The Role of America's New Unified Cyber Warfare Command

Wed, 23 Aug 2017 16:05:04 +0000

U.S. President Donald Trump on Aug. 18 announced the elevation of the U.S. Cyber Command (USCYBERCOM/CyberCom) to a Unified Combatant Command. This brings American offensive and defensive cyber operations out of the implicit overview of the NSA and puts it on an equal footing -- with major implications for the U.S. read more

DMARC Adoption Low in Fortune 500, FTSE 100 Companies

Wed, 23 Aug 2017 15:23:14 +0000

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing and other email-based attacks, according to email security firm Agari. read more

What Does Your Machine Actually Learn?

Wed, 23 Aug 2017 15:02:40 +0000

Machine Learning, or Artificial Intelligence as it is sadly erroneously being marketed as, is all the rage right now. We are being promised a brand new emerging world where digital minions jump at our every whim to fulfil our dreams and wishes. It even promises to do away with pesky employees and their meat body demands and expectations. read more

Russia-Linked Hackers Leak Football Doping Files

Wed, 23 Aug 2017 12:55:28 +0000

A group of hackers believed to be operating out of Russia has leaked emails and medical records related to football (soccer) players who used illegal substances. read more

Automated Logic Patches Flaws in Building Automation System

Wed, 23 Aug 2017 11:10:55 +0000

Kennesaw, Georgia-based building automation systems provider Automated Logic has released updates for its WebCTRL product to address several vulnerabilities, including one rated high severity. read more

Marketing Security Solutions: Is There a Better Way?

Wed, 23 Aug 2017 10:57:06 +0000

In my previous piece, I discussed the difficulty vendors sometimes have in understanding what security buyers are really looking for.  As I mentioned in that piece, this confusion is further compounded by the large volume of vendors and distinct markets that exist within the information security profession. read more

U.S. Warship Collisions Raise Cyberattack Fears

Wed, 23 Aug 2017 08:16:41 +0000

A spate of incidents involving US warships in Asia, including a deadly collision this week off Singapore, has forced the navy to consider whether cyberattackers might be to blame. read more

Researchers Demo Remote Hacking of Industrial Cobots

Tue, 22 Aug 2017 20:03:52 +0000

Researchers at security firm IOActive have shown how a remote attacker can hack an industrial collaborative robot, or cobot, and modify its safety settings, which could result in physical harm to nearby human operators. read more

DDoS Threat Increases While Mirai Becomes 'Pay-for-Play'

Tue, 22 Aug 2017 17:52:09 +0000

The DDoS threat is increasing again. Pbot can generate 75 Gbps from just 400 nodes and Mirai has been commoditized. However, despite the growing number of attacks, the overall trend seems to be for more frequent, smaller attacks. These are the primary takeaways from a new Q2 study into internet traffic. read more

Demystifying Machine Learning: Turning the Buzzword Into Benefits for Endpoint Security

Tue, 22 Aug 2017 14:56:32 +0000

Machine learning has become the most popular new theme in security. Seemingly every vendor is adopting this capability in an attempt to either keep up or to make their product stand out in a crowded market. This creates confusion, because the term itself is often misunderstood, and the implications of its use are varied. Not only does “machine learning” mean different things to different people, different vendors also apply machine learning in different ways. read more

Neptune Exploit Kit Used to Deliver Monero Miner

Tue, 22 Aug 2017 14:23:25 +0000

Cybercriminals have been using the Neptune exploit kit to deliver cryptocurrency miners via malvertising campaigns, FireEye reported on Tuesday. read more

Several Flaws Patched in Fuze Communications Platform

Tue, 22 Aug 2017 12:54:00 +0000

Fuze has patched several vulnerabilities discovered by Rapid7 researchers in a component of its cloud-based unified communications platform. The flaws could have been exploited to obtain sensitive data and launch brute-force attacks on the administration interface. read more

How to Make Friends and Influence People (in InfoSec)

Tue, 22 Aug 2017 10:25:19 +0000

After a particularly strange exchange with a new connection on LinkedIn I felt the need to write a post on my profile calling out bad behavior. I clearly struck a nerve, as I received several notes asking me how someone should make a connection request, and subsequent invitations to connect. read more

New Security, Compliance Features Added to Cisco Spark

Tue, 22 Aug 2017 08:24:31 +0000

Cisco announced on Monday that it has added some important security, compliance and analytics features to its Spark collaboration platform. read more