Resources

November 14, 2019
A Hacker Wants About $5 Million in Ransom From Pemex By End of November

(Bloomberg) -- The hacker behind a cyberattack that has crippled Petroleos Mexicanos’s computer systems since the weekend is hoping to squeeze about $5 million out of the company and appears to have set a deadline of Nov. 30. Pemex has other ideas,......

November 14, 2019
'GridEx' offers stiff security test for an industry that welcomes the challenge

Every two years, power-grid authorities throw the kitchen sink of digital and physical mayhem at electric utilities and government organizations across North America. It is one of the biggest tests of the utilities’ ability to withstand wave upon wave of hypothetical attacks — and they are...

November 14, 2019
Exclusive: U.S. manufacturing group hacked by China as trade talks intensified - sources

WASHINGTON (Reuters) - As trade talks between Washington and Beijing intensified earlier this year, suspected Chinese hackers broke into an industry group for U.S. manufacturers that has helped shape President Donald Trump’s trade......

November 14, 2019
How a turf war and a botched contract landed 2 pentesters in Iowa jail

By Dan Goodin Ars Technica 11/13/2019 In the early hours of September 11, a dispatcher with the sheriff’s department in Dallas County, Iowa, spotted something alarming on a surveillance camera in the county courthouse. Two men who had tripped an alarm after popping open a locked door were wa...

November 14, 2019
Man Charged After Using App to Remotely Hack, Track Girlfriend's Car Location

By Chris Chin The Drive November 7, 2019 In a string of bizarre events, authorities in Australia charged a man for criminally stalking his ex-girlfriend after he allegedly hacked her car, just so he could keep track of her whereabouts and play tricks with the vehicle’s keyless-entry and push-bu...

November 8, 2019
We're almost into the third decade of the 21st century and we're still grading security bugs out of 10 like kids. Why?

By Shaun Nichols in San Francisco The Register 7 Nov 2019 Disclosure The way we rate the severity of computer security vulnerabilities and bugs needs to change to better protect people and businesses from malware and cyber-crime. So says Marc Rogers, executive director of cybersecurity at Okta...

November 8, 2019
Cisco: All these routers have the same embedded crypto keys, so update firmware

By Liam Tung ZDNet November 7, 2019 Security researchers have found that the firmware for several Cisco small-business routers contains numerous security issues. The problems include hardcoded password hashes as well as static X.509 certificates with the corresponding public-private key pairs ...

November 8, 2019
The financial industry just finished its annual 'doomsday' cybersecurity exercise -- here's what they imagined would happen

By Kate Fazzini CNBC.com November 7, 2019 This week, the Securities Industry and Financial Markets Association (SIFMA) held the fifth in a series of exercises meant to simulate a catastrophic cybersecurity event in the banking sector, known as “Quantum Dawn.” The exercise offers an importa...

November 8, 2019
Riot Games' Millionaire Founder Defrauded In $5 Million Amazon Cloud Cryptocurrency Mining Scam, DOJ Says

By Thomas Brewster Forbes.com November 7, 2019 Marc Merrill, the cofounder of Riot Games, was the victim of a massive fraud that started in November 2014, when his American Express credit card information was used to buy up cloud computing power from Amazon, Google and others,......

November 8, 2019
Inside the FBI's quiet 'ransomware summit'

By Sean Lyngaas CYBERSCOOP November 6, 2019 In March, officials in sparsely populated Jackson County, Georgia, made a painful decision. Rather than rebuild their networks from scratch, they paid $400,000 to hackers to get the county’s data back. The six-figure amount — eclipsed by a nearly...

November 8, 2019
'Chronicle Is Dead and Google Killed It'

By Lorenzo Franceschi-Bicchierai and Joseph Cox Vice.com November 7, 2019 In early 2018, Google’s parent conglomerate Alphabet announced the birth of a new "independent" startup that was supposed to revolutionize cybersecurity. Chronicle was meant to be a new type of startup. One of...

November 8, 2019
First, Manage Security Threats to Machine Learning

By Rand Waltzman and Thomas Szayna War on the Rocks November 4, 2019 This article was submitted in response to the call for ideas issued by the co-chairs of the National Security Commission on Artificial Intelligence, Eric Schmidt and Robert Work. It responds to question 3 (parts a. and b.), whic...

November 7, 2019
Inside the Microsoft team tracking the world's most dangerous hackers

By Patrick Howell O'Neill MIT Technology Review November 6, 2019 When the Pentagon recently awarded Microsoft a $10 billion contract to transform and host the US military’s cloud computing systems, the mountain of money came with an implicit challenge: Can Microsoft keep the Pentagon’s...

November 7, 2019
Boeing's poor information security posture threatens passenger safety, national security, researcher says

By J.M. Porup Senior Writer CSO November 5, 2019 Boeing's poor information security practices threaten aviation safety and national security, security researcher Chris Kubecka told an audience at the Aviation Cyber Security conference in London today. Boeing test development networks are....

November 7, 2019
Former Twitter employees charged with spying for Saudi Arabia by digging into the accounts of kingdom critics

By Ellen Nakashima and Greg Bensinger The Washington Post November 6, 2019 The Justice Department has charged two former Twitter employees with spying for Saudi Arabia by accessing the company’s information on dissidents who......

November 14, 2019
Symantec, McAfee Patch Privilege Escalation Bugs

All versions of endpoint protection software from both vendors were susceptible to near identical issue, SafeBreach says....

November 14, 2019
I'm Setting Up a Bug-Bounty Program. What Should I be Thinking About?

Here are some important points to factor into your vulnerability disclosure policy....

November 14, 2019
BSIMM10 Shows Industry Vertical Maturity

The Building Security In Maturity Model is the only detailed measuring stick for software security initiatives, and it continues to evolve. ...

November 14, 2019
Capture the Flag Planned to Find Missing Persons Information

The competition, launched by SANS and Trace Labs, will put to use open source information in search of new clues....

November 14, 2019
Attacks on Healthcare Jump 60% in 2019 - So Far

Well-known Trojans Emotet and Trickbot are cybercriminals' favorite weapons in their campaigns....

November 14, 2019
5 Cybersecurity CISO Priorities for the Future

Seven chief information security officers share their pain points and two-year spending plans. ...

November 14, 2019
US-CERT Warns of Remotely Exploitable Bugs in Medical Devices

Vulnerabilities in key surgical equipment could be remotely exploited by a low-skill attacker....

November 14, 2019
8 Backup & Recovery Questions to Ask Yourself

Don't wait until after a disaster, DDoS, or ransomware attack to learn just how good your backups really are....

November 14, 2019
How Does Your Cyber Resilience Measure Up?

The security measures companies take today may not be enough for tomorrow's cyber assault, but switching to a proactive, risk-based framework may better protect your organization....

November 13, 2019
Self-Cleaning Payment Card-Skimmer Infects E-Commerce Sites

'Pipka' JavaScript skimmer has infected at least 16 e-commerce websites so far, according to Visa's Payment Fraud Disruption Group....

November 13, 2019
Well, Hello, Dolly!

Eight hours is certainly a start....

November 13, 2019
Cybersecurity: An Organizationwide Responsibility

C-suite execs must set an example of good practices while also supporting the IT department with enough budget to protect the organization from next-generation cyberattacks....

November 13, 2019
The Ripple Effect of Data Breaches: How Damage Spreads

The financial loss from so-called 'ripple events' is thirteen times greater than the cost of single-party security incidents....

November 13, 2019
2019 Trending as Worst Year on Record for Data Breaches

New Risk Based Security report shows data breaches up 33.3% over last year so far. ...

November 13, 2019
Breaches Are Inevitable, So Embrace the Chaos

Avoid sinking security with principles of shipbuilding known since the 15th century....

November 13, 2019
Cardplanet Operator Extradited for Facilitating Credit Card Fraud

Russian national Aleksei Burkov is charged with wire fraud, access device fraud, and conspiracy to commit identity theft, among other crimes....

November 13, 2019
Unreasonable Security Best Practices vs. Good Risk Management

Perfection is impossible, and pretending otherwise just makes things worse. Instead, make risk-based decisions. ...

November 12, 2019
While CISOs Fret, Business Leaders Tout Security Robustness

A new Nominet survey shows a familiar disconnect between business and security teams on the matter of cyber preparedness....

November 12, 2019
Companies Increasingly Fail Interim Security Test, But Gap Narrows

Stability of PCI DSS helps companies cope and create more mature security programs, but some parts of the Payment Card Industry's Data Secure Standard continue to cause headaches....

Discover how Cloudburst Security can support you.

CONTACT US