• #RSAC: Building Secure Automobiles for Driverless and Manned CarsSpeaking in a keynote talk at the RSA Conference in San Francisco, Mary T. Barra, chairman and CEO of General Motors Company, said that she acknowledged that “no one in this room needs convincing that there are virtually no industries today that are not vulnerable to cyber-attacks.”She said that the auto industry is no exception, as it is bringing technologies and features to market, while users expect seamless integrat

  • #RSAC: How The FBI Caught Voice Phishing (Vishing) ScammersCriminals are using a combination of server exploitation, email, and voice calls to execute voice phishing attacks, often referred to as vishing.In a session at the RSA Conference in San Francisco, John LaCour, founder and CTO at PhishLabs, and Davey Ware, Special Agent at the FBI, detailed the mechanics of how vishing attacks work to defraud victims of money, as well as how one group of criminals was found.”Vishing attacks are phis

  • #RSAC: Reality of Browsers Leaking Identifiable Information DetailedIn a talk at the RSA Conference in San Francisco, Lexis Nexis Risk Solutions director of product management Daniel Ayoub and VP of product management Dean Weinert talked about the reality of which metrics and identifiers browsers release on users.In a talk titled “Creepy Leaky Browsers,” Ayoub said that the classic cartoon “on the internet no one knows you’re a dog” was becoming less appar

  • Desjardins Group Breach Cost $38m Higher Than ExpectedLast year’s data breach at the Desjardins Group will cost the co-operative far more than initially anticipated. Original estimates by the Quebec-based financial institution set the cost of recovering from the breach at $70m. The co-operative has now said that the final breach bill is likely to be $108m. The data breach was intentionally carried out by a malicious employee who had access to banking details such as loans and savings.

  • University Fools Hackers into Sharing Tactics Researchers at the University of Texas have found a way to bamboozle malicious hackers into giving away their secrets.The DEEP-Dig (DEcEPtion DIGging) method tricks hackers onto a decoy site set up to record whatever sneaky tactics are thrown at it. This information is then fed into a computer, where it is analyzed to produce clues on how to identify and fend off future hacking attacks.University of Texas at Dallas computer scientists prese

  • #RSAC: Latin America’s Financial Crime World Sees Huge ExpansionTraditional organized crime gangs are now making efforts to succeed in financial cybercrime in Latin America.According to research by IntSights into cybercrime activities in central and south America, persistent cyber-criminals are operating extensive schemes targeting banks, hospitality services,and retail businesses for their credentials and financial assets.As the attackers were deliberately changing their tactics and infrastruct

  • Cyber-Criminal Impersonates Bernie Sanders Staffer America’s Democratic National Committee has warned its electoral candidates to be wary after a phony Bernie Sanders campaign staffer used a fake domain to contact other political campaigns. The cyber-imposter attempted to set up conversations with at least two other campaigns using a spoofed domain registered outside the United States. Sanders campaign spokesperson Mike Casca said yesterday that he believed the domain to be registered in Ru

  • Microsoft Engineer Pleads Guilty to $10m Fraud SchemeA former Microsoft engineer faces 20 years behind bars after being found guilty of attempting to defraud his ex-employer of $10m.Ukrainian citizen Volodymyr Kvashuk, 25, from Renton, Washington, was initially a contractor for the tech giant before going full time there from August 2016 until he was fired in June 2018.He was convicted on Tuesday of 18 federal felonies: five counts of wire fraud, six counts of money laundering, two counts of agg

  • Web Owners Ignore Alerts as Magecart Hits 40 More Sites A notorious group behind digital skimming attacks has upped its game recently, infecting at least 40 new websites, according to researchers.Magecart Group 12, one of many collectives using techniques designed to harvest card details from e-commerce websites, continues to adapt its modus operandi, according to researcher Max Kersten.The current campaign has been running for several months, with the first hacked site linking to a skimmer doma

  • Facial Recognition Biz Clearview AI Suffers Data BreachA controversial facial recognition company has just informed its customers of a data breach in which its entire client list was stolen.Clearview AI leapt to fame in January when a New York Times report claimed that the start-up had scraped up to three billion images from social media sites to add to its database.That makes it a useful resource for its law enforcement clients, which can query images they capture against the trove. The FBI&rsq

  • #RSAC: Review Your GDPR State, Biometric Collections and Cyber InsuranceNow is the time to review your exposure to GDPR and CCPA-related lawsuits, and review contracts related to penetration testing.In a talk at RSA Conference in San Francisco exploring recent cyber-related court cases, Julia Bowen, senior vice-president, general counsel and corporate secretary, The MITRE Corp and Professor Rick Aldrich, cybersecurity policy and compliance analyst, Booz Allen Hamilton, reviewed a number of issue

  • #RSAC: It’s Time to Disable Parental Controls to Enable the Next GenerationIt’s time to get rid of parental controls and let younger people make their own decisions.Speaking in the opening keynotes at the RSA Conference in San Francisco, Wendy Nather, head of advisory CISOs, Duo Security at Cisco, said that parental controls need to be disabled as “we need to teach them to make good security choices for themselves because they need to learn this from a young age.”As part o

  • #RSAC: Methodologies and Methods to Improve IoT SecuritySpeaking at the RSA Conference in San Francisco on how to build a comprehensive Internet of Things (IoT) security testing methodology, Rapid7 IoT research lead Deral Heiland said that it is currently hard to determine what IoT is, so he built a testing model to determine the traits of IoT so they can be better detected and secured.He said that he often asks companies if they have got any IoT technology, so created a methodology to define th

  • #RSAC: Time to Take Action on AI-Enabled Electoral Vote InfluencingIn a talk at the RSA Conference in San Francisco, students and researchers from University of California, Berkeley presented a theoretical method on how voters could be influenced using technical and automated methods.Talking about “How AI Inference Threats Might Influence the Outcome of 2020 Election,” the three presented their own research, which included aggregating data to show how misinformation can be spread. Ka

  • US, Saudi Bilateral Maritime Security Exercise Begins

    DefenceTalkJUBAIL, SAUDI ARABIA: The U.S. Navy and the Royal Saudi Naval Forces are participating in exercise Nautical Defender 20 (ND 20), Feb. 23-27. ND is a bilateral maritime exercise designed to…

  • #RSAC: Deterrence in Cyberspace Is About More Than Just AttributionHow can the US deter other nations from executing cyber-attacks? According to a panel of US government officials speaking at the RSA Conference in San Francisco, there is a range of legal, diplomatic, and even military options that can be considered.Adam Hickey, Deputy Assistant Attorney General, National Security Division at the US Department of Justice (DOJ), commented that there is a lot that can be done to deter nation-s

  • #RSAC: How Medical Device Cybersecurity Could ImproveCyberattacks can impact individuals and companies in different ways, but few if any industries have the same life-or-death impact as medical devices.In recent years, medical devices and hospitals have come under increasing attack from different threat actors, which has not escaped the notice of regulators in the United States. At the RSA Conference in San Francisco, the safety implications of medical devices was detailed, along

  • Australian Police Could Get More Cyber-Espionage PowersAustralian Federal Police (AFP) could be given powers to cyber-spy and hack into online computer systems used by criminals based in Australia under a new proposal being considered by the country’s federal government.Suggested changes would allow the AFP to call for assistance from the Australian Signals Directorate (ASD) or extend the cyber-capabilities of the AFP. Currently the ASD only has the power to hack, disrupt, and destroy

  • US DoD Adopts Ethical AI PrinciplesThe US Department of Defense announced yesterday that it has adopted a series of ethical principles regarding the use of artificial intelligence (AI).Designed to build on the US military’s existing ethics framework, which is based on the US Constitution, Title 10 of the US Code, Law of War, existing international treaties, and longstanding norms and values, the principles will apply to both combat and non-combat functions.Embracing high-level ethical goal

  • Stalkerware and Adware Top Smartphone Threat List New research into malware affecting mobile devices has found that stalkerware and adware posed the biggest threat to users in 2019.The annual “Mobile Malware Evolution” report, published yesterday by Kaspersky, shows a significant increase in the number of attacks on the personal data of mobile device users. From 40,386 unique users experiencing attacks in 2018, the figure rose to 67,500 in 2019.Mobile advertising Trojans were a major t

  • Raytheon, US Navy test first Standard Missile-2 from restarted production line

    DefenceTalkRaytheon Company (NYSE: RTN) and the U.S. Navy successfully flight tested the first SM-2 surface-to-air missile from the company’s restarted production line. The SM-2 Block IIIB…

  • US Marines Orders Amphibious Combat Vehicles from BAE Systems

    DefenceTalkBAE Systems has received a $113.5 million contract from the U.S. Marine Corps for an additional 26 Amphibious Combat Vehicles (ACV) under the Low-Rate Initial Production (LRIP) phase of…

  • Tunisia to Buy AT-6 Light Attack Aircraft

    DefenceTalkThe State Department has made a determination approving a possible Foreign Military Sale to Tunisia of four (4) AT-6C Wolverine Light Attack Aircraft and related equipment for an estimated…

  • Netherlands Requests to Buy MK-48 Torpedo Conversion Kits

    DefenceTalkThe State Department has made a determination approving a possible Foreign Military Sale to the Netherlands of sixteen (16) MK-48 Mod 7 Advanced Technology (AT) torpedo conversion kits and…

  • US, Kuwait artillery light up the night sky

    DefenceTalkUDAIRI RANGE, Kuwait: The rockets’ red glare, the rockets streaming in air lit up the night sky over a sea of sand in Kuwait. The U.S. forces supporting Task Force Spartan and Kuwait…

  • #RSAC: What Governments Should Do to Respond to Nation State AttacksNation states are actively attacking digital and internet-connected assets, but whether or not the US and other governments are doing enough to stop those attacks is a burning question that was debated in a session at the RSA Conference in San Francisco.Sometimes there is a tendency for individuals or even organizations to question whether nation state cybersecurity attacks matter, which is something that Tom Corcoran, head of c

  • National Cyber League Registration Opens for 2020Registration opened for the National Cyber League (NCL) Spring Season this week.The NCL is a biannual cybersecurity competition for high school and college students aimed at training and mentoring the next generation of cybersecurity professionals.The NCL invites students from across the US to compete in a virtual cybersecurity competition, consisting of a series of challenges that allow participants to demonstrate their ability to identify hacker

  • DEFENDER-Europe 20 begins with 1st Combat Power arrival

    DefenceTalkBREMERHAVEN, Germany: The first combat power into the European theater for DEFENDER-Europe 20 has rolled down the ramp of the American Roll-on Roll-off Carrier The Endurance at the port of…

  • USAF MAJCOMs Partner to create virtual aircraft maintenance hangars

    DefenceTalkJOINT BASE SAN ANTONIO-RANDOLPH, Texas: Air Education and Training Command is working to build a faster and smarter Air Force in partnership with multiple major commands to develop a…

  • AFRL creates safer-than-steel synthetic winch cable for cargo aircraft

    DefenceTalkThe C-17 Globemaster III aircraft fleet currently uses winch cables made of steel to pull pallets, vehicles and other items onto the aircraft from the ground via the aft ramp. The current…

  • Source link

    Write a comment:

    Your email address will not be published.