Wednesday, December 19, 2018

Vote for Blockchain [Voting]

While the internet has been around for nearly two decades, our society has failed to devise a reliable, fraud-proof way to implement a digital voting system. As it stands, our current election process is not particularly conducive to the...

Cybersecurity in 2019: From IoT & Struts to Gray Hats & Honeypots

While you prepare your defenses against the next big thing, also pay attention to the longstanding threats that the industry still hasn't put to rest.
TechRepublic

Why CXOs are leading the charge for AI-based security

While 73% of organizations already use some level of artificial intelligence, the technology comes with its own challenges, according to a ProtectWise report.
SecurityWeek

Servers Can Be Bricked Remotely via BMC Attack

Hackers could remotely brick servers by launching firmware attacks that involve the Baseboard Management Controller (BMC), researchers at firmware security company Eclypsium have demonstrated. read more

Threatpost Poll: Do You Hate Facebook?

Weigh in on Facebook and privacy in our short poll.
TechRepublic

How BMC and UEFI can be exploited to brick servers and take down your data center

Out-of-band management systems can be a weak link to securing your data center. Here's how a debug utility can be leveraged to brick your systems.

Security executives on the move and in the news

The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring a chief security officer (CSO) or chief information security officer (CISO) for...
We Live Security

NASA fears hackers may have stolen employee data

A probe launched immediately after the discovery of the suspected incident has yet to establish the scale of the potential damage The post NASA fears hackers may have stolen employee data appeared first on WeLiveSecurity

Serious Security: When cryptographic certificates attack

Machine learning is all the rage - but don't knock human savvy just yet! One weird character can be enough to alert a smart researcher...
TechRepublic

Malware targeting IoT devices grew 72% in Q3 alone

Total malware samples grew 34% over the past year, with major rises in coinmining and fileless attacks, according to a McAfee Labs report.

What the US Can Learn from Israel and China’s Collaboration

Opinion: What we can learn from Israel's surprising technological ties with with China.
ZDNet

This business email scam spreads Trojans through Google Cloud storage

Financial firms and services are being actively targeted in the UK and US.

Facebook waited months before admitting privacy bug exposed millions of users’ unposted photos

At the end of last week Facebook revealed that an API bug had given developers of third-party apps access to the photos of millions of users. But Facebook didn’t find out about the problem last week. It found out...

Facebook Fights Back on Secret Data-Sharing Partnerships

Facebook is under fire again after a bombshell report claims it has broad data-sharing arrangements with Amazon, Apple, Netflix and others.
ZDNet

Hackers have earned $1.7 million so far from trading data stolen from US gov payment portals

User payment data was stolen from local Click2Gov government systems in US cities.

The CSO guide to top security conferences, 2019

There is nothing like attending a face-to-face event for career networking and knowledge gathering, and we don’t have to tell you how helpful it can be to get a hands-on demo of a new tool or to have your...
SC Magazine

2019 Cybersecurity Predictions: Artificial Intelligence

WatchGuard Threat Lab research team AI-driven chatbots go rogue In 2019, cyber criminals and black hat hackers will create malicious chatbots on legitimate sites to socially engineer unknowing victims into clicking malicious links, downloading files containing malware, or sharing private...
IBM Security

Cloud Security With a Chance of Data Breaches

With the current data explosion and rise of artificial intelligence (AI), machine learning and deep learning, organizations must make sense of the vast amounts of data they collect to better themselves and gain an edge over the competition. Processing...
SC Magazine

Cryptojacking: Defending against the latest pernicious cyberthreat

By David Cramer, President of Digital Service Operations (DSO) at BMC Mining for digital currency can be a profitable business, but it requires a lot of computing power. That’s why criminal hackers have been breaking into corporate networks and hijacking...
SecurityWeek

Artificial Intelligence in Cybersecurity is Not Delivering on its Promise

The Cybersecurity Industry Doesn't Have Artificial Intelligence Right Yet, But it is Promising Technology read more
F5 Networks

Oracle Java SE vulnerability CVE-2018-2795

Oracle Java SE vulnerability CVE-2018-2795. Security Advisory. Security Advisory Description. Vulnerability in the Java ...
F5 Networks

Oracle Java SE vulnerability CVE-2018-2815

Oracle Java SE vulnerability CVE-2018-2815. Security Advisory. Security Advisory Description. Vulnerability in the Java ...
F5 Networks

MQTT vulnerability CVE-2018-15323

MQTT vulnerability CVE-2018-15323. Security Advisory. Security Advisory Description. In certain circumstances, when processing ...
F5 Networks

Oracle Java SE vulnerability CVE-2018-2783

Oracle Java SE vulnerability CVE-2018-2783. Security Advisory. Security Advisory Description. Vulnerability in the Java ...

AR18-352A: Quasar Open-Source Remote Administration Tool

Original release date: December 18, 2018Summary Quasar, a legitimate open-source remote administration tool (RAT), has been observed being used maliciously by Advanced Persistent Threat (APT) actors to facilitate network exploitation.This Analysis Report provides information on Quasar’s...