In-brief: is it ever the case that things happen that “nobody saw coming”? Our guest on this week’s podcast would say “no.” He is Richard Clarke, a former National Coordinator for Security, Infrastructure Protection and Counter-terrorism for the United States and a veteran of four administrations, from President Ronald Reagan through to President George W. Bush. We talk about modern-day Cassandras: people who are warning about looming catastrophes, mostly in vain.
Hackers working on behalf of the government of Iran are using alluring social media profiles featuring a young, English photographer to entice and then compromise the systems of high value targets in the oil and gas industry, according to a report by Dell Secureworks. In a report released on Thursday, Secureworks’ Counter Threat Unit (CTU) said that it observed an extensive phishing campaign beginning in January and February 2017 that used a polished social media profile of a young, English woman using the name “Mia Ash” to conduct highly targeted spear-phishing and social engineering attacks against employees of Middle Eastern and North Africa firms in industries like telecommunications, government, defense, oil and financial services. The attacks are the work of an advanced persistent threat group dubbed COBALT GYPSY or “Oil Rig” that has been linked to other sophisticated attacks. The attacks, which spread across platforms including LinkedIn and Facebook, as […]
In-brief: a story claiming more than 100,000 hack attempts on South Carolina’s election systems raises more questions than it answers about efforts to tamper with the U.S.’s voting systems.
In-brief: more than three years after it was first discovered, the Heartbleed vulnerability in OpenSSL continues to plague organizations worldwide. Why has it been so hard to fix? In this Industry Perspective, Patrick Carey of the firm Black Duck talks about some of the complicating factors that make vulnerabilities like Heartbleed so hard to eradicate.
In-brief: Two, serious flaws in a common wireless router made by the firm TP-Link open the door to a hacker gaining control over the device, just the latest flaw revealed in broadband and wifi routers, the firm Senrio said Monday.
