13 Oct 2022

IP Cameras, VoIP and Video Conferencing Revealed as Riskiest IoT Devices

According to new research discovered by Forescout’s cybersecurity research branch Vedere Labs, IoT devices such as conferencing systems and IP cameras are among the five riskiest IoT devices connected to networks. The security company has identified themes in its recent research that highlight the growing attack surface these devices are

Read More
04 Oct 2022

Stampede at Indonesian Soccer Game Leaves at Least 125 Dead

Last week, a stampede at a soccer game in Indonesia left at least 125 people dead. Spectators stormed the pitch and security forces attempted to break up the crowds with tear gas and other methods of dispersion. The disaster is one of the deadliest in soccer history and occurred last

Read More
15 Sep 2022

Vulnerabilities Found in Airplane WiFi Devices, Passengers’ Data Exposed

Two critical vulnerabilities have been detected in wireless devices LAN devices produced by Contec. The devices are used in planes to provide internet connectivity to passengers while in-flight. The flaws were discovered by a pair of researchers at Necrum Security Labs. The security researchers found that a hidden page not

Read More
05 May 2022

Is Your Insider Threat Risk Management Program Ripe for Innovation? Part 2

In Part I of this series, we took a look at the Transportation Security Administration (TSA) Insider Threat Roadmap 2020 and advanced analytics.  Following are two more initiatives that are thinking differently about insider threat program implementation through innovative architectures, collective intelligence, advanced analytics, and the use of publicly available information (PAI).  Community-based and partner collaborations up and down the supply chain are also a hallmark of these efforts, as there is a growing acknowledgment that internal-facing and traditionally siloed insider threat efforts are part of the problem. In Part II, we examine the approaches taken and the resources available at the Carnegie Mellon University Software Engineering Institute (SEI) and the MITRE Center for Threat-Informed Defense (CTID).  

Read More
28 Apr 2022

Is Your Insider Threat Risk Management Program Ripe for Innovation? Part 1

The reality is 34% of all breaches in 2018 were caused by insiders, yet less than 20% of U.S. organizations possess effective security programs to combat it. The results range from information leakage and national security breaches to workplace violence and even reputational damage. Insiders’ unintentional actions can be equally damaging. How can a serious internal commitment to the design process, driven by innovation, give this often ignored sub-sector of risk management the priority it requires within your organization? Following are a few initiatives that are thinking differently about insider threat program implementation through innovative architectures, collective intelligence, advanced analytics, and the use of publicly available information (PAI).  Community-based and partner collaborations up and down the supply chain are also a hallmark of these innovative efforts.

Read More
30 Nov 2021

Data Breach at Panasonic

The Panasonic Corporation has confirmed that it suffered from a security incident in which an unknown amount of data was accessed by an unauthorized third party and therefore compromised. The Japanese multinational conglomerate announced last Friday that a third party had gained access to its network on November 11. The

Read More
11 Mar 2020

Microsoft March 2020 Patch Tuesday Fixes 115 Vulnerabilities

Today Microsoft released its monthly Patch Tuesday security update, publishing fixes for 115 vulnerabilities in Microsoft products. Of the 115, 24 of the vulnerabilities are classified as Critical while 88 are classified as Important. Experts advise users to install these security updates as soon as possible to mitigate possible security

Read More
24 Feb 2020

PayPal ‘Critical’ Login Hack: New Report Warns You Are Now At Risk From Thieves

Over the past few weeks, PayPal has been hit with several cybersecurity incidents, including an authentication hack earlier this month in which an attacker could access an account once credentials had been phished, effectively bypassing the online payment giant’s authentication. Now, a new security report claims that PayPal’s entire authentication

Read More
14 Feb 2020

Voting App Flaws Could Have Let Hackers Manipulate Results

Two US states, West Virginia and Oregon have recently begun using a mobile voting app called Voatz to facilitate and simplify absentee voting. However, researchers have recently discovered major security flaws in the app. Experts and the Massachusetts Institute of Technology found a vulnerability that could allow hackers to manipulate

Read More
04 Feb 2020

Missile Engineer Arrested After Taking Secret Info to China

The FBI announced that they have arrested a US defense contractor employee who worked at Raytheon for taking classified information with him on an undisclosed trip to China. China-born Arizona resident Wei Sun worked for Raytheon for over 10 years as an electrical engineer, working on Raytheon’s missile systems program.

Read More