News
-
"Testers Look into Security of Car Alarms"Holes have been found in the security of third-party car alarms that could be exploited by hackers to perform a number of malicious activities. The security vulnerabilities discovered to be contained by two third-party car alarm products could allow…
-
"RSA 2019: Most Organizations Use Too Many Cybersecurity Tools"Since attacks have been happening more often, businesses have been starting to deploy alot of technolgy to deal with attacks. However, deploying more technology is not the best way to stop breaches. It is important to look…
-
"Citrix Breach Once Again Highlights Password Weaknesses"Cybercriminals used a technique, called password spraying, in the breach of software provider, Critix. Password spraying is a brute force attack method in which commonly used passwords are tried against many accounts. This article continues to discuss…
-
"Researchers Find Marketplace on Dark Web That Sells Tools to Commit Identity Theft"Researchers from Georgia State University and the University of Surrey conducted a study, which reveals the availability of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) certificates to cybercriminals via the dark web. SSL and TLS…
-
"Dozens of Companies Leaked Sensitive Data Thanks to Misconfigured Box Accounts"Security researchers from Adversis have discovered the leaking of sensitive corporate and customer data by more than 90 tech companies and corporate giants due to the sharing of public links by employees to files stored in their Box enterprise accounts.…
-
"#RSAC: Fixing the Mess of IoT Security"Ken Munro baught used Wi-Fi-enabled tea kettles on ebay and was surpised how easy there were to hack. He reset the tea kettles to the factory settings, but the original owner’s router information was not deleted, and so not only did he have…
-
NSA Releases Ghidra for Reverse EngineeringAt RSA 2019, the National Security Agency released Ghidra as a free tool. Ghidra is a software reverse engineering tool. Plans are underway to release it as open source on GitHub. For more information visit the official site: https://www.nsa.gov/…
-
"RSA Conference 2019: Ultrasound Hacked in Two Clicks"Researchers performed a proof-of-concept attack on an ultrasound machine, further emphasizing the importance of strengthening the security of medical devices. Through the infiltration of the ultrasound machine, researchers were able to download patients…
-
Spaf's Comments on RSA 2019This year, SoS was not part of RSA and thus there were no updates from me. However, Spaf was there again and posted his thoughts on it. Many interesting observations, the most is that its being made up of companies showing off new band aids and no desire…
-
ji32k7au4a83 is a basic password, it's trueI have spoken on two panels on the past year about diversity. I often talk about how cybersecurity is culturally dependent. A recent article on gizmodo is an excellent example of that, and a little bit of a plug for human behavior being a hard problem.…
-
"Humans Are Key to Improving Cyber-Security, IBM Stresses"One of the keys to improving the cybersecurity of organizations is education. Organizations are encouraged to offer education and training to employees in order to raise awareness about cybersecurity and reduce risks. This article continues to…
-
"Phishing Attacks Spiked by 250% in 2018"Microsoft's Security Intelligence Report (SIR) volume 24 highlights the significant rise in the launch of phishing attacks in 2018. Phishing remains an attractive technique to threat actors as humans continue to be the weakest link in cybersecurity. This…