According to new research discovered by Forescout’s cybersecurity research branch Vedere Labs, IoT devices such as conferencing systems and IP cameras are among the five riskiest IoT devices connected to networks. The security company has identified themes in its recent research that highlight the growing attack surface these devices are
Last week, a stampede at a soccer game in Indonesia left at least 125 people dead. Spectators stormed the pitch and security forces attempted to break up the crowds with tear gas and other methods of dispersion. The disaster is one of the deadliest in soccer history and occurred last
Two critical vulnerabilities have been detected in wireless devices LAN devices produced by Contec. The devices are used in planes to provide internet connectivity to passengers while in-flight. The flaws were discovered by a pair of researchers at Necrum Security Labs. The security researchers found that a hidden page not
In Part I of this series, we took a look at the Transportation Security Administration (TSA) Insider Threat Roadmap 2020 and advanced analytics. Following are two more initiatives that are thinking differently about insider threat program implementation through innovative architectures, collective intelligence, advanced analytics, and the use of publicly available information (PAI). Community-based and partner collaborations up and down the supply chain are also a hallmark of these efforts, as there is a growing acknowledgment that internal-facing and traditionally siloed insider threat efforts are part of the problem. In Part II, we examine the approaches taken and the resources available at the Carnegie Mellon University Software Engineering Institute (SEI) and the MITRE Center for Threat-Informed Defense (CTID).
The reality is 34% of all breaches in 2018 were caused by insiders, yet less than 20% of U.S. organizations possess effective security programs to combat it. The results range from information leakage and national security breaches to workplace violence and even reputational damage. Insiders’ unintentional actions can be equally damaging. How can a serious internal commitment to the design process, driven by innovation, give this often ignored sub-sector of risk management the priority it requires within your organization? Following are a few initiatives that are thinking differently about insider threat program implementation through innovative architectures, collective intelligence, advanced analytics, and the use of publicly available information (PAI). Community-based and partner collaborations up and down the supply chain are also a hallmark of these innovative efforts.
The Panasonic Corporation has confirmed that it suffered from a security incident in which an unknown amount of data was accessed by an unauthorized third party and therefore compromised. The Japanese multinational conglomerate announced last Friday that a third party had gained access to its network on November 11. The
Today Microsoft released its monthly Patch Tuesday security update, publishing fixes for 115 vulnerabilities in Microsoft products. Of the 115, 24 of the vulnerabilities are classified as Critical while 88 are classified as Important. Experts advise users to install these security updates as soon as possible to mitigate possible security
Over the past few weeks, PayPal has been hit with several cybersecurity incidents, including an authentication hack earlier this month in which an attacker could access an account once credentials had been phished, effectively bypassing the online payment giant’s authentication. Now, a new security report claims that PayPal’s entire authentication
Two US states, West Virginia and Oregon have recently begun using a mobile voting app called Voatz to facilitate and simplify absentee voting. However, researchers have recently discovered major security flaws in the app. Experts and the Massachusetts Institute of Technology found a vulnerability that could allow hackers to manipulate
The FBI announced that they have arrested a US defense contractor employee who worked at Raytheon for taking classified information with him on an undisclosed trip to China. China-born Arizona resident Wei Sun worked for Raytheon for over 10 years as an electrical engineer, working on Raytheon’s missile systems program.