In-brief: Apple announced on Thursday that a new bug bounty program would pay researchers up to $200,000 for information on flaws in its iOS mobile operating system and iCloud service, joining the ranks of technology firms that offer cash for information on software vulnerabilities.
In-brief: The Thread Group and the Open Connectivity Foundation (OCF) announced that the two alliances will be working together to “advance the adoption of connected home products.”
In-brief: Politico writers Cory Bennett and Bryan Bender note that the hack of the Democratic National Committee, the Democratic Congressional Campaign Committee and the Clinton Campaign underscore lax federal oversight of election infrastructure.
In-brief: 2015 was a record year for ransomware, according to Symantec’s latest Internet Security Threat Report. There’s evidence that cyber criminals are coupling ransomware with sophisticated, targeted attacks.
The folks over at SCADA Strangelove turned me on to this article from the International Railway Journal that presents the findings of an analysis of the security of industrial control and SCADA systems used to manage railway networks. The conclusion: railways are rife with “faults and vulnerabilities (that will) allow cyber criminals to not only degrade key reliability parameters and bypass safety mechanisms (and) carry out attacks which directly affect rail traffic safety.” The study was conducted by Valentin Gapanovic, the senior vice president of Russian Railways, Efim Rozenberg, the first deputy director general at the Moscow based research firm NIIAS JSC and Kaspersky Lab Deputy Chief Technology Officer Sergey Gordeychik. At issue is not just the systems that are used to manage railway networks, including the movements of trains and critical switching systems that configure tracks. Rather: it is the culture of safety and security in the rail sector which, the study concludes, is still silo’d between physical […]
