In-brief: Rapid7 said it found a number of flaws that leaked data on users of collaboration technology by Fuze. In an increasingly common finding: poorly secured cloud resources, not the handsets, were the problem.
Threats
Analysis: there is both Means and Motive for Cyber Attacks on Navy Vessels
In-brief: could cyber attacks have played a role in recent collisions between US Navy vessels and commercial ships? The short answer is yes. Regardless of what caused the most recent incidents, both the means and the motive exist to launch such attacks in the future.
The Spectrum of Mobile Risk: Protecting Your Corporate Data
In-brief: organizations need to better understand mobile risks if they want to protect critical data, writes Aaron Cockerill of the firm Lookout.
OSINT University: are Colleges and Universities protecting Student Data?
In-brief: Colleges and universities collect reams of student data – including personally identifying information- as part of their student “directory” files. They then distribute it to – basically – whomever asks. In this podcast, we talk with researcher Leah Figueroa who has researched the issue. Also: where are all those Devil’s Ivy attacks? And: companies are desperate for tools and talent to beat back sophisticated threats. Is artificial intelligence the answer? We talk with Endgame about the results of a new survey.
Was the Devil’s Ivy Vulnerability a Dud? Don’t Count on It.
In-brief: The Devil’s Ivy vulnerability in the open source gSOAP library is widespread and supposedly trivial to exploit. So why, one month later, haven’t we seen any attacks? Is Devil’s Ivy a dud? ‘Don’t count on it,’ security experts tell us.
