July 2017 - Page 3 of 5 - Cyber Security Minute

UK Spy Agency Warns of State-sponsored Hackers Targeting Critical Infrastructure

Issued by: Security Week

The U.K. Government Communications Headquarters (GCHQ), Britain’s secret eavesdropping agency, warns that ‘a number of [UK] Industrial Control System engineering and services organisations are likely to have been compromised’ following the discovery of ‘connections from multiple UK IP addresses to infrastructure associated with advanced state-sponsored hostile threat actors.’ The warning comes from a National Cyber Security Centre…

Software Security

Hacker allegedly stole $7.4 million worth of Ether in 3 minutes

Issued by: CSO

While there is a general consensus that the Knightscope security robot in Washington, D.C., committed suicide on Monday, the same everyone-agrees-opinion is not true for the $7.4 million heist of the cryptocurrency Ether that happened on the same day. CoinDash maintains that a hacker made off with the Ether, which comes from the app platform ethereum, during its…

Application Security

Google Inviting 2-Step Verification SMS Users to Google Prompt

Issued by: Security Week

Google this week will start inviting 2-Step Verification (2-SV) SMS users to try Google Prompt, its year-old method of approving sign-in requests on smartphones. Launched in June 2016, Google prompt allows users to approve sign-in requests via 2-SV by simply tapping “Yes” on a prompt. Available for both Android and iOS users, Google prompt received…

Malware & Threats

FBI Issues Warning on IoT Toy Security

Issued by: Dark Reading

IoT toys are more than fun and games and can potentially lead to a violation of children’s privacy and safety, the Federal Bureau of Investigation warned Monday. Internet-connected toys carry the potential of violating children’s privacy and safety, given the amount of information the toys can collect and store, the Federal Bureau of Investigation warned…

Malware & Threats

Elon Musk’s top cybersecurity concern: Preventing a fleet-wide hack of Teslas

Issued by: CSO

“AI is a fundamental, existential risk for human civilization,” Tesla and Space X CEO Elon Musk said at the National Governors Association summer meeting. He doesn’t think people “fully appreciate that.” AI and a possible robot apocalypse is just one topic covered by Musk, and we’ll get back to that; but since a Tesla is…

Vulnerabilities

Free Scanner Finds 50,000 EternalBlue-Vulnerable Systems

Issued by: Security Week

More than 50,000 computers vulnerable to the NSA-linked EternalBlue exploit were found by a free vulnerability scanner in recent weeks. Dubbed Eternal Blues, the tool was designed to provide network administrators with visibility into the EternalBlue-vulnerable machines in their networks, but without actually exploiting the flaw. In the wake of WannaCry, NotPetya, and other global infectionsleveraging the NSA-linked exploit, knowing whether…

Vulnerabilities

Samsung Tizen Accused of Being Home to at Least 27,000 Findable Bugs

Issued by: Security Week

A purveyor of static code analysis wished to pitch his product to Samsung. What better way, he thought, than to run his product against the Samsung Tizen operating system, and demonstrate the results. The demonstration fell through, and the purveyor decided instead to publish his findings. The purveyor is Andrey Karpov, CTO at “Program Verification…

Network Security

The 15 worst data security breaches of the 21st century

Issued by: CIO Security

Some of the largest companies in the U.S. have been targets of hackers, including Yahoo, JP Morgan Chase and TJX. Watch as we detail the top 15 breaches and their overall impact on customers or employees.

Application Security

Apple Builds Data Center in China, Promises No Backdoors

Issued by: Security Week

Apple on Wednesday announced the establishment of its first China-based data center in an effort to improve its services in the region and comply with recently implemented regulations, but the tech giant has promised not to build any backdoors into its systems. The new data center is located in China’s Guizhou province, which Apple selected…

Malware & Threats

How Active Intrusion Detection Can Seek and Block Attacks

Issued by: Dark Reading

Researchers at Black Hat USA will demonstrate how active intrusion detection strategies can help administrators detect hackers who are overly reliant on popular attack tools and techniques. Penetration testers as well as bad-guy hackers typically rely on several common attack tools to break into business networks. Enterprises defending their networks can flip the equation on…