it could allow hackers to do, along with VPN vendors' responses to this vulnerability.

    CyberScoop reports "DHS Alerts Industry to Insecure Enterprise VPN Apps"

  • news

    Visible to the public "Report: Healthcare Is No. 1 - For Breaches"

    Healthcare organizations are ranked number one when it comes to being affected by breaches. Once an attacker gained access to a device or an account, the most common next steps were accessing an Office 365 account (34 percent); roaming the network to find available data (30 percent); installing ransomware (12 percent); and obtaining a wire transfer to an attacker's account (8 percent). Cybersecurity needs to be a priority to healthcare organizations.

    Govinfosecurity reports: "Report: Healthcare Is No. 1 - For Breaches"

  • news

    Visible to the public "The Cybersecurity Workforce Shortage Is a Big Problem. You Can Help Girl Scouts Solve It."

    In support of closing the cybersecurity workforce gap, the Girl Scouts launched a program aimed at strengthening the cybersecurity skills of young girls. Within the first six months of the program, 44,000 cybersecurity badges were earned by girls in kindergarten through fifth grade. The program encourages girls to explore career paths in the field of cybersecurity and other STEM fields. The cybersecurity skills of young girls should be cultivated in order to diversify and increase the number of skilled cyber professionals in the cybersecurity workforce. This article continues to discuss the importance of addressing the cybersecurity workforce shortage, the cybersecurity curriculum launched by the Girl Scouts, and how others can get involved in this initiative.

    Security Boulevard reports "The Cybersecurity Workforce Shortage Is a Big Problem. You Can Help Girl Scouts Solve It."

  • news

    Visible to the public "Building Biologically-Inspired Software"

    Engineers in the Department of Electrical Engineering at the University of South Florida have developed new network protection software that is based on the human immune system. Researchers looked at the mechanisms of human immune system to see how they could be applied in the performance of intrusion detection in wireless sensor networks. The biologically-inspired software developed by researchers can identify and eliminate threats facing a network when it is at risk of being attacked, much like the immune system when the human body becomes infected. This article continues to discuss the inspiration, research, and development behind the biologically-inspired cybersecurity software.

    USF News report "Building Biologically-Inspired Software"

  • news

    Visible to the public "Popular Video and Sound Editing Website VSDC Hacked to Propagate Banking Trojans"

    Security researchers at Doctor Web discovered the compromise of the popular video editing website, VSDC, by hackers. Download links on the VSDC website were hijacked in order to infect the video editing website with a banking Trojan (Win32.Bolik.2) and information stealer (Trojan.PWS.Stealer). One Trojan steals information from browsers, messengers, and more. This article continues to discuss the hacking of VSDC to distribute banking Trojans, and past discoveries surrounding the insufficient security of the VSDC website.

    Computing reports "Popular Video and Sound Editing Website VSDC Hacked to Propagate Banking Trojans"

  • news

    Visible to the public "Majority of Organizations Lack a Cybersecurity Incident Response Plan"

    Findings of a study on cyber resilience by IBM Security and the Ponemon Institute indicate that the majority of organizations do not have a cybersecurity incident response plan in place in the event that a cyber incident occurs. The implementation of cybersecurity incident response plans can increase the speed at which organizations respond to cyberattacks and reduce the costs of those cyberattacks. This article continues to discuss findings of the study in regard to the absence or inadequate testing of cybersecurity incident response plans in organizations and the importance of such plans.

    MeriTalk reports "Majority of Organizations Lack a Cybersecurity Incident Response Plan"

  • news

    Visible to the public "Majority of Hotel Websites Leak Guest Booking Info"

    New research conducted by Symantec reveals the leakage of detailed guest booking data by the majority of hotels to third-party advertisers, social media websites, and more. This data includes information such as names, addresses, mobile phone numbers, passport numbers, and more. These are the findings of tests performed by Symantec on more than 1,500 hotels located in 54 countries. This article continues to discuss the findings of this study in relation to the leakage of guest booking info by hotel websites, along with the privacy and compliance risks associated with the leakage of this info.

    Dark Reading reports "Majority of Hotel Websites Leak Guest Booking Info"

  • news

    Visible to the public "Phishing Scheme Uses Legit Signup Forms to Steal Payment Card Data"

    Security researchers have found that cybercriminals are using signup forms for official newsletters from the websites of international companies to hide phishing attacks. According to researchers, these phishing emails can evade spam filters used by servers and clients, as well as deceive the recipients of the emails into opening them through the use of addresses of well-known official companies such as Audi, Austrian Airlines, and more. The purpose of this phishing campaign is to collect credit card information. This article continues to discuss the approach used in this new phishing campaign as well as the use of Google Translate and the tax season as phishing vectors.

    Bleeping Computer reports "Phishing Scheme Uses Legit Signup Forms to Steal Payment Card Data"

  • news

    Visible to the public "New Super-Secure Wi-Fi Is Actually Full of Security Holes"

    Wi-Fi Protected Access 3 (WPA3) isn't as secure as it was proclaimed to be as researchers have uncovered critical design flaws in the Wi-Fi security and authentication standard. According to researchers, WPA3 is vulnerable to the same attacks that WPA2 is susceptible to. WPA3 was supposed to be a major improvement over WPA2 through the performance of an encryption process, called the Dragonfly handshake. Dragonfly handshakes were expected to be harder to crack than the traditional four-way handshake used by WPA2 to generate session keys. However, researchers have discovered design flaws in the WPA3 standard's Dragonfly key exchange that could allow attackers to recover Wi-Fi passwords and enter networks. This article continues to discuss the security enhancements that WPA3 was supposed to offer and the discovery of vulnerabilities in this standard, along with the Wi-Fi Alliance's response to these findings.

    Gizmodo reports "New Super-Secure Wi-Fi Is Actually Full of Security Holes"

  • news

    Visible to the public "Google's Making It Easier to Safeguard Sensitive Data Troves"

    Google's Data Loss Prevention (DLP) tool has the capability to perform scans of large amounts of data in the cloud in order to identify and redact the data that is sensitive. The tool is used in many Google products, but it can also be used by administrators outside of Google's ecosystem as the tool offers an application programming interface. DLP has been upgraded to allow those with no technical expertise to easily use the tool. This tool has machine learning capabilities such as image recognition, machine vision, natural language processing, and context analysis to help in the discovery and redaction of sensitive data. This article continues to discuss the capabilities, goals, and applications of Google's DLP, as well as its upgrade.

    Wired reports "Google's Making It Easier to Safeguard Sensitive Data Troves"

  • news

    Visible to the public "Is AI In Cyber Security A New Tool For Hackers In 2019?"

    AI is being used more and more to help protect from cyberattacks. AI uses machine learning to enhance its intelligence. To improve cybersecurity, it fills the gap of lack of skills to prevent cyber attacks. While AI can improve cybersecurity, companies should be worried about the threat of hackers who use AI to launch attacks. Hackers that use AI can use it to bypass facial security, deceive autonomous vehicles to misinterpret speed limits and stop signals, and fool sentiment analysis of hotels, movie reviews and more. It can also be used to bypass spam filters, fake voice commands, misclassify system based medical predictions, and get past anomaly detection engines. While the benefits far outweigh potential downsides, a robust defense strategy is required by a company to protect an organizations' data from sophisticated AI-based hacking attempts.

    Dazeinfo reports: "Is AI In Cyber Security A New Tool For Hackers In 2019?"

  • news

    Visible to the public "Framing Supply Chain Attacks"

    As software development teams are pressured to deliver applications in a short amount of time, they often turn to open source components, code reuse, and third-party integrations, thus increasing the vulnerability of applications to cyberattacks and the threat of supply chain attacks. This article continues to discuss how the software industry has changed, the dependence on open source libraries and the integration of third-party scripts in the development of applications, and the growing threat of supply chain attacks.

    Help Net Security reports "Framing Supply Chain Attacks"

  • news

    Visible to the public "DNS hijacking campaigns target Gmail, Netflix, and PayPal users"

    There is a DNS hijacking campaign that has been ongoing for the past three months. Attackers are targeting the users of popular online services, including Gmail, Netflix, and PayPal. During the DNS hijacking, the hacker compromises consumer routers and modifies the DNS settings to redirect users to fake websites designed to trick victims into providing their login credentials.

    CyberDefenseMagazine reports: "DNS hijacking campaigns target Gmail, Netflix, and PayPal users"

  • news

    Visible to the public "Cybersecurity Team at NAU Testing Ternary Computing to Secure Blockchain Technology for Cryptocurrency, Other Applications"

    A team of cybersecurity researchers at Northern Arizona University's (NAU) School of Informatics, Computing, and Cyber Systems, has been awarded a $125,000 grant by the U.S. Air Force Research Lab (AFRL) in support of work to strengthen the security of the blockchain. With the support from AFRL, researchers will develop an architecture that can strengthen the security of blockchain technology through the use of ternary computing and ternary physical functions (T-PUF). This article continues to discuss cryptocurrency, blockchain technology, how blockchain technology poses a threat to U.S. national security, and the NAU project that aims to secure the blockchain.

    NAU reports "Cybersecurity Team at NAU Testing Ternary Computing to Secure Blockchain Technology for Cryptocurrency, Other Applications"