Tag: trends

The Spectrum of Mobile Risk: Protecting Your Corporate Data

The Spectrum of Mobile Risk: Protecting Your Corporate Data

In-brief: organizations need to better understand mobile risks if they want to protect critical data, writes Aaron Cockerill of the firm Lookout. 

Update: Five Billion Tests Later: IoT and Industrial Control System Protocols Raise Alarms

Update: Five Billion Tests Later: IoT and Industrial Control System Protocols Raise Alarms

In-brief: Close to five billion “fuzzing” tests conducted during 2016 reveal protocols used by industrial control systems, vehicles and Internet of Things devices to be weaker, on average, with many crashing hundreds of times and revealing vulnerabilities that could be used by malicious actors. (Editor’s note: added comment by Chris Clark. Aug 9 2017 – PFR)

Fancy Bear? More like Senator Bedfellow, says Bev Harris of Black Box Voting

It’s the Corruption, Stupid: why Russians aren’t the biggest threat to Election Security

In-brief: Russian hackers aren’t the biggest threat to the security and integrity of elections says Bev Harris of Black Box Voting. Instead, it’s a more common enemy: run of the mill political corruption, mostly at the local level. Also: Eric Hodge of CyberScout talks about the challenges of helping states secure their election systems. Problem number one: recalcitrant voting machine makers. 

Operation Lonely Guy: Iranians Use Cute Girl Profile to Cultivate, Compromise Targets in Middle East

Operation Lonely Guy: Iranians Use Cute Girl Profile to Cultivate, Compromise Targets in Middle East

Hackers working on behalf of the government of Iran are using alluring social media profiles featuring a young, English photographer to entice and then compromise the systems of high value targets in the oil and gas industry, according to a report by Dell Secureworks. In a report released on Thursday, Secureworks’ Counter Threat Unit (CTU) said that it observed an extensive phishing campaign beginning in January and February 2017 that used a polished social media profile of a young, English woman using the name “Mia Ash” to conduct highly targeted spear-phishing and social engineering attacks against employees of Middle Eastern and North Africa firms in industries like telecommunications, government, defense, oil and financial services.  The attacks are the work of an advanced persistent threat group dubbed COBALT GYPSY or “Oil Rig” that has been linked to other sophisticated attacks. The attacks, which spread across platforms including LinkedIn and Facebook, as […]

The European Commission is contemplating labels for Internet connected devices that inform consumers about their security and privacy practices.

German Electronics Store Sued for Selling Un-Patchable Android Phones

In-brief: That’ll be $99, or $150 without the vulnerabilities! A lawsuit in Germany is trying to force stores to come clean about security holes in the products they sell to consumers.