an image of a metal tower of Power Lines

Study: Energy, Utilities Struggle with Security Readiness

In-brief: a survey of key sectors found that energy and utilities firms are struggling to reduce their risk of an attack.

On the Internet of Things, Failure is a Virtue

In-brief: Cisco’s Marc Blackmer argues that fail fast, fail often is as relevant to securing the IoT as it is to developing new IoT products. 

Verizon: Internet of Things Hacks Pose Little Risk – For Now

In-brief: Verizon said in its latest Data Breach Investigations Report that threats from Internet of Things technologies were more theory than practice in 2014, but that 2015 could see IoT devices play a role in breaches.

MIT Does Full Court Press on Cybersecurity Research

In-brief: MIT, the East Coast’s leading technical university, will announce three, major cyber security initiatives aimed at web-based security, critical infrastructure and cyber policy. 

Regin Espionage Tool Active since 2008 | Symantec Connect

Symantec on Sunday published research describing a new family of malware that it claims has been circulating, quietly, for close to six years. (Gulp!) According to a post on Symantec’s Security Response blog, Regin infections have been observed as far back as 2008, but the malware went quiet after about 2011, only to resurface in 2013 in attacks on a wide range of targets including private and public entities and research institutes. Symantec also observed the malware used in attacks on telecommunications firms and say it appears the malware was being used “to gain access to calls being routed through their infrastructure.”   In a separate research paper, Symantec describes the malware, dubbed “Backdoor.Regin” as a multi-staged threat that uses encrypted components – installed in a series of stages – to escape detection. The key the malware’s stealth is compartmentalization, Symantec found: “each individual stage provides little information on the complete package. Only by acquiring all five stages is it possible […]