• Report Finds Cybersecurity Issues with US 2020 Census A report looking into the US 2020 Decennial Census has flagged concerns over cybersecurity and questioned whether the personal data collected during the study can be kept private. The US Census Bureau kicked off the 2020 Census count of the population with the enumeration of Alaska in January. However, a report into the ongoing operation by the Government Accountability Office (GAO) has found that the bureau faces “significant cybersecur



  • Puerto Rico Government Loses $2.6m in Phishing ScamA Puerto Rican government agency unintentionally gave cyber-criminals $2.6m after being taken in by an email phishing scam.A senior official of the island’s government confirmed that money allocated for remittance payments had been wired by a government agency to what appeared to be a genuine bank account on January 17. It later transpired that the account was fraudulent. The money was transferred by an unsuspecting employee of Puerto

  • #teissLondon2020: Be Aware of Malicious and Non-Malicious Insider BehaviorSpeaking at the TEISS conference in London, ClubCISO chair Dr Jessica Barker said that both non-malicious and malicious insiders can be detected by common behaviors.Displaying ClubCISO’s research from 2019, which showed that non-malicious insiders accounted for 42% of incidents in the last 12 months, and malicious insiders accounted for 18%, Barker said that this is the biggest threat after a malicious external

  • Ukrainian Blackout Malware at Large on Dark WebSophisticated backdoor malware techniques used by state-backed attackers to cripple Ukrainian power stations in 2015 are now being deployed more widely by the black hat community, Venafi has warned.The malware in question targets SSH keys, which are designed to secure remote commands to and communications between machines. As such, they are central to securing cloud workloads, VPN connections, connected IoT devices and more.Compromise of a single SS



  • #teissLondon2020: Blanket Approaches to Security Awareness Efforts Often FailEmployee awareness needs to be holistic, and not use a blanket approach.Speaking on a panel at the TEISS conference in London exploring tailoring security awareness programs to overcome colleagues’ inbuilt biases, business strategist Dr Dave Chatterjee said that benchmarks can be used, and help you to know that if you are talking awareness, whether you are addressing your goals. “At a deeper level, it can con

  • Ransomware Costs May Have Hit $170bn in 2019There were nearly half a million ransomware infections reported globally last year, costing organizations at least $6.3bn in ransom demands alone, according to estimates from Emsisoft.The security vendor analyzed submissions to the ID Ransomware identification service during 2019 and found a total of 452,121 records.However, around half of these were related to a type of ransomware called STOP which is mainly targeted at home users, so i

  • Estée Lauder Database Exposes 440 Million RecordsEstée Lauder is the latest big-name brand to suffer an embarrassing data leak after a researcher discovered 440 million records including plain text emails exposed via an online database.Security Discovery’s Jeremiah Fowler made the discovery on January 30, claiming the non-password protected database exposed a total of 440,336,852 records.It’s unclear how many user emails were exposed, but the cosmetics giant claimed in

  • US Bank Slammed for “Vague and Deceptive” Breach Disclosure American bank Fifth Third has come under fire for sending customers a cryptic breach disclosure letter judged to be “vague and deceptive” by a consumer group.  Fifth Third wrote to customers after discovering that at least two of its employees had stolen customer information and provided it to a third party. Data exposed included names, Social Security numbers, addresses, phone numbers, dates of birth, mothers’ maide



  • #teissLondon2020: Supply Chain Challenge Can Be ContainedSpeaking on a panel at the TEISS conference in London on the theme of threats in the supply chain, chair Raef Meeuwisse asked where the supply chain sits in a company’s overall risk.Mike Seeney, head of supply chain information risk at Pinsent Masons, said that it is typically very high, as it is common that you will be breached via social engineering or the supply chain. “In the last few years we have had advances in tech

  • Great Britain at Odds over Police Use of Facial Recognition TechnologyGreat Britain’s three nations are not in agreement over the use of facial recognition technology by police forces.The technology, which can be legally used by police in Wales, was officially introduced by England’s Metropolitan Police Service in East London yesterday, amid a peaceful protest by Big Brother Watch. Use of the technology by English police forces has not been debated in parliament or approved by elected

  • #teissLondon2020: Tech is Not Neutral and Needs Ethical FrameworksAt The European Information Security Summit in London, Dr Stephanie Hare, author of the forthcoming book Technology Ethics, reflected on the need for ethical frameworks in technology.Technology ethics engages with a problem that no one has solved to anyone’s satisfaction, Dr Hare said. That problem is how we create and use technologies so that they deliver maximum benefit and minimum harm.Technology is not neutral, she added

  • Canadian Cabinet Ministers Get Hacking HotlineAn around-the-clock phone line to report suspected cyber-attacks has been created for federal cabinet ministers in Canada.Newly released documents show that officials at the Canadian Centre for Cyber Security (CCS) set up the 24/7 telephone service last year to help ministers respond swiftly to possible security breaches and hacking incidents. The cyber-reporting hotline is operated by the CCS, a division of the Communications Security Establish

  • Virtual Reality helps Soldiers shape Army hypersonic weapon prototype

    In the blink of an eye, a multi-ton truck and trailer flips on its side to reveal what’s underneath. Bolted-down equipment moves out of the way in seconds instead of hours. A bird’s eye…

  • Newest F-35A squadron brings fifth-generation capabilities to Red Flag

    NELLIS AIR FORCE BASE, Nevada: Pilots and maintainers with the 421st Fighter Squadron are launching and flying the F-35A Lightning II in their first Red Flag exercise together. The exercise, which…

  • #teissLondon2020: ICO Outlines Expectations for 2020 and BeyondSpeaking at The European Information Security Summit in London, Stephen Eckersley, director of investigations at the Information Commissioner’s Office, outlined the privacy watchdog’s expectations for 2020 and beyond with particular focus on regulations and data protection.“We are still coming to terms with our new [regulatory] powers,” Eckersley said, “and we are still learning how to apply them –

  • #teissLondon2020: Security Requires Sound Storytelling, Says Thom LangfordAt The European Information Security Summit in London, Thom Langford, founder of TL(2) Security, said that effective storytelling is important to security professionals if they want to evoke reactions, behaviors and actions from others.“Stories are important to us as security professionals, because, to be blunt, we’re normally really bad at putting across information to people who are not security professi

  • Royal Thai Air Force Orders Six Airbus H135 Training Helicopters

    SINGAPORE: Airbus Helicopters has signed an order for six H135 military training helicopters from the Royal Thai Air Force, as part of its pilot training enhancement program. The very first military…

  • #teissLondon2020: NCSC Shares Six Tips for Secure Password ManagementSpeaking at The European Information Security Summit in London, Helen L, technical director for sociotechnical security at the National Cyber Security Centre, discussed strategies for effective password management within the enterprise.Helen L challenged common, traditional password management strategies, saying that “what looks good in theory and on paper, may not work in the real world.”If a person who typically h

  • Australia Declares IoC for Rheinmetall MAN high mobility logistics vehicles

    Deliveries of more than 2500 Rheinmetall MAN high mobility logistics vehicles to the Australian Defence Force have achieved a major new milestone with the Commonwealth of Australia declaring Initial…

  • Chinese Military Conducts Joint Air-Sea Drill Near Taiwan Island

    The Chinese People’s Liberation Army (PLA) on Monday launched joint drills featuring naval and air forces near the island of Taiwan, one day after it conducted a combat readiness drill which…

  • Iran denies satellite program has military dimension

    Iran’s government on Wednesday rejected US allegations that the Islamic republic’s satellite programme has a military dimension, days after the failed launch of its latest satellite….

  • New MARTE ER Missile on Target In Second Test Firing

    MBDA’s Marte ER anti-ship missile has completed its second firing carried out at the PISQ (Poligono Interforze del Salto di Quirra) test range in Sardinia. This firing confirmed the overall…

  • US accuses Iran of building missiles through satellite bid

    US Secretary of State Mike Pompeo on Tuesday accused Iran of honing its ballistic missile skills through a satellite launch and vowed to exert more pressure. Iran, which is enemy number one for…

  • NATO Iraq plan could satisfy Trump: US official

    A plan for NATO to expand its Iraq mission by taking personnel from the anti-IS coalition could satisfy President Donald Trump’s call for more alliance action in the Middle East, a US official…

  • FBI: BEC Losses Soared to $1.8 Billion in 2019Losses from business email compromise (BEC) attacks soared by hundreds of millions of dollars over the past year, to once again account for half of all cybercrime losses reported to the FBI.BEC scammers made nearly $1.8 billion in 2019, over half the $3.5 billion total, according to the FBI’s 2019 Internet Crime Report. That’s up from around $1.3bn and a total of $2.7bn in 2018.A recent evolution in BEC tactics has seen scammers impersona

  • Microsoft Fixes 99 Problems This Patch TuesdayMicrosoft has fixed almost a century of CVEs this month, although experts suggest the workload shouldn’t be too hard on admins.The 99 vulnerabilities fixed this month feature 12 critical CVEs, including one zero-day, and another four that have been publicly disclosed and so will also need to be prioritized.The zero-day being exploited in the wild is CVE-2020-0674, a remote code execution flaw in the way the scripting engine handles objects in m

  • Six terrorists freed from jail committed further terror act, figures reveal

    Data published as parliament to debate emergency laws to keep extremists in prison for longerSix convicted terrorists have been released from prison and convicted of a further terrorist offence within seven years, it has been revealed, as parliament heads into a debate over emergency laws designed to keep extremist prisoners in jail for longer.Between January 2013 and December 2019, 196 individuals convicted of a terrorist offence were released from prison in England and Wales with 3.06% of them

  • Six terrorists convicted of further terror act after release, data shows

    Figures emerge as parliament to debate emergency laws to keep extremists in jail longerSix convicted terrorists have been released from prison and convicted of a further terrorist offence within seven years, it has been revealed, as parliament heads into a debate over emergency laws designed to keep extremist prisoners in jail for longer.Between January 2013 and December 2019, 196 individuals convicted of a terrorist offence were released from prison in England and Wales with 3.06% of them going

  • Crypto AG Unmasked: CIA Spied on Governments For DecadesA Swiss company thought to have sold among the most secure encryption products in the world was actually owned by US and German intelligence, allowing the CIA and BND to spy on allies and enemies around the world, it has emerged.A new report from The Washington Post and Germany’s ZDF claims that Crypto AG, founded during the Second World War, struck a deal with the CIA in the 50s and then passed fully into the hands of US and German i

  • US, German spies plundered global secrets via Swiss encryption firm

    US and German intelligence services raked in the top secret communications of governments around the world for decades through their hidden control of a top encryption company Crypto AG, US, German…





  • Source link

    Write a comment:
    *

    Your email address will not be published.