cyber security Archives - Page 10 of 22

Free Scanner Finds 50,000 EternalBlue-Vulnerable Systems

Issued by: Security Week

More than 50,000 computers vulnerable to the NSA-linked EternalBlue exploit were found by a free vulnerability scanner in recent weeks. Dubbed Eternal Blues, the tool was designed to provide network administrators with visibility into the EternalBlue-vulnerable machines in their networks, but without actually exploiting the flaw. In the wake of WannaCry, NotPetya, and other global infectionsleveraging the NSA-linked exploit, knowing whether…

Malware & Threats

How Active Intrusion Detection Can Seek and Block Attacks

Issued by: Dark Reading

Researchers at Black Hat USA will demonstrate how active intrusion detection strategies can help administrators detect hackers who are overly reliant on popular attack tools and techniques. Penetration testers as well as bad-guy hackers typically rely on several common attack tools to break into business networks. Enterprises defending their networks can flip the equation on…

Network Security

Stepping Up Cybersecurity This Summer

Issued by: Security Week

It’s summertime, and everyone’s on vacation. What could possibly go wrong? For the security team, the answer is “plenty.” Summer brings a set of new challenges to security organizations including employees taking more time off, often with their corporate laptops. Our own security personnel are taking vacation time, too, which makes staffing the security operations…

Network Security

Kaspersky Lab denies leaked emails prove it has been working with Russia’s FSB

Issued by: CSO

While the Trump administration is deciding whether to remove Kaspersky Lab from the General Services Administration’s list of vendors whose products government agencies are allowed to use, Bloomberg Businessweek declared Kaspersky Lab “has been working with Russian intelligence.” The news report alleges that the relationship between Kaspersky Lab and the Kremlin is closer than the cybersecurity firm…

Vulnerabilities

Guide to the top college and university cyber security degree programs

Issued by: CSO

The shortage of cyber security professionals is well documented, and this lack of expertise can keep organizations from bolstering their security programs. CISOs and CSOs should be heartened by the fact that more colleges and universities are offering academic programs and degrees in cyber security specialties. They are also doing their best to place young…

Vulnerabilities

Medical devices at risk: 5 capabilities that invite danger

Issued by: CSO

Medical device cybersecurity is lousy — beyond lousy. Indeed, the word from security experts for most of the past decade (and certainly since those devices increasingly have become connected to the internet) has been that while the physical security of most is superb and the devices function flawlessly, possibly for years at a time, when…

Application Security

Hacking Factory Robot Arms for Sabotage, Fun & Profit

Issued by: Dark Reading

Black Hat talk will discuss how hackers could take over robotic arms, create micro-defects in products, and open up a new world of subtle blackmail. Security researchers have been accumulating a trove of breakthrough discoveries on Industrial Internet of Things (IIoT) vulnerabilities and releasing them at the Black Hat Briefings over the last few years…

Network Security

Week in review: Evaluating AI-based cyber security systems, how CIA hit air-gapped computers

Issued by: Help Net Security

Here’s an overview of some of last week’s most interesting news and articles: How the CIA gained access to air-gapped computers A new WikiLeaks release of documents believed to have been stolen from the CIA show the intelligence agency’s capability to infect air-gapped computers and networks via booby-trapped USB sticks. Hackers extorted a cool $1…

Network Security

Configuration Error Embarrasses UK’s Cyber Essentials

Issued by: Security Week

The UK government’s Cyber Essentials scheme has suffered an embarrassing incident; but one that can hardly be called a breach and certainly not a cyber-attack. A configuration error in the underlying software platform exposed the email addresses of consultancies registered with the scheme — nothing more. Cyber Essentials is a UK government-backed certification scheme designed…