Information Security Buzz, November 28, 2019, with comments by Ray DeMeo; Just before Thanksgiving, the Department of Homeland Security (DHS) released its refreshed list of the 25 Most Common Software Weaknesses. The list of Common Weakness Enumeration (CWE) contains the 25 most dangerous software errors, so named because they are considered the most frequent and critical errors that can result [...]
Journal of Cyber Policy, IS Buzz News, December 6, 2019, with comments by Satya Gupta; Hundreds of thousands of customer phone bills from AT&T, Verizon and T-Mobile were found on an exposed storage server Last week TechCrunch released news that a Sprint contractor placed hundreds of thousands of cell phone bills belonging to subscribers on an unprotected Amazon AWS server. [...]
Data Center Knowledge, November 12, 2019, with comments by Satya Gupta Based on the secure chip in Pixel phones, the recently open sourced project holds promise for data center hardware. Google made its new computer chip, OpenTitan, open source last month. The project is a hopeful one for making computing chips more secure and cheaper, in time. It will take [...]
Listen to podcast What does Chinese tech giant Huawei have in common with the precocious kid next door who knows how to hack his favorite video game? The former has been accused of placing hidden backdoors in the firmware of equipment distributed to smaller telecom companies all across the U.S. The latter knows how to carry out a DLL injection hack — [...]
ISBuzzNews, November 24, 2019, with comments by Willy Leichter Last week’s news revealed 1.2 billion records were exposed in an online data leak, residing all on one unsecured server. The Elastisearch server was discovered on October 16 by Dark Web researcher Vinny Troja, while searching for other leaks with colleague Bob Diachenko. The exposed data was a departure from what [...]
Journal of Cyber Policy (Nov 21), isBuzznews (Nov 22), CPO Magazine (Dec 5), with comments from Ray DeMeo; A well-known and active Iranian hacker group is targeting the physical control systems used in electric utilities, manufacturing, and oil refineries. Security researchers have been observing the APT33 hackers shifting their targets from IT networks toward critical infrastructures, leading them to wonder if [...]
Threat Post, November 7, 2019, with comments by Willy Leichter Organizations have paid trillions in breach fines, yet the count of compromised companies, data and people keeps rising As data breaches continue to be a daily event, security experts and executives are looking for ways to stop the trend. In the past five years, breaches have shot up to the [...]
Journal of CyberPolicy and Information Security Buzz, October 8. 2019, with comments by Satya Gupta A hacker illegally stole and used a customer’s login credentials to access the TransUnion web portal. They then used this access to pull consumer credit files of up to 37,000 Canadians. The breach took place between June 28 and July 29 this year. The stolen [...]
Marsh announced that Virsec Security Platform® was one of the seventeen designated Cyber Catalyst solutions for 2019. Many cyber insurers convened to identify 150 product contenders, of which 17 were designated. Download datasheet (no registration required) Virsec Security Platform (VSP) stops fileless attacks and in-memory exploits that escape detection of other security options. Filess malware, memory corruption and other advanced [...]
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.