Tuesday, May 21, 2019
The Security Ledger

Researchers Hack Aircraft Landing System with $600 Radios

Airplane radio navigation systems are vulnerable to manipulation using software defined radio, researchers have shown. The post Researchers Hack Aircraft Landing System with $600 Radios appeared first on The Security Ledger.Related StoriesReport: Bad Bots sent One in Five Web...
The Security Ledger

Spotlight Podcast: Managing the Digital in your Digital Transformation

Companies are pursuing digital transformation at all costs. But do they really understand the risks lurking in their digital transformation strategies? In this Spotlight Podcast, sponsored by RSA,* we're joined by RSA Portfolio Strategist Steve Schlarman for a discussion...
The Security Ledger

Spotlight Podcast: Managing the Digital Risk in your Digital Transformation

Companies are pursuing digital transformation at all costs. But do they really understand the risks lurking in their digital transformation strategies? In this Spotlight Podcast, sponsored by RSA,* we're joined by RSA Portfolio Strategist Steve Schlarman for a discussion...
The Security Ledger

Israeli Group Exploited WhatsApp to Spy on Users

An Israeli firm has exploited a flaw in the popular messaging mobile app WhatsApp to plant spyware on iPhones and Android. One phone call is all it takes for software developed by the Israeli firm NSO Group to install...
The Security Ledger

Chinese APT Group, Used Stolen NSA Hacking Tools Before Shadow Brokers

A group with links to the government of China was using hacking tools developed by the NSA even before they are believed to have been stolen, a new report contends. The post Chinese APT Group, Used Stolen NSA Hacking Tools...
The Security Ledger

Episode 145: Veracode CTO Chris Wysopal and Life After Passwords with Plurilock

In this week’s episode, #145 Veracode CTO Chris Wysopal joins us to talk about the early days of the information security industry with L0pht and securing software supply chains. Also: we continue our series on life after the password...
The Security Ledger

Report: Companies Still Grappling with IoT Security

Data breaches relating to unsecured Internet of Things devices have jumped by more than 10 percent since 2017, suggesting security efforts aren't keeping pace with the growth of the Internet of Things, a new study finds. The post Report:...
The Security Ledger

New IoT Security Regulations on Tap in U.S., U.K.

Lawmakers in the U.S. and U.K. are readying new laws that will crack down on insecure Internet of Things devices in both the public and private sectors. The post New IoT Security Regulations on Tap in U.S., U.K. appeared...
The Security Ledger

Episode 144: Infosec Supporting Right to Repair with Joe Grand and Kyle Wiens

In this week's podcast, Joe Grand of Grand Idea Studio and Kyle Wiens of iFixit join me to talk about the launch of securepairs.org and fighting cybersecurity FUD in the right to repair. The post Episode 144: Infosec Supporting...
The Security Ledger

Unsecured Database Exposes Data of 80M U.S. Households

Researchers have found an unsecured Microsoft-hosted cloud database that holds personal information from 80 million U.S. households, exposing sensitive data and putting people at risk for identity theft, ransomware and other cybercrimes. Security researchers and known “hactivists” Ran Locar...
The Security Ledger

Introducing Securepairs.org: Fighting Infosec FUD for the Right to Repair

Cybersecurity luminaries including Bruce Schneier, Gary McGraw, Joe Grand, Chris Wysopal and Katie Moussouris are backing securepairs.org, countering industry efforts to paint proposed right to repair laws in 20 states as a cyber security risk. The post Introducing Securepairs.org:...
The Security Ledger

FBI: Cybercrime Accounted for $2.7B in Losses in 2018

Organizations lost $2.7 billion to Internet-enabled theft, fraud and exploitation in 2018, with business e-mail compromise scams resulting in the highest of these financial losses, according to the FBI’s Internet Crime Complaint Center (IC3). The post FBI: Cybercrime Accounted for...
The Security Ledger

Podcast Episode 143: Tufin’s IPO with CEO Ruvi Kitov and Capsule8 on securing Linux at Scale

Tufin (TUFN) became the latest cyber security firm to have an initial public offering. In our first segment, we speak to its co-founder and CEO Reuven Kitov. Also: as more and more applications and workloads shift to the cloud,...
The Security Ledger

Drive-By Malware Uses Google Sites for Drive by Download Attacks

New malware, LoadPCBanker, is leveraging Google's Sites to spread via drive-by download attacks, according to a new report. Companies are advised to block uploads and downloads from the service. The post Drive-By Malware Uses Google Sites for Drive by...
The Security Ledger

Report: Bad Bots sent One in Five Web Requests in 2018

Distil Network's annual assessment of bad bots, “Bad Bot Report 2019: The Bot Arms Race Continues,” found that bad bots accounted for one in five website requests in 2018, or 20.4 percent of web traffic. The post Report: Bad Bots...
Tripwire

HawkEye Attack Wave Sends Stolen Data to Another Keylogger Provider

A recent attack wave involving HawkEye malware sends data stolen from its victims to another keylogger provider’s website. On 21 May, My Online Security came across a new sample of HawkEye. The actual delivery mechanism itself wasn’t unique compared...

Washington Issues Temporary License to Huawei

Washington Issues Temporary License to Huawei The US government has issued a temporary license to Huawei and its affiliates, allowing American companies to supply the telecoms and handset giant until August. Despite reports emerging over the weekend of various chipmakers...
isBuzz

GDPR: The Best Strategy For International Businesses

The EU’s General Data Protection Regulation (GDPR) was created with the aim of homogenising data privacy laws across the EU. GDPR also applies to organisations outside the EU, if they monitor EU data subjects, or offer goods and services...
IBM Security

How Cyber-Secure Are Business Travelers? New Report Says Not Very

I travel frequently for business — to industry conferences such as RSA Conference and Black Hat and meeting with clients. Whenever I travel, I bring my work laptop, my personal cellphone enabled with work email and calendar, and, of...

Haas F1 team leans on service providers as security force multipliers

If today’s cars are smartphones on wheels, then race cars are supercomputers with engines attached. As the fastest racing sport in the world, Formula One cars come laden with over 100 sensors measuring every aspect of a car’s internal...