Breaking Security News

More in this category →

Other News

Auto Industry Publishes Best Practices for Cybersecurity

July 22, 2016 18:080 comments
New Best Practices Guidelines from the Auto Industry ISAC are intended to promote cyber security. (Image courtesy of The Library of Congress.)

In-brief: An Automotive industry information sharing group has published Best Practices” document, giving individual automakers guidance on improving the cybersecurity of their vehicles.

Read more ›

Right to Repair Groundswell as Farmers Battle DMCA

July 20, 2016 15:230 comments
Modern tractors, like this John Deere 8235 R, contain sophisticated hardware and software. But farmers are finding that a 1990s era copyright protection law prevents them from repairing them when they break.

In-brief: Manufacturers are using the Digital Millennium Copyright Act to prevent farmers and heavy equipment owners from repairing their own machinery. But efforts in a number of states are pushing a “right to repair” citing the DMCA’s cost to small business owners and the stifling effect on start ups and potentially new industries. 

Read more ›

REPORT: 2015 Sees Big Jump in Ransomware Attacks

10:280 comments
A new report by Symantec finds a sharp increase in the number of ransomware families and new, targeted attacks against organizations.

In-brief: 2015 was a record year for ransomware, according to Symantec’s latest Internet Security Threat Report. There’s evidence that cyber criminals are coupling ransomware with sophisticated, targeted attacks. 

Read more ›

Trainwreck: Study Calls for Rethink of Rail Security

July 19, 2016 16:430 comments
A study finds that security planning for rail networks doesn't anticipate remote cyber attacks as a risk. (Image courtesy of Library of Congress)

The folks over at SCADA Strangelove turned me on to this article from the International Railway Journal that presents the findings of an analysis of the security of industrial control and SCADA systems used to manage railway networks. The conclusion: railways are rife with “faults and vulnerabilities (that will) allow cyber criminals to not only degrade key reliability parameters and bypass safety mechanisms (and) carry out attacks which directly affect rail traffic safety.” The study was conducted by Valentin Gapanovic, the senior vice president of Russian Railways, Efim Rozenberg, the first deputy director general at the Moscow based research firm NIIAS JSC and Kaspersky Lab Deputy Chief Technology Officer Sergey Gordeychik. At issue is not just the systems that are used to manage railway networks, including the movements of trains and critical switching systems that configure tracks. Rather: it is the culture of safety and security in the rail sector which, the study concludes, is still silo’d between physical […]

Read more ›

ENISA Looking for Help with Cybersecurity Policies For Autos

15:500 comments
The EU's leading information privacy and security group will be issuing a report on smart car security and is soliciting feedback from auto industry suppliers and experts.

In-brief: The EU’s leading information privacy and security group will be issuing a report on smart car security and is soliciting feedback from auto industry suppliers and experts.

Read more ›

Security Ledger Archives

Conversations with a CISO (Sponsored by Invincea)

Conversation with Alan Daines of Dell Inc.

Conversation with Craig Shumard of Shumard & Assoc. (Nov. 5, 2014)

Conversation with Daniel Conroy of Synchrony Financial (Feb 5, 2015)

Conversation with Vas Rajan of CLS Bank (March 19, 2015)

Conversation with Lt. Gen. Rhett Hernandez (April 28, 2015)

Conversation with Jon Trull, CISO of Qualys(Oct. 14, 2014)