From APES to Bespoke Security Automated as a Service
Many of the most innovative security start-ups I come across share a common heritage - their core product evolved from a need to automate the delivery of an advanced service that had begun as a boutique or specialized consulting...
Industrial Robotics – Are You Increasing Your Cybersecurity Risk?
There’s nothing fundamentally novel about the use of robots in industrial environments. For nearly half a century, they’ve been changing the way that we manufacture products and deal with risk in hazardous environments. From automotive assembly lines to mines,...
LeakedSource Operator Pleads Guilty in Canada
Canadian authorities announced last week that Defiant Tech Inc., the company that ran LeakedSource, pleaded guilty to trafficking identity information and possession of property obtained through crime.
read more
US Delays Huawei Ban for 90 Days
US officials Monday delayed a ban on American technology exports to Chinese tech giant Huawei until mid-August, saying the time was needed to allow for software updates and other contractual obligations.
read more
DHS Highlights Common Security Oversights by Office 365 Customers
As organizations migrate to Microsoft Office 365 and other cloud services, many fail to use proper configurations that ensure good security practices, the U.S. Department of Homeland Security's (DHS) Cybersecurity and Infrastructure Security Agency (CISA) warns.
read more
Siemplify Raises $30 Million in Series C Funding
Siemplify, a New York, NY-based provider of security orchestration, automation and response (SOAR) tools, today announced that it has secured $30 million in a Series C funding round led by Georgian Partners.
read more
Linux Kernel Privilege Escalation Vulnerability Found in RDS Over TCP
A memory corruption vulnerability recently found in Linux Kernel’s implementation of RDS over TCP could lead to privilege escalation.
Tracked as CVE-2019-11815 and featuring a CVSS base score of 8.1, the flaw impacts Linux kernels prior to 5.0.8, but only...
Faulty Database Script Exposed Salesforce Data to Wrong Users
Salesforce Shuts Down Instances After Database Script Erroneously Enabled All Permissions on User Profiles
read more
TeamViewer Confirms It Was Hacked in 2016
Remote control and support solutions provider TeamViewer has confirmed that hackers likely operating out of China breached its systems back in 2016, but the company decided not to disclose the incident at the time as it found no evidence...
How to Evaluate Threat Intelligence Vendors That Cover the Deep & Dark Web
Deep & dark web (DDW) communities have long been must-have data sources for threat intelligence programs, but only recently has the market caught up with this need.
read more
User Data Exposed in Stack Overflow Hack
Hackers had access to Stack Overflow systems for nearly one week before the attack was detected and some user data was exposed after all, the company has admitted.
read more
Hacktivist Attacks Declined 95 Percent Since 2015: IBM
The number of hacktivist attacks that resulted in quantifiable damage to the victim has declined by 95 percent since 2015, according to IBM.
read more
Slack Flaw Allows Hackers to Steal, Manipulate Downloads
A recently patched vulnerability in the Slack desktop application for Windows can be exploited by malicious actors to steal and manipulate a targeted user’s downloaded files.
read more
Tenable Updates Free Vulnerability Assessment Solution
Tenable this week announced Nessus Essentials, an expanded version of its free vulnerability assessment solution previously known as Nessus Home.
read more
Wormable Windows RDS Vulnerability Poses Serious Risk to ICS
A critical remote code execution vulnerability patched recently by Microsoft in Windows Remote Desktop Services (RDS) poses a serious risk to industrial environments, experts have warned.
read more
Stack Overflow Discloses Security Breach
Stack Overflow, the popular Q&A platform for programmers, revealed on Thursday that someone gained access to its production systems over the weekend.
read more
How to Securely Blend Your IoT Data with Business Data
Opportunities Created by the Integration of IoT Data With the Rest of Your Business Environment Are Vast
read more
Authorities Takedown GozNym Cybercrime Group That Stole an Estimated $100 Million
Authorities in the United States and Europe on Thursday announced the takedown of an organized cybercrime network that used the GozNym malware to steal an estimated $100 million from victims.
read more
Cisco Patches Critical Vulnerabilities in Prime Infrastructure (PI) Software
Cisco has released patches for numerous vulnerabilities affecting its products, including Critical flaws in the Cisco Prime Infrastructure (PI) Software that could allow remote code execution.
A total of three vulnerabilities were identified in the PI software, namely CVE-2019-1821, CVE-2019-1822, and...
HawkEye Attack Wave Sends Stolen Data to Another Keylogger Provider
A recent attack wave involving HawkEye malware sends data stolen from its victims to another keylogger provider’s website. On 21 May, My Online Security came across a new sample of HawkEye. The actual delivery mechanism itself wasn’t unique compared...
Washington Issues Temporary License to Huawei
Washington Issues Temporary License to Huawei The US government has issued a temporary license to Huawei and its affiliates, allowing American companies to supply the telecoms and handset giant until August.
Despite reports emerging over the weekend of various chipmakers...
GDPR: The Best Strategy For International Businesses
The EU’s General Data Protection Regulation (GDPR) was created with the aim of homogenising data privacy laws across the EU. GDPR also applies to organisations outside the EU, if they monitor EU data subjects, or offer goods and services...
How Cyber-Secure Are Business Travelers? New Report Says Not Very
I travel frequently for business — to industry conferences such as RSA Conference and Black Hat and meeting with clients. Whenever I travel, I bring my work laptop, my personal cellphone enabled with work email and calendar, and, of...
Haas F1 team leans on service providers as security force multipliers
If today’s cars are smartphones on wheels, then race cars are supercomputers with engines attached. As the fastest racing sport in the world, Formula One cars come laden with over 100 sensors measuring every aspect of a car’s internal...
