How cybersecurity accelerates business growth
It’s no secret that the cybersecurity industry has grown exponentially over more than a decade due to the proliferation of high-profile cybercrime. Viewing cybersecurity as simply a necessary step to mitigate cyber risk leaves much opportunity on the table. Organizational leaders need to see cybersecurity as a business enabler that can accelerate growth. Companies that…
Massachusetts Governor Announces New Cybersecurity Program
The Republican governor addressed the third annual Massachusetts Cybersecurity Forum Thursday at the Statehouse. Baker and the Massachusetts Technology Collaborative convened the event to bring about 200 cybersecurity experts together. The new program is backed by $300,000 managed by the collaborative’s MassCyberCenter. It will pay for statewide workshops to provide municipalities tools to develop or…
Older Amazon Devices Subject to Old Wi-Fi Vulnerability
Som old Amazon devices contain an even older Wi-Fi vulnerability that can be exploited in man-in-the-middle attacks. The vuln – KRACK, or Key Reinstallation Attack – is a flaw in the four-way WPA2 handshake that begins the protected transaction. The vulnerability leaves the wireless traffic encrypted, but routed through a malicious middle actor that decrypts…
Executives are not actively engaged in ensuring the effectiveness of cybersecurity strategy
There’s a clear lack of accountability, especially on the board and among C-suite executives, and a lack of confidence in determining the efficacy of security technologies. AttackIQ and Ponemon Institute surveyed 577 IT and IT security practitioners in the United States who are knowledgeable about their organizations’ IT security strategy, tactics, and technology investments. “Enterprise…
Cryptojacking worm infects exposed Docker deployments
Attackers are exploiting Docker Engine deployments that are exposed to the internet without authentication to deploy and run cryptojacking malware on servers. A new cryptojacking botnet with self-spreading capabilities has infected over 2,000 such Docker deployments so far. “There have been incidents of cryptojacking malware spreading as a worm, but this is the first time…
IoT Attacks Up Significantly in First Half of 2019
Malicious actors aren’t tiring of the Internet of Things (IoT), with cyberattacks on network-connected smart devices and process controllers rapidly increasing in number. One network of honeypots, put in place by Kaspersky, saw 105 million attacks on IoT devices coming from 276,000 unique IP addresses in the first six months of 2019, compared with just…
5 Steps to Protect Against Ransomware Attacks
Because of a few key elements, ransomware is a growing threat for all Internet-connected enterprises. First, the barrier to entry in terms of cost is very low for adversaries because ransomware is inexpensive to purchase on the Dark Web. Second, ransomware is often distributed via email, which is also inexpensive (if not free) and can…
AI development has major security, privacy and ethical blind spots
Security, privacy and ethics are low-priority issues for developers when modeling their machine learning solutions, according to O’Reilly. Major issues Security is the most serious blind spot. Nearly three-quarters (73 per cent) of respondents indicated they don’t check for security vulnerabilities during model building. More than half (59 per cent) of organizations also don’t consider…
“Smart city” governments should also be smart about security
While the definition of “smart city” is still under debate, one thing is indisputable: the technologies used to make smart cities a reality are currently acquired and deployed after very little (or even no) security testing. Cesar Cerrudo, CTO at IOActive and board member of the Securing Smart Cities initiative, says that city governments –…
Cybercrime is maturing, shifting its focus to larger and more profitable targets
Cybercrime is continuing to mature and becoming more and more bold, shifting its focus to larger and more profitable targets as well as new technologies. Data is the key element in cybercrime, both from a crime and an investigate perspective. These key threats demonstrate the complexity of countering cybercrime and highlight that criminals only innovate…