The exploitation of vulnerabilities contained by train Wi-Fi networks could allow hackers to access sensitive passenger information and control systems. Sensitive information that could be accessed by hackers include credit card details, names, and email…

Research conducted by Dtex Systems indicates that all organizations have active insider threats. The findings of this research highlights the importance of monitoring user behaviors that create security vulnerabilities within organizations. This article…

SoS Musings #14 Concerns with a Ray of Hope

There has been an increase in the use of social engineering tactics by cybercriminals to launch cyberattacks. According to a report released by Proofpoint called the The Human Factor 2018, cybercriminals and threat actors are using new techniques to…

A new Excel feature is raising concerns among security researchers. The new feature enables the execution of custom JavaScript functions in Excel spreadsheets. Although the update expands the capability of Excel, it also creates new paths for attackers…

As the popularity of voice-activated devices rises, concerns surrounding the security of such technology grow. Security researchers have highlighted the vulnerability of voice-activated gadgets through the demonstration of an attack that could allow…

Popular PGP and S/MIME email encryption standards have been discovered to contain security flaws. According to researchers, these vulnerabilities could allow the contents of encrypted email communications to be exposed to attackers. This article…

Kevin Mitnick, a Chief Hacking Officer at KnowBe4, has demonstrated the use of a tool called evilginx to perform phishing attacks in order to gain control over targeted user accounts. The use of this tool can allow threat actors to evade two-factor…

Professors from the Computer Science department at the University of North Carolina, Ke Coby Wang and Michael Reiter, have proposed a way to stop people from reusing passwords on different websites. The professors emphasize the importance of…

Yes, Microsoft has a large software developers conference, Build. Wish you were there learning about software development at Microsoft. Topics like Windows, Azure, Cortana, AI, ARM, etc. Microsoft has posted the videos of the keynotes and sessions on…

Didn't attend Google I/O 2018? I didn't either, but the videos from the event are on YouTube. Google says keynotes and all sessions are there. Wondering what Google I/O 2018 is? Well, its Google's big developer conference. So lots of things google,…

Traditional manual methods for defending the data and critical infrastructure of nation-states are no longer sufficient as cyberattacks are increasingly being launched using automation. Federal agencies are encouraged to implement defensive automation in…