NATO member Lithuania is under attack from Russian hacking group Killnet. It raises serious concerns over Russia’s use of cyber warfare against NATO states.
The post Russian Hackers Declare War on Lithuania — Killnet DDoS Panic appeared first on Secur…
Tag: IoT & ICS Security
Europe, Global Security News, North America
ADPPA US Privacy Law: Coming Soon in Wake of Roe v. Wade Redo
by Richi Jennings •
We could soon have a federal GDPR. But the American Data Privacy and Protection Act wasn’t the only privacy related issue on Capitol Hill last week.
The post ADPPA US Privacy Law: Coming Soon in Wake of Roe v. Wade Redo appeared first on Security Boul…
Europe, Global Security News, North America
House Passes ICS Cybersecurity Training Act
by Christopher Burgess •
In a predominantly bipartisan vote, the Industrial Control Systems Cybersecurity Training Act was passed by the House of Representatives on the evening of June 21, 2022. The bill, sponsored by Representative Eric Swalwell (D-CA) establishes within the…
Europe, Global Security News, North America
How to get started with OT security
by Prayukth K V •
In the last couple of years, OT security has managed to get plenty of attention from security teams. Some businesses have even started having dedicated teams to manage OT security and tools. However, many businesses are still in the process of figuring…
Europe, Global Security News, North America
The future of IoT ransomware – targeted multi-function bots and more cyberattacks
by Prayukth K V •
A new IoT malware was detected in October 2021 with as many as 30 exploit mechanisms that were coded into it. This malware called BotenaGo was able to seek out and attack vulnerable targets by itself without having to rely on any human intervention. On…
Europe, Global Security News, North America, Vulnerabilities
Apple M1 Flaw Can’t be Fixed — PACMAN Panic
by Richi Jennings •
Apple’s M1 chip isn’t as safe from buffer overflows as previously thought. M1 and other designs based on ARMv8.3 can have their ‘PAC’ protection neutered.
The post Apple M1 Flaw Can’t be Fixed — PACMAN Panic appeared first on Security Boulevard.
…
Europe, Global Security News, North America, Vulnerabilities
Tesla Fails Yet Again: Hackers can Steal Cars via NFC
by Richi Jennings •
Tesla Models 3 and Y can be unlocked and stolen via a bug in their NFC software. Two separate research groups found this new bug at around the same time.
The post Tesla Fails Yet Again: Hackers can Steal Cars via NFC appeared first on Security Bouleva…
Europe, Global Security News, North America
DoJ Decision Gives Good Faith Hackers Relief From CFAA
by Teri Robinson •
After years of being hamstrung by the threat of prosecution under The Computer Fraud and Abuse Act (CFAA), security researchers and hackers operating in good faith have gotten some relief after the U.S. Justice Department said it would not bring charg…
Europe, Global Security News, North America
Cars in the Crosshairs: Automakers, Regulators Take on Cybersecurity
by Mike Hodge •
If I were to ask you to imagine someone hacking a car, what’s the first thing that comes to mind? Let me guess: You’re picturing someone wearing a black hoodie and a Guy Fawkes mask. They’re sitting in front of a state-of-the-art computer rig in an ot…
Europe, Global Security News, North America
The True Danger for Organizations: Unpatched Vulnerabilities
by Aaron Sandeen •
It is no secret that 2021 saw an increase in cyberattacks all around the globe; specifically in critical infrastructure organizations. In October of that year, The U.S. Cybersecurity and Infrastructure Security Agency issued Alert AA21-287 in response…
Europe, Global Security News, North America, Vulnerabilities
‘Incompetent’ Tesla Lets Hackers Steal Cars — via Bluetooth
by Richi Jennings •
Tesla cars can be unlocked and stolen via a simple relay attack. The company shrugged and said it’s “a known limitation.”
The post ‘Incompetent’ Tesla Lets Hackers Steal Cars — via Bluetooth appeared first on Security Boulevard.
Europe, Global Security News, North America
Senators Urge FTC to Probe ID.me Over Selfie Data
by BrianKrebs •
Some of more tech-savvy Democrats in the U.S. Senate are asking the Federal Trade Commission (FTC) to investigate identity-proofing company ID.me for “deceptive statements” the company and its founder allegedly made over how they handle facial recognit…
Europe, Global Security News, North America
NIST Updates Guidance for Supply Chain Security Management
by Nathan Eddy •
The National Institute of Standards and Technology (NIST) has updated its cybersecurity supply chain risk management (C-SCRM) guidance in an effort to help organizations protect themselves as they acquire and use technology products and services. The …
Europe, Global Security News, North America, Vulnerabilities
Nozomi Networks Discovers Vulnerability in Siemens Building Automation Software
by Nozomi Networks Labs •
Recently, we had the opportunity to do a security analysis of the Siemens PXC4.E16, a Building Automation System (BAS) of the Desigo/APOGEE family for HVAC and building service plants. In this blog, we are publishing the details of a vulnerability that…
Europe, Global Security News, North America, Vulnerabilities
Putin’s ‘Victory Parade’ TV Show Hacked: ‘Blood on Your Hands’
by Richi Jennings •
Ukrainian hackers and their friends continue to pummel Russian computers. “Hundreds of millions of documents” are being leaked. And today, Putin’s famous Victory Parade has been marred by hackers.
The post Putin’s ‘Victory Parade’ TV Show Hacked: ‘Blo…
Europe, Global Security News, North America, Vulnerabilities
5 Top IoT Security Challenges and Solutions
by Gilad David Maayan •
The internet of things (IoT) is growing exponentially, with as many as 25 billion devices expected to be deployed by 2030. IoT technology has many benefits for consumers, corporations and, in particular, the manufacturing, health care and transportati…
Europe, Global Security News, North America, Vulnerabilities
Biden Revs Up US Quantum Plans (Because China)
by Richi Jennings •
This week, the White House issued a memorandum and executive order that put a shedload of wood behind the quantum-computing arrow.
The post Biden Revs Up US Quantum Plans (Because China) appeared first on Security Boulevard.
Europe, Global Security News, North America
When it comes to security, is IoT the new OT?
by Prayukth K V •
Operational Technology (OT) has certainly been around for much longer in some form when compared to both Information Technology (IT) and the Internet of Things (IoT). Yet, when it comes to OT security we are still taking the first concrete steps toward…
Europe, Global Security News, North America, Vulnerabilities
Log4j, ProxyLogon Top 2021 Exploitable Vulnerabilities List
by Nathan Eddy •
The Log4Shell vulnerability affecting Apache’s Log4j library and the ProxyLogon and ProxyShell vulnerabilities affecting Microsoft Exchange email servers topped the list of the most routinely exploited vulnerabilities in 2021. These threats were outli…
Europe, Global Security News, North America, Vulnerabilities
Phishing scheme targets verified Twitter users; Vulnerability leaves millions of routers & IoT devices at risk
by Evan •
Cybercriminals have developed different avenues for trying to access personal information. You will often hear that they have breached servers to steal information, perhaps through technical means such as exploiting a security vulnerability. But one of…
Europe, Global Security News, North America
Do You Need to Rethink AppSec With 5G?
by Sue Poremba •
It’s not quite everywhere yet, but 5G connectivity is growing rapidly. That’s a great thing for remote workers and anyone depending on a fast connection, but what kind of impact will 5G have on application security? “The explosion of 5G is only going …
Europe, Global Security News, North America, Vulnerabilities
Ukraine Beats Russia in Cyberwarfare — at ‘Unprecedented Scale’
by Richi Jennings •
Russia is attacking Ukraine with cyberattacks and psyops. But the scale is pathetic and Ukraine is fighting back—hard.
The post Ukraine Beats Russia in Cyberwarfare — at ‘Unprecedented Scale’ appeared first on Security Boulevard.
Europe, Global Security News, North America
Illinois Biometric Information Privacy Act | How to Comply
by "Ask Aleada" Blog - Aleada Consulting •
Here’s some information about the Biometric Information Privacy Act and how
violating these laws can truly add up.
The post Illinois Biometric Information Privacy Act | How to Comply appeared first on Security Boulevard.
Europe, Global Security News, North America, Vulnerabilities
‘Crypto Bug of the Year’ Fixed — Update Java NOW
by Richi Jennings •
A ridiculously dumb flaw in Java’s signature checking code is patched. This isn’t some crufty legacy Sun code, but actual garbage Oracle sloppiness that’s causing IT people to chase their tails yet again.
The post ‘Crypto Bug of the Year’ Fixed — Upda…
Europe, Global Security News, North America, Vulnerabilities
Establishing a Root of Trust in Embedded Linux and IoT
by Anita Buehrle •
With IoT, 5G and embedded devices becoming a larger part of everyone’s daily lives, security—and more importantly, trust in our technology—is on everyone’s minds. Embedded devices don’t have a good security track record; the last several years saw a s…
Europe, Global Security News, North America
New BotenaGo Variant Discovered by Nozomi Networks Labs
by Nozomi Networks Labs •
While the use of open-source programming languages has its benefits, attackers find it equally beneficial and have been utilizing Go to code malicious malware. Our research highlights a new variant of the BotenaGo malware that specifically targets Lili…
Europe, Global Security News, North America
Gov’t Advisory Warns of Pipedream Malware Aimed at ICS
by Teri Robinson •
The U.S. government this week tried to get ahead of possible attacks on industrial control systems (ICS), particularly in the energy sector, via the recently discovered Pipedream malware, a modular ICS attack framework that is equally dangerous to ind…
Europe, Global Security News, North America, Vulnerabilities
Russia Tries to Kill Ukraine’s Power Grid—and FAILS
by Richi Jennings •
Russia’s infamous Sandworm APT group is at it again: The scrotes have been trying to cut power to the Ukrainian capital.
The post Russia Tries to Kill Ukraine’s Power Grid—and FAILS appeared first on Security Boulevard.
Europe, Global Security News, North America
Pandemic Two Years On: The Security Challenge of Hybrid Working
by Danna Bethlehem •
Two years ago, the Covid-19 pandemic forced millions of workers across the globe into remote working and turned the way we work on its head. Prior to the pandemic, flexible or remote working arrangements had been the exception in most organisations – y…
Europe, Global Security News, North America, Vulnerabilities
Apple Failed—AirTag has a HUGE Stalking Problem
by Richi Jennings •
One year on, the Apple AirTag product has proved the dire predictions correct: They’re being used to “stalk and harass women.”
The post Apple Failed—AirTag has a HUGE Stalking Problem appeared first on Security Boulevard.
Europe, Global Security News, North America
Former GE Engineer Convicted of Economic Espionage
by Christopher Burgess •
On April 1, 2022, the Department of Justice (DoJ) announced the conviction of Xiaoqing Zheng of conspiracy to commit economic espionage following a four-week jury trial. Zheng will be sentenced on August 2, 2022, and faces up to 15 years in prison and…
Europe, Global Security News, North America
Purdue University’s CERIAS 2021 Security Symposium – Indiana University ‘s Scott Shackelford: ”
by Marc Handelman •
Our thanks to Purdue University’s The Center for Education and Research in Information Assurance and Security (CERIAS) for publishing their illuminating security symposiums, seminars, talks, and presentations on the Schools’ YouTube channel.
Permalink…
Europe, Global Security News, North America
A significant spike in cyberattacks from Russia could be expected in April
by Prayukth K V •
Last week during a webinar session, I was asked a question about why the cyberattacks from Russia didn’t materialize to the levels that we were warned about. To answer this question, we need to understand various aspects of how Russian APT groups oper…
Europe, Global Security News, North America
The volume of DDoS attacks from compromised IoT devices rose significantly in March
by Prayukth K V •
Vulnerable routers (2 global brands) and compromised monitor screens and fleet tracking systems were used extensively by hackers as part of large botnets to share and deploy rootkits across the globe in March. This resulted in a significant spike in bo…
Europe, Global Security News, North America
Biden Administration Seeks 2023 Cybersecurity Spend Increase
by George V. Hulme •
The just-released White House fiscal year 2023 federal budget proposes nearly $11 billion in cybersecurity spending for agencies not directly in defense. The request is an 11% increase from the fiscal 2022 budget. “The budget bolsters our cybersecurit…
Europe, Global Security News, North America
How Secure Is Your Cyberinfrastructure?
by Ron Brown •
Cyberthreats and attacks—including insider threats, nation-sponsored entities and evolving cyberattack techniques such as zero-day and targeted malware, electronic espionage and complex data exfiltration—are not going away. They are only escalating. H…
Europe, Global Security News, North America
Bad Dog—Everyone HATES This FIDO Passwordless Idea
by Richi Jennings •
Behold! The next steps to passwordless nirvana. But will FIDO2-WebAuthn let “privacy invading megacorps” profit from your private data?
The post Bad Dog—Everyone HATES This FIDO Passwordless Idea appeared first on Security Boulevard.
Europe, Global Security News, North America
Why IoT Security is Important for Today’s Networks?
by Prayukth K V •
Internet of Things is the acronym for IoT. With each ticking second, our lives are becoming more intertwined with digital gadgets and spaces. The Metaverse revolution set to unfold soon only deepens our digital interactions. Given the non-standard manu…
Europe, Global Security News, North America
BazarLoader malware opens a new frontier in cyberspace
by Prayukth K V •
While reports were coming in of hackers using company forms to trick employees to download a variant of BazarLoader malware, Sectrio’s research team has come across another method that hackers are using to push this malware. What is BazarLoader? It is …
Europe, Global Security News, North America
How Security Can Keep Pace as IT and OT Converge
by Mike Nelson •
The IoT is rapidly maturing, and we’re seeing new use cases emerge every day. It’s transforming health care with applications like patient monitoring and medication delivery. It’s improving manufacturing by accelerating processes and minimizing downti…