Cyber Security Minute

Announcement Center

Data loss prevention strategies for long-term remote teams

February 5, 2021 9:07 am

Advertisement Before the recent pandemic, many executives began appreciating the risks and opportunities associated with cybersecurity. A 2019 survey on cybersecurity priorities from Optiv Security found that 96% of CISOs are taking “a more strategic approach to cybersecurity,” and many were even willing to slow business development to account for cybersecurity-related risks. This was great...

The state of the dark web: Insights from the underground

January 21, 2021 10:56 am

Advertisement Lately, dark web actors have one more worry: getting caught by law enforcement. Tracking dark web illegal activities has been a cat-and-mouse game for authorities, but in the end, they often catch their adversaries and seize the dodgy money. On the night of the 2020 presidential election, for example, US government officials managed to...

The future history of medical device cybersecurity

January 13, 2021 8:12 am

Advertisement In 1555, Nostradamus published his famous Les Prophéties containing obfuscated prophecies for the world to come. Some believe that one of these predictions pertains to the year 2020 and it reads, in part: “The false trumpet concealing madness / will cause Byzantium to change its laws.” Yeah… I have no idea what that means...

Firefox 90 Drops Support for FTP Protocol

Issued by: Security Week

Built on a client-server model architecture and in use for roughly five decades, FTP allows for the easy transfer of files and folders between computers. However, because data is transmitted unencrypted, the protocol has long been considered insecure. Secure variants do exist, including one that...

Judge: Ex-CIA Worker Can Represent Himself in Espionage Case

Issued by: Security Week

U.S. District Judge Paul A. Crotty said in a written order that Joshua Schulte had shown that he was sure he wanted to act as his own lawyer. Schulte, 32, faces an October trial on charges that he leaked CIA secrets to WikiLeaks, which published...

Threat Actors Target Kubernetes Clusters via Argo Workflows

Issued by: Security Week

The Intezer team identified a series of unprotected instances operated by organizations in technology, finance, and logistics sectors, which allowed anyone to deploy workflows. In some cases, the nodes have been targeted by malicious actors to deploy crypto-miners. An open-source, container-native workflow engine that runs...

House Passes Several Critical Infrastructure Cybersecurity Bills

Issued by: Security Week

One of the bills focusing on critical infrastructure is the Cybersecurity Vulnerability Remediation Act, which aims to authorize the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) to assist owners and operators of critical infrastructure with mitigation strategies against serious vulnerabilities. The bill covers vulnerabilities in...

Atlassian Patches Critical Vulnerability in Jira Data Center Products

Issued by: Security Week

According to Atlassian, security researcher Harrison Neal discovered that Jira Data Center — including Software Data Center and Core Data Center — and Jira Service Management Data Center software development products are affected by a critical flaw related to missing authentication for the Ehcache RMI...

Bug Bounty and VDP Platform YesWeHack Raises $18.8 Million

Issued by: Security Week

European bug bounty and vulnerability disclosure policy platform YesWeHack this week announced the closing of a €16 million ($18.8 million) round of venture capital financing. The Series B funding round included investments from Banque des Territoires and Eiffel Investment Group, as well as existing investors...

Cyber Security Minute

Judge: Ex-CIA Worker Can Represent Himself in Espionage Case

Ransomware Attack on UK Rail System – Spray and Pray or Targeted?

Details Emerge on Iranian Railroad Cyberattack

Mitsubishi Electric Patches Vulnerabilities in Air Conditioning Systems

Announcement Center