Top

Category: Operations Security


Federal, Infrastructure, Operations Security, Policy, Security, Storage

Federal CISO floats potential for new supply chain regs

April 18, 2019

Via: FCW

The federal government’s top IT security chief floated the possibility of new regulations to shore up protections and transparency in the technology supply chain and canvassed industry for feedback. While speaking at a cybersecurity event in Virginia hosted by the […]


Operations Security, Security

Mysterious safety-tampering malware infects a second critical infrastructure site

April 10, 2019

Via: ArsTechnica

Sixteen months ago, researchers reported an unsettling escalation in hacks targeting power plants, gas refineries, and other types of critical infrastructure. Attackers who may have been working on behalf of a nation caused an operational outage at a critical-infrastructure site […]


Operations Security, Security

The robocall crisis will never totally be fixed

April 8, 2019

Via: ArsTechnica

Years into the robocalling frenzy, your phone probably still rings off the hook with “important information about your account,” updates from the “Chinese embassy,” and every bogus sweepstakes offer imaginable. That’s despite promises from the telecom industry and the US […]


Operations Security, Security

Serious Apache server bug gives root to baddies in shared host environments

April 4, 2019

Via: ArsTechnica

The Apache HTTP Server, the Internet’s most widely used Web server, just fixed a serious vulnerability that makes it possible for untrusted users or software to gain unfettered control of the machine the software runs on. CVE-2019-0211, as the vulnerability […]


Operations Security, Security

DEA says AT&T still provides access to billions of phone records

March 28, 2019

Via: Tech Crunch

A program that allows drug agents to obtain a pool of billions of call records from AT&T is “still active,” according to a watchdog report. The report, published Thursday by the Justice Department inspector general, confirmed the program — named […]


Operations Security, Security

Homeland Security warns of critical flaws in Medtronic defibrillators

March 22, 2019

Via: Tech Crunch

Homeland Security has issued a warning for a set of critical-rated vulnerabilities in Medtronic defibrillators that put the devices at risk of manipulation. These small cardio-defibrillators are implanted in a patient’s chest to deliver small electrical shocks to prevent irregular […]


Operations Security, Security

Slack hands over control of encryption keys to regulated customers

March 18, 2019

Via: Tech Crunch

Slack announced today that it is launching Enterprise Key Management (EKM) for Slack, a new tool that enables customers to control their encryption keys in the enterprise version of the communications app. The keys are managed in the AWS KMS […]


Operations Security, Security

Nasty WinRAR bug is being actively exploited to install hard-to-detect malware

March 15, 2019

Via: ArsTechnica

Malicious hackers wasted no time exploiting a nasty code-execution vulnerability recently disclosed in WinRAR, a Windows file-compression program with 500 million users worldwide. The in-the-wild attacks install malware that, at the time this post was going live, was undetected by […]


Operations Security, Security

Nasty code-execution bug in WinRAR threatened millions of users for 14 years

February 20, 2019

Via: ArsTechnica

WinRAR, a Windows file compression program with 500 million users worldwide, recently fixed a 14-year-old vulnerability that made it possible for attackers to execute malicious code when targets opened a booby-trapped file. The vulnerability was the result of an absolute […]


Networking Security, Operations Security, Security

Using AI to secure the global supply chain

February 8, 2019

Via: ZDnet

According to leading supply chain analyst Louis Columbus, the biggest challenge facing the high tech industry in 2019 will be securing their supply chains. The challenge is that, as supply chains grow more complex, manufacturers may not be able to […]