Post Tagged with: "critical infrastructure"

Supply Chain Hackers Use Short List of Techniques | Trend Micro

March 31, 2015 11:160 comments
Trend Micro describes some of the most common supply chain attack techniques in a blog post.

In-brief: Trend Micro notes that supply chain attacks are on the rise, with attackers relying on a short list of techniques including compromises of source code, firmware and so-called “watering hole” attacks. Like this:Like Loading…

Read more ›

The Flood: IBM Launches $3B Internet Of Things Offensive

10:410 comments
IBM announced a $3 billion investment to create an Internet of Things division. It will partner with The Weather Company to product "micro forecasts" for businesses.

In-brief: IBM announced that it would spend $3 billion in the next four years to build an Internet of Things division that will develop tools to help companies tap the flood of data from connected devices and remote sensors. A partnership with The Weather Company is just the start.  Like this:Like Loading…

Read more ›

Update: CAs Still Accepting E-mail as Proof of Domain Ownership

March 27, 2015 13:220 comments
Many certificate authorities allow an e-mail address to serve as proof of domain ownership.

In-brief: Carnegie Mellon’s CERT issued a warning that many certificate authorities continue to issue domain certificates with no more proof than the right e-mail address. Updated to include comment from GlobalSign. Paul 3/27/2015 Like this:Like Loading…

Read more ›

Bill in U.S. House would Open Doors to Threat Intel Sharing | Reuters

March 25, 2015 11:310 comments
A bill introduced in the House of Representatives promises to open to door to companies sharing information on cyber incidents, but keep data out of the hands of U.S. intelligence agencies.

  In-brief: Leaders of the House of Representatives Intelligence Committee introduced the Protecting Cyber Networks Act on Tuesday. The bill would make it easier for companies to share information about attacks with each other and with the government. It also addresses concerns about omnibus spying by U.S. intelligence agencies.  Like this:Like Loading…

Read more ›

Updated: Google warns of unauthorized TLS certificates trusted by almost all OSes | Ars Technica

March 24, 2015 10:490 comments
Updated: Google warns of unauthorized TLS certificates trusted by almost all OSes | Ars Technica

In-brief: Google warned its users that unauthorized digital certificates have been issued for several of its domains. The certificates are linked to an intermediary certificate authority for CNNIC, which administers China’s domain name registry. Updated with comment from Kevin Bocek of Venafi. Paul 3/27/2015  Like this:Like Loading…

Read more ›
%d bloggers like this: