Report: Iranian APT Actors Regroup After Main Security Forum Shuts Down
Iranian state-sponsored hackers are regrouping after the shutdown last year of their main security forum, migrating to other forums and making new connections for potential cyber-response against mounting political pressures from the United States and Europe, according to a...
Podcast Episode 129: Repair Eye on the CES Guy and Sensor Insecurity
In this week’s podcast: For all the great new gadgets unveiled in Las Vegas, how many can be repaired? Kyle Wiens of iFixit joins us to report from the CES show. Also: more and more our physical surroundings are populated...
That Other Moscow: Sketchy LinkedIn Job Posts Mix US, Russian Locales
Bogus LinkedIn job postings for leading US organizations, including the US Army, the State of Florida and defense contractor General Dynamics, are popping up for Russian locales like St. Petersburg and Moscow, the firm Evolver has found. Is it...
Podcast Episode 128: CES is cool but is it secure?
In this episode of The Security Ledger podcast (#128): you're going to hear a lot from the annual Consumer Electronics Show (CES) out in Las Vegas this week, but are any of the new gadgets being released secure? And...
Podcast Episode 128: Do Security and Privacy have a Booth at CES?
In this episode of The Security Ledger podcast (#128): you're going to hear a lot from the annual Consumer Electronics Show (CES) out in Las Vegas this week, but are any of the new gadgets being released secure? And...
More Questions as Expert Recreates Chinese Super Micro Hardware Hack
Though the companies named in a blockbuster Bloomberg story have denied that China hacked into Supermicro hardware that shipped to Amazon, Apple and nearly 30 other firms, a recent demonstration at hacking conference in Germany proves the plausibility of...
Sensor-y Overload: Cyber Risk and the Merrimack Valley Gas Explosions
Let's be clear: the natural gas explosions that rocked the Merrimack Valley north of Boston in September weren't the result of a cyber attack. Unfortunately: well known vulnerabilities affecting the security of remote sensors and industrial control system software...
Abine says Blur Password Manager User Information Exposed
Customers who use the Blur secure password manager by Abine may have had sensitive information leaked, according to a statement by Abine, the company that makes the product.
The post Abine says Blur Password Manager User Information Exposed appeared first...
Podcast Episode 127: Donnie, Talk to China and Other Lessons from 2018
In this week’s podcast: as 2018 winds down, we invited David Aitel, the Chief Security Technical Officer at Cyxtera Technologies, to talk about the biggest stories of the year, including the supply chain attack on Super Micro, China's continued...
Die Hard is a Movie About Building Automation Insecurity. Discuss.
In this episode of the Security Ledger Podcast (#126): Die Hard has finally been embraced as the bloody, violent, feel-good Christmas movie its always been. But the film, which turns 30 this year, is about more than the power...
‘Alexa, Protect My Data’: Amazon Sends Private Voice Files to Unauthorized Customer
Amazon accidentally sent 1,700 private voice files to an unauthorized customer in Germany in response to a request for personal data. The data allowed a German magazine to identify and track down the person whose voice was recorded on...
Facebook: We Didn’t Give Anyone Data Without User Permission
Facebook's terrible, horrible, no good, very bad year continued, with the social media company on the defense yet again over partnerships that granted high-tech companies extensive access to user data.
The post Facebook: We Didn’t Give Anyone Data Without User...
Spotlight: as Attacks Mount, how to secure the Industrial Internet
In this spotlight edition* of The Security Ledger Podcast, Steve Hanna of Infineon joins us to talk about the growing risk of cyber attacks on industrial systems and critical infrastructure. "Industry 4.0" is poised to transform the global economy,...
Podcast Episode 125: Long After The Election Kremlin’s Computational Propaganda Campaign Rolls On
Priscilla Moriuchi of Recorded Future joins us once again in the Security Ledger studios to talk about the findings of two major reports released this week on Russia's online campaigns and how disinformation operations by foreign governments may be...
Destructive Shamoon Malware Attacks Italian Oil Services Firm
The data-wiping Shamoon malware resurfaced this week at Italian oil and gas contractor Saipem, where it destroyed files on about 10 percent of company PCs, according to a published report. The attacks may be linked to Saipem's work with...
Websites can steal browser data via extensions APIs
Researcher finds nearly 200 Chrome, Firefox, and Opera extensions vulnerable to attacks from malicious sites.
6 Reasons We Need to Boost Cybersecurity Focus in 2019
Paying attention to cybersecurity is more important than ever in 2019. But, some companies are still unwilling to devote the necessary resources to securing their infrastructures against cyberattacks, and naive individuals think they’re immune to the tactics of cybercriminals,...
Fortnite Vulnerabilities Allow Hackers To Take Over Gamers’ Accounts, Data And In-Game Currency
Cybersecurity researchers today shared details of vulnerabilities that could have affected any player of the hugely popular online battle game, Fortnite. If exploited, the vulnerability would have given an attacker full access to a user’s account and their personal information as well...
DNC Accuses Russia, ACLU Sues ICE, and More Security News This Week
Trump dominated security headlines this week, but there's plenty of other news to catch up on.
Bulgaria Extradites Russian Hacker to US: Embassy
Bulgaria has extradited a Russian indicted by a US court for mounting a complex hacking scheme to the United States, the Russian embassy in Washington said Saturday.
read more
