How Large Businesses Approach Cybersecurity Today
Over 90% of large US companies with 500+ employees have a cybersecurity policy in place to protect them from both real and anticipated threats. Clutch surveyed over 300 corporate IT decision-makers about what to include in a cybersecurity policy and found security software, data back-up and storage and scam detection are the most common areas…
Solar Panel Flaws Put Power Grids at Risk: Researcher
A researcher has identified many vulnerabilities in widely used solar power systems and he believes some of these flaws could allow hackers to cause large-scale outages, but the affected vendor says his claims are exaggerated. In a scenario he calls “Horus,” which stems from the name of the ancient Egyptian god, researcher Willem Westerhof describes…
Researchers Demo Physical Attack via Car Wash Hack
LAS VEGAS – BLACK HAT USA – Researchers have created proof-of-concept (PoC) exploits to demonstrate how hackers can cause physical damage to vehicles and injure their occupants by remotely hijacking a connected car wash. The attack was detailed in a presentation at the Black Hat security conference this week by WhiteScope founder Billy Rios, a…
Hacking the Wind
BLACK HAT USA – Las Vegas – Gaping security holes in wind energy control networks make them vulnerable to cyberattacks for extortion and physical destruction purposes, a researcher showed here today. Jason Staggs, a security researcher at the University of Tulsa, has spent the past couple of years crisscrossing the US and hacking away at…
7 Hardware & Firmware Hacks Highlighted at Black Hat 2017
When enterprises build their security models based on implied trust at the hardware and firmware level, they’re building them on a foundation of sand. Security researchers are going to repeatedly hammer that lesson home at Black Hat this week as they demonstrate a range of vulnerabilities, attack techniques and tools designed to get as close…
Forecasting the Future of Ransomware
There’s no question that ransomware is one of the most formidable threats to a business. With so much riding on digitized data, important applications and other systems, any interruption to access of these crucial assets can quickly spell disaster for an organization. Despite efforts on the part of enterprises to educate staff and enhance their…
Free Scanner Finds 50,000 EternalBlue-Vulnerable Systems
More than 50,000 computers vulnerable to the NSA-linked EternalBlue exploit were found by a free vulnerability scanner in recent weeks. Dubbed Eternal Blues, the tool was designed to provide network administrators with visibility into the EternalBlue-vulnerable machines in their networks, but without actually exploiting the flaw. In the wake of WannaCry, NotPetya, and other global infectionsleveraging the NSA-linked exploit, knowing whether…
Samsung Tizen Accused of Being Home to at Least 27,000 Findable Bugs
A purveyor of static code analysis wished to pitch his product to Samsung. What better way, he thought, than to run his product against the Samsung Tizen operating system, and demonstrate the results. The demonstration fell through, and the purveyor decided instead to publish his findings. The purveyor is Andrey Karpov, CTO at “Program Verification…
The 15 worst data security breaches of the 21st century
Some of the largest companies in the U.S. have been targets of hackers, including Yahoo, JP Morgan Chase and TJX. Watch as we detail the top 15 breaches and their overall impact on customers or employees.
Stepping Up Cybersecurity This Summer
It’s summertime, and everyone’s on vacation. What could possibly go wrong? For the security team, the answer is “plenty.” Summer brings a set of new challenges to security organizations including employees taking more time off, often with their corporate laptops. Our own security personnel are taking vacation time, too, which makes staffing the security operations…