13 Aug 2019

Hackers Can Turn Everyday Speakers Into Acoustic Cyberweapons

New research by PWC UK shows that the capability of many commercial speakers to emit frequencies outside the range of human hearing can enable hackers to turn these devices into acoustic weapons that produce inaudible sound or audible noise at high intensity. The study found that it is relatively simple

Read More
17 Jul 2019

Photo Shared via iPhone Leads to JetBlue Evacuation

A recent incident affecting passengers on a JetBlue flight demonstrates how security issues affecting Bluetooth could be abused by threat actors to target people with alarming or obscene messages. On Tuesday an unidentified passenger on a JetBlue flight heading to Tampa, Florida, used the iPhone’s AirDrop feature to send an

Read More
15 Jul 2019

Hacked Hair Straighteners Can Threaten Homes

New research by Pen Test Partners underscores how customers can be put at risk by manufacturers that add “smart” functionality to tools without properly reviewing the security implications. Researchers discovered that the Glamoriser hair straightener, the first hair straightener that supports Bluetooth, can easily be hacked. Moreover, by remotely controlling

Read More
14 Jun 2019

Hospital medical equipment contains potentially lethal vulnerability

Security researchers at CyberMDX have uncovered a highly dangerous vulnerability in the Alaris Gateway Workstation produced by BD. The vulnerable device is used in hospitals to “provide mounting, power, and communication support to infusion pumps,” which are used for “a wide range of therapies including fluid therapy, blood transfusions, chemotherapy,

Read More
13 Jun 2019

Personal security and national security concerns are back on the rise

A new report by Unisys sheds light on the personal, Internet, financial and national security concerns of Americans. The research shows that people are most concerned about their online security and financial security. However, concern in these areas stayed the same compared to last year’s report, while worries about national

Read More
07 May 2019

Physical threats rank alongside cybersecurity for many US businesses

A new study by Securitas indicates that for many organizations, physical threats are at least as important as cyber threats. It also confirms that insider threats are a massive problem, with 75% of the biggest security threats referring to activity that likely involves people within the targeted organization. The five

Read More
06 May 2019

In a first, Israel responds to Hamas hackers with an air-strike

In the midst of escalating violence between Israel and militants in Gaza over the weekend, Israel became the first country to use kinetic force to respond to a cyberattack in real-time. The Israel Defense Forces (IDF) claimed that Hamas hackers launched a cyberattack against its systems on Saturday. After thwarting

Read More
02 May 2019

Only six TSA staffers are overseeing US oil&gas pipeline security

A recent security audit[pdf] of the Transportation Security Administration (TSA) by the US Government Accountability Office (GAO) has exposed serious shortcomings in the TSA’s efforts to protect the US pipeline system for oil and gas. The report shows that both the physical security and cybersecurity of this critical system, which

Read More
04 Apr 2019

Mar-a-Lago’s Security Problems Go Way Beyond a Thumb Drive

According to various security experts, the recent incident in which a Chinese woman carrying a thumb drive containing malware was arrested at Mar-a-Lago, exposes a variety of security issues affecting Donald Trump’s private resort, where he has spent about 100 days since he was sworn in as president in 2017.

Read More
15 Jan 2019

Unpatched Flaws in Building Access System Allow Hackers to Create Fake Badges

New research by Tenable has found serious vulnerabilities affecting PremiSys, a building access control system by US firm IDenticard that is used by tens of thousands of government agencies, schools, hospitals and companies around the world. The various vulnerabilities include the presence of a hard-coded backdoor account that can allow attackers to create fake

Read More