Archive for the ‘software’ Category

Analysis: there is both Means and Motive for Cyber Attacks on Navy Vessels

August 21st, 2017

In-brief: could cyber attacks have played a role in recent collisions between US Navy vessels and commercial ships? The short answer is yes. Regardless of what caused the most recent incidents, both the means and the motive exist to launch such attacks in the future. A collision between a Liberian oil tanker Alnic NC and the USS John McCain over...

Read the whole entry... »

Related Stories

Posted in AIS, apt, china, Cyber Command, Cyber Warfare, Government, GPS, hacks, Internet of things, north korea, Patching, Policy, Reports, software, Top Stories, trends, US Navy, vulnerabilities | Comments (0)

The Spectrum of Mobile Risk: Protecting Your Corporate Data

August 17th, 2017

In-brief: organizations need to better understand mobile risks if they want to protect critical data, writes Aaron Cockerill of the firm Lookout.  Mobile devices have become an integral part of enterprises’ critical infrastructure, allowing for increased productivity and flexibility. As mobility increases, so does the amount of sensitive...

Read the whole entry... »

Related Stories

Posted in android, apt, backdoor, carrier, contributed, data privacy, ios, iphone, Lookout Security, Mobile, mobile device management, Mobile Threats, Opinion, published research, Reports, risk, risk management, software, standards, third party, Threats, trends, vulnerabilities | Comments (0)

Uber’s Endless Summer: FTC Settlement over Bogus Security, Privacy Claims

August 15th, 2017

In-brief:  Uber’s Endless Summer continued on Tuesday, when the ride sharing start-up settled with the U.S. Federal Trade Commission (FTC) over charges that the company failed to reasonably secure sensitive consumer data that it collected and stored. The U.S. Federal Trade Commission (FTC) said on Tuesday that it has reached a settlement...

Read the whole entry... »

Related Stories

Posted in automobile, data privacy, FTC, Government, Mobile, Mobile Threats, social networking, social networks, software, Uber | Comments (0)

OSINT University: are Colleges and Universities protecting Student Data?

August 14th, 2017

In-brief: Colleges and universities collect reams of student data – including personally identifying information- as part of their student “directory” files. They then distribute it to – basically – whomever asks. In this podcast, we talk with researcher Leah Figueroa who has researched the issue. Also: where are all...

Read the whole entry... »

Related Stories

Posted in data breach, data privacy, Devil's Ivy, e-commerce, education, Finance, Government, Podcasts, Policy, privacy, Reports, software, vulnerabilities | Comments (0)

Was the Devil’s Ivy Vulnerability a Dud? Don’t Count on It.

August 11th, 2017

In-brief: The Devil’s Ivy vulnerability in the open source gSOAP library is widespread and supposedly trivial to exploit. So why, one month later, haven’t we seen any attacks? Is Devil’s Ivy a dud? ‘Don’t count on it,’ security experts tell us. In July, the warnings were all about the so-called...

Read the whole entry... »

Related Stories

Posted in connected devices, Devil's Ivy, hardware, Internet of things, malware, password, Patching, Reports, Search engine, Senrio, Senrio (Xipiter), Shodan, software, Top Stories, vulnerabilities | Comments (0)

Five Billion Tests Later: IoT and Industrial Control System Protocols Raise Alarms

August 9th, 2017

In-brief: Close to five billion “fuzzing” tests conducted during 2016 reveal protocols used by industrial control systems, vehicles and Internet of Things devices to be weaker, on average, with many crashing hundreds of times and revealing vulnerabilities that could be used by malicious actors.  A study of 4.8 billion automated...

Read the whole entry... »

Related Stories

Posted in connected devices, critical infrastructure, fuzzing, Internet of things, protocol, published research, Reports, software, software development, supply chain, survey, Top Stories, trends, vulnerabilities | Comments (0)

It’s the Corruption, Stupid: why Russians aren’t the biggest threat to Election Security

August 7th, 2017

In-brief: Russian hackers aren’t the biggest threat to the security and integrity of elections says Bev Harris of Black Box Voting. Instead, it’s a more common enemy: run of the mill political corruption, mostly at the local level. Also: Eric Hodge of CyberScout talks about the challenges of helping states secure their election...

Read the whole entry... »

Related Stories

Posted in conferences, critical infrastructure, Cybercrime, data theft, DefCon, election systems, extortion, Fancy Bear, FBI, Federal Court, forensics, fraud, Government, Hacking, Hacks & Hackers, hardware, law enforcement, Podcasts, Policy, Reports, russia, software, standards, Top Stories, trends, voting, vulnerabilities | Comments (0)

At BlackHat: Hell is Other People’s Machine Learning

July 25th, 2017

In-brief: Machine learning is all the rage in the information security industry. But a study by Endgame and University of Virginia suggests that it may be vulnerable to manipulation by sophisticated AI-driven tools. When it comes to matters of war – or even cops and robbers – advances in technology are almost always double-edged...

Read the whole entry... »

Related Stories

Posted in Academia, anomaly detection, anti malware, antivirus, Artificial intelligence, Black Hat, conferences, Endgame, machine learning, malware, software, Top Stories, vulnerabilities | Comments (0)

German Electronics Store Sued for Selling Un-Patchable Android Phones

July 21st, 2017

In-brief: That’ll be $99, or $150 without the vulnerabilities! A lawsuit in Germany is trying to force stores to come clean about security holes in the products they sell to consumers.  ‘That’ll be $99, or $150 without the unpatchable mobile operating system vulnerabilities!’ That line may be more common if a case against...

Read the whole entry... »

Related Stories

Posted in android, application development, BSI, carrier, consumer, data privacy, fraud, Germany, Government, hardware, Internet of things, ios, iphone, Legal News, Mobile, mobile devices, online shopping, Patching, Policy, privacy, SDLC, software, Top Stories, trends, Underwriters Lab, vulnerabilities | Comments (0)

Petya-Bitten Subsidiary will materially impact FedEx

July 19th, 2017

In-brief: FedEx said its TNT subsidiary was still relying on manual processes more than a week after it was ravaged by the Petya wiper malware. The attack will materially impact the company’s financial performance in 2018, FedEx said in a filing with the SEC.  Federal Express (or FedEx) is the latest US firm to claim that the Petya malware...

Read the whole entry... »

Related Stories

Posted in apt, Banking, data breach, FedEx, Government, malware, Mobile Threats, Patching, Petya, Policy, privacy, ransomware, Reports, russia, Securities and Exchange Commission, Shipping, software, supply chain, Transportation, Ukraine, vulnerabilities | Comments (0)