The Cybersecurity and Infrastructure Security Agency (CISA) has warned of insecure CAN bus network implementations affecting aircraft. On 30 July, CISA explained that attackers could target aircraft by exploiting insecure implementations of their CAN bus networks, tools which allow separate devices...

Are you going to Black Hat USA 2019? If you are, you’re no doubt counting down the days until 3-8 August when you can join the thousands upon thousands of security professionals at the Mandalay Bay Resort and Casino in Las Vegas, Nevada. But if you’ve been to any of its other 21 iterations, you probably know that this conference can be a bit...

Gadsden Independent School District (GISD) announced that it was working to recover from a malware infection on its network. Travis L. Dempsey, superintendent of the Sunland Park school district, posted a notice about the attack on GISD's website. Our Technology Department has been working to address...

The FBI has arrested a 33-year-old software engineer in Seattle as part of an investigation into a massive data breach at financial services company Capital One. Paige A. Thompson, also known by the online handle "erratic," has been charged with one count of computer fraud and abuse, after an investigation uncovered that a hacker had broken into...

It’s that time of year again where Black Hat and DEF CON are fast approaching and everyone interested in security will descend upon Las Vegas. While Craig Young will be there with his sold out Introduction to IoT Pentesting with Linux, I will be keeping my 2008 promise to myself and avoiding Vegas like the plague. I am, however, happy to announce...

Sephora has revealed that a data breach might have exposed the personal information of customers based in Southeast Asia, Australia and New Zealand. On 29 July, the multinational chain of personal care and beauty stores sent out a notice announcing that a digital security incident had potentially infected the personal information of customers based...

On 16 July 2019, UK’s National Cyber Security Centre (NCSC) released the second annual report of the Active Cyber Defence (ACD) program. The report seeks to show the effects that the program has on the security of the UK public sector and the wider UK cyber ecosystem.The Active Cyber Defence ProgramNCSC was set up in 2016 to be the single...

As a vendor, Tripwire gets asked a lot of questions from customers and potential clients about how developments in the wider world might affect digital security. One of those forces that’s on everyone’s mind is Brexit. Representatives from some of our potential customers as well as our existing clients are asking us what to focus on and what to do....

A company responsible for providing electricity to the South African city of Johannesburg disclosed that it fell victim to a ransomware attack. On 25 July, City Power disclosed on Twitter how the attack had affected all of its databases and applications as well as its network. https://twitter.com/CityPowerJhb/status/1154277777950093313 In subsequent...

As we noted in August 2018, industrial control system (ICS) security has become more complicated since the introduction of the web. Organizations are now bringing together the logical and physical resources of both information technology (IT) and operational technology (OT). This creates various ICS security challenges, including how each team must...

The subject of the cyber security talent shortage has been over-reported to the extent that no one wants to talk about it anymore. Even more than that, the only solution that really ever gets mentioned is developing more university cyber programs. But that solution is dead wrong—or at least it misses the crux of the issue completely. Before I go any...

Lancaster University has revealed that a successful phishing attack resulted in a data breach involving the data of its students and applicants. On 22 July, the public research university announced on Twitter that it had suffered a "sophisticated and malicious phishing attack." This tweet linked to a security update published on the school's website...

Cybersecurity is finally reaching the shop floor in earnest thanks to new technology that works with—not against—the legacy equipment that runs most industrial control systems (ICS). That being said, industrial companies and organizations in sectors like manufacturing, energy, utilities, transportation and water treatment can be slow to adapt to the...

Researchers detected three apps that leverage clever tactics to hide on Android devices so that they can display adware to users. The three adware distributors (com.colors.drawing.coloring, hd4k.wallpapers.backgrounds, and launcher.call.recorder) each had more than 10,000 downloads when Bitdefender Labs first came across them. Its researchers think...

Wouldn’t it be an easier life if we didn’t have to worry about the exploitation of vulnerabilities in solutions and software on which we have spent good time and resources? A world where correctly configured systems configured were left alone to perform their functions until they became redundant and/or needed replacing? It is a beautiful dream....

There’s a lot of conversation regarding FaceApp right now. I have friends talking about it on Facebook, politicians are tweeting about it, CNN and Forbes have reported on it, and my favorite YouTuber Philip DeFranco covered it. People around the world are torn on the privacy implications of this application, yet the person who started this dumpster...

Two years after the WannaCry ransomware outbreak shone a light on the computer security of the UK's National Health Service, and five years after Microsoft said it would no longer release patches for Windows XP, the NHS still has 2,300 PCs running the outdated operating system. The worrying statistic came to light in the response to a parliamentary...

A multi-cloud network is a cloud network that consists of more than one cloud services provider. A straightforward type of multi-cloud network involves multiple infrastructure as a service (IaaS) vendors. Can you use AWS and Azure together? For example, you could have some of your cloud network’s servers and physical network provided by Amazon Web...

Security professionals have many tools in their toolbox. Some are physical in nature. (WireShark, Mimikatz, endpoint detection and response systems and SIEMs come to mind.) Others not so much. (These assets include critical thinking faculties, the ability to analyze complex processes, a willingness—some call it a need—to dig in and find the root cause...

A crypto-ransomware attack has disrupted some services at all library locations across Onondaga County in New York State. On 16 July, the Onondaga County Public Library system published a tweet in which it explained that many of its public services were unavailable. https://twitter.com/OCPL_CNY/status/1151123985616244736?ref_src=twsrc%5Etfw WSYR-TV...