Category: Operations Security

Operations Security, Security

House panel floats new cybersecurity grants for state and local governments

June 26, 2019

Via: StateScoop

As ransomware incidents against state and local governments continue to pile up, officials would likely leap at increased federal assistance for their cybersecurity needs, witnesses at a House Homeland Security Committee hearing said Tuesday. Cyberattacks can be costly to local […]

Attacks & Breaches, Operations Security, Security

Hackers behind dangerous oil and gas intrusions are probing US power grids

June 17, 2019

Via: ArsTechnica

In a new troubling escalation, hackers behind at least two potentially fatal intrusions on industrial facilities have expanded their activities to probing dozens of power grids in the US and elsewhere, researchers with security firm Dragos reported Friday. The group, […]

Operations Security, Security

Facebook’s Legal Outlook in the EU Is Looking Increasingly Shaky—Thanks to One Lawyer’s Efforts

June 12, 2019

Via: Fortune

Facebook legal woes in Europe over the years have largely been due to the activism of one man: Max Schrems. And in the last couple of weeks, the Austrian lawyer has scored a couple more significant victories, convincing the supreme […]

Attacks & Breaches, Operations Security, Security

Major HSM vulnerabilities impact banks, cloud providers, governments

June 10, 2019

Via: ZDnet

Two security researchers have recently revealed vulnerabilities that can be exploited remotely to retrieve sensitive data stored inside special computer components known as HSMs (Hardware Security Modules). HSMs are hardware-isolated devices that use advanced cryptography to store, manipulate, and work […]

Attacks & Breaches, Operations Security, Security

In a rare advisory, NSA urges users to patch BlueKeep flaw

June 5, 2019

Via: Tech Crunch

The National Security Agency has issued a rare advisory warning users to update their systems to protect against BlueKeep, a new security vulnerability with the capacity to rapidly spread between computers. The “critical”-rated bug affecting computers running Windows XP and […]

Attacks & Breaches, Operations Security, Security

Serial publisher of Windows 0-days drops exploits for 2 more unfixed flaws

May 23, 2019

Via: ArsTechnica

A serial publisher of Microsoft zeroday vulnerabilities has dropped exploit code for three more unpatched flaws, marking the seventh time the unknown person has done so in the past year. Technical details of the vulnerabilities, along with working proof-of-concept exploits, […]

Networking Security, Operations Security, Security

Nearly all 2020 presidential candidates aren’t using a basic email security feature

April 30, 2019

Via: Tech Crunch

Three years after Russian hackers targeted and breached the email accounts of Hillary Clinton’s presidential campaign, nearly all of the upcoming 2020 presidential candidates are still lagging in email security. New data out by Agari confirms just one presidential hopeful […]

Mobile Security, Mobility, Operations Security, Security, Software, Tech

Apple defends its takedown of some apps monitoring screen-time

April 29, 2019

Via: Tech Crunch

Apple is defending its removal of certain parental control apps from the app store in a new statement. The company has come under fire for its removal of certain apps that were pitched as tools giving parents more control over […]

Federal, Infrastructure, Operations Security, Policy, Security, Storage

Federal CISO floats potential for new supply chain regs

April 18, 2019

Via: FCW

The federal government’s top IT security chief floated the possibility of new regulations to shore up protections and transparency in the technology supply chain and canvassed industry for feedback. While speaking at a cybersecurity event in Virginia hosted by the […]

Operations Security, Security

Mysterious safety-tampering malware infects a second critical infrastructure site

April 10, 2019

Via: ArsTechnica

Sixteen months ago, researchers reported an unsettling escalation in hacks targeting power plants, gas refineries, and other types of critical infrastructure. Attackers who may have been working on behalf of a nation caused an operational outage at a critical-infrastructure site […]