If you don't think cybersecurity is a selling point these days, you're probably not doing as well as you could be--no matter what it is you do in digital. Larry Ellison is dialed into this new home truth, and may well be poised to overtake ...Read More
KnowB4’s chief hacking officer Kevin Mitnick released a video that should send shudders down the spine of anyone using 2-factor authentication.
Implementing a standard attack mode, in this case a spoofed invitation to connect from LinkedIn, Mitnick demonstrates how a hacker can bypass the multi-factor authentication bydint of session recording malware.
This hack captures all the information needed for an account takeover: user name, password and the authenticated session cookie...Read More
Do you? Currently and depending on who is speaking, there are varying and frequently opposing answers – even among experts – leaving consumers grasping for a better understanding of what it means for them. This is a significant problem that creates some serious issues that need to be addressed as an industry. Perhaps a discussion about the current definitions and categorizations doesn’t t go far enough in addressing these issues, but there has to be starting point. It’s a beginning but not...Read More
The Trump Administration’s National Security Council want to scrap an Obama-era directive for approving government-sanctioned cyberattacks.
Presidential Policy Directive 20 (or PPD 20) was created to promote greater oversight on the government’s cyber activities, and requires executive approval on operations “of significant consequence.” It also installed a bureaucratic process of approval for smaller scale offensive actions that effectively added a layer of pause in actions that have...Read More
The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has released its first major revision to their standards and best practices for cybersecurity policy this month.
The update was compiled after a two-year research period and sought to address some of the newer and more prolific threats to cybersecurity since the...Read More
Cybercriminals are earning more than ever before, with an annual haul of $1.5 trillion according to a new study conducted by Dr. Michael McGuire, a senior lecturer in criminology at the University of Surrey.
The study revealed crimes of every description are being committed using new technology, ranging from drug deals and money laundering to human trafficking and even terrorism.
The Cambridge Analytica story, McGuire says, was “just the tip of the iceberg,” stating that there...Read More
It doesn’t matter how many times you tell employees not to share passwords. A new study suggests many people are still going to do it.
The 2018 Privileged Access Threat Report, recently published by Bomgar, a leader in identity and access management solutions for privileged users. The study is global, taking a look at employees, independent contractors, and third-party vendors, specifically at the way they handle security.
Brass tack: 50% of the organizations contacted for the...Read More
The New York Times reported this week on a hacking attempt at a petrochemical plant in Saudi Arabia last August that sought to physically sabotage the facilities and trigger an explosion. This represents a potentially alarming new trend in cyber attacks where the goal isn’t to steal information or gain control of a system, but rather to cause actual damage to people and property.
Utilizing hacking as a means of industrial sabotage isn’t necessarily new; the...Read More
Researchers at Ben-Gurion University of the Negev made a startling discovery that may change the way cybersecurity is handled in the future. One standard precaution to safeguard data is to store it on an air-gapped device. That’s IT-speak for a machine that is never connected to the Internet or any other machine or network that’s connected to it.
The same team at Ben-Gurion University has made it their business to...Read More