Cybersecurity & Espionage Articles
Original Post at CSOOnline.com
The cybersecurity futurist gave a sobering look at what is likely to come in a world where change and growing interdependence is happening faster than anyone's ability to manage it
0 Comments
Original Post at HelpNetSecurity.com
Nearly 2,000 breaches were analyzed in this year's Verizon 2017 Data Breach Investigations Report [link] and more than 300 were espionage-related. Verizon's report highlights that businesses must rethink their protection strategies to guard against cyber-attacks. The fact that 88% of breaches identified in the report fall into patterns first identified in 2014 is an illustration of the need for businesses to identify and properly secure their critical data and assets against attack. The continued success of tried and tested methods deployed by hackers is indicative of senior leaders lacking the knowledge to approach the issue, and instead relying on quick fixes. The truth is, the patchwork of security solutions that are deployed in many organizations are too often ineffective in securing the data at the heart of business today. This also reflects on the security industry more broadly. Client organizations should be educated on the structure of their data assets, and how to manage their security holistically. The correct technology and process, coupled with effective alerting, alarming and active hunting for threats will set organizations on the right path to avoiding disasters. It's high time a structured approach to cybersecurity is deployed across the industry to reduce the damage caused by hackers. Most importantly for business leaders, as well as promising better protection this more focused and integrated approach always results in better economics overall. Original article at CyberScoop.com
The takeaway from the 10th annual Verizon Data Breach Investigations Report is depressingly familiar: Of the 1,935 breaches analyzed, 88 percent were accomplished using a familiar list of nine attack vectors, meaning they could probably have been prevented by a few simple cyber-hygiene measures. Original Post at ZDNet.com
A thread on Reddit on Friday pointed out that Wells Fargo, the third largest bank in the US, doesn't require its customers to enter a case-sensitive password. Other users confirmed the issue, whereas other banking customers began checking their own accounts and noted that Wells Fargo isn't the only banking giant to follow such a policy. Original Post at PopularMechanics.com
A Russian TV news report covered by a UK news tabloid is a classic study in fake news reporting. The Sun article is a hot mess, claiming that Russia can "wipe out" the entire U.S. Navy with a single "electronic bomb." That is not anywhere close to being true. Here's what is. Original Post at McClatchy DC
Forget about spies. It’s rogue insiders that cause heartburn at U.S. intelligence agencies these days. Few spy cases have broken in the past decade and a half. In contrast, a proliferation of U.S. intelligence and military insiders have gone rogue and spilled secrets to journalists or WikiLeaks, the anti-secrecy group. The leaks are as damaging as any major spy case, perhaps more so. And they have underscored the ease of stealing secrets in the modern age, sometimes with a single stroke of a keyboard. Since early March, WikiLeaks has published part of a trove of documents purportedly created by cyber units of the Central Intelligence Agency. WikiLeaks continues to upload the documents and hacking tools, dubbed Vault 7, to the internet for all to see. Original Post at Softpedia.com
Anonymous Indian hackers are taking revenge on Snapchat's CEO and claim to have leaked a database containing the credentials of 1.7 million users. The hackers are particularly upset after Evan Spiegel, Snapchat CEO, reportedly made a rather nasty remark regarding expansion plans. According to claims that emerged last week as an ex-employee filed a lawsuit against the company, Spiegel shut down suggestions to expand to certain international markets, saying Snapchat is for "rich people" and didn't want to expand into poor countries like India or Spain. Original Post at CNS News
Candace Marie Claiborne, 60, a long-time employee of the U.S. State Department -- starting in 1999 under the Clinton administration -- was arrested and charged with obstrucing an official proceeding and making false statements about her alleged contacts with agents of Communist China, the Department of Justice (DOJ) announced. Claiborne started at the State Department as an Office Management Specialist and she held a "Top Secret" clearance. Claiborne served in the Clinton, Bush, and Obama administrations, and in the first two months of the Trump administration. Over the years she held posts at embassies and consulates in Baghdad, Iraq, Khartoum, Sudan, and Beijing and Shanghai, China. She was arrested on March 28, 2017. She can speak Arabic, Chinese and Spanish. Original Post at New York Post
Hackers are able to steal PINs and passwords just from the way a mobile phone tilts while being held, new research suggests. Cyber-security experts at Newcastle University have revealed the ease with which malicious websites and apps can spy on us using the motion sensors in our smartphones and tablets. Original Post at BBC
Residents of the Chinese capital can earn up to 500,000 yuan (£58,000; $72,000) by submitting tip-offs. City officials said the public should help "to slowly construct an iron Great Wall in combating evil and guarding against spies". Authorities launched an awareness campaign last year, including warnings against being seduced by foreign spies. The new regulation was announced by the security branch of the Beijing municipal government. It said that residents could file tip-offs through the hotline launched last year in person or by post. The cash rewards range from 10,000 to 500,000 yuan, depending on how useful the tip-offs are in "preventing or stopping espionage behaviour, or cracking espionage cases", according to several state media outlets including Beijing Daily. Original Post at BitCoinWarrior.net
The emergency patch addresses a vulnerability that would allow an attacker within range of an at-risk device to exploit a flaw in the operating system that would allow for arbitrary code execution that could attack the Wi-Fi chip in the device. Original Post at Chicago Tribune
A federal judge told Uber that he could bar a top executive from working on its self-driving vehicle program if the company does not more fully investigate accusations that its employees stole intellectual property from Waymo, which was formerly a part of Google. The ongoing lawsuit embroils two of Silicon Valley's leading developers of self-driving technology, which experts predict will fundamentally transform transportation in the decades to come. Waymo contends that three former employees took thousands of documents containing trade secrets, then used the information to build self-driving technology now used at Uber, legal documents show. Original Post at CSO Online
Companies that choose to outsource their IT operations should be careful. Suspected Chinese hackers have been hitting businesses by breaching their third-party IT service providers. Major IT suppliers that specialize in cloud storage, help desk, and application management have become a top target for the hacking group known as APT10, security providers BAE Systems and PwC said in a joint report. That's because these suppliers often have direct access to their client's networks. APT10 has been found stealing intellectual property as part of a global cyberespionage campaign that ramped up last year, PwC said on Monday. The joint report doesn't identify which IT service providers were hit or how many were found breached. But the providers included several suppliers in enterprise services and cloud hosting. Original Post at Defense One
When President Trump meets this week with his Chinese counterpart, President Xi Jinping, he’ll be engaging with a leader who commands an increasingly disciplined and persistent information-warfare force. In December 2015, the Chinese military stood up a Strategic Support Force as part of a larger series of reforms. Essentially a Chinese version of U.S. Cyber Command, the new force focuses on war in the electromagnetic spectrum, space, and cyberspace. “All these are the new fields that determine whether the PLA can win in the future battlefield,” Chinese officials told state media. The new force’s key focus is building capabilities to disrupt U.S. military operations, according to Martin Libicki, who leads cybersecurity studies at the U.S.Naval Academy. In January China announced that the country will develop the world’s first exascale super computer by the end of the year. The move follows years of steady and incremental improvements in information operations, Vice Adm. Tim White, commander of the U.S.Cyber National Mission Force, said Tuesday at the Navy League’s Sea-Air-Space conference. “They are building what I would call campaigns. They are being very thoughtful about it and being purposeful in their approach and there is some design that they are organizing themselves,” he said of adversarial nations such as China but also Russia. “It’s not just a single mission, point of time, or place. It’s interwoven together to achieve a national purpose.” Original Post at Softpedia
The Russian government wants to hold social networks liable for the piracy their users commit. More specifically, the Ministry of Culture wants social networks to no longer be seen as "information intermediaries" so they can be held accountable when users post content that infringes on copyright. Original Post at Associated Press
The injections have become so popular that workers at Epicenter hold parties for those willing to get implanted. |
Cyber-CyI find interesting articles on the web that are simple, down-to-earth, easy to understand, and (hopefully) informative for non-technical readers. Archives
November 2022
Categories |