Houston, Dallas/Ft. Worth & Austin: (832) 466-3236

Cyber Security News

 

Security Statistics IT Pros Need to Know

Cyberattacks are on the rise every year. Yet, many companies don’t have good enough security protocols in place. Learn how this could hurt you.

Security Threats Are Coming [Infographic]

Love cybersecurity, the Middle Ages, and Zombies? Then you’re gonna love this infographic. Read on to get a great overview of the most prominent cyberattacks.

How dangerous are the threat of kill chain attacks on IoT?

Smart home devices are pretty cool, but they are also a hacker’s dream.

Web-connected fridges and kettles will leave you wide open to hackers warns police chief

Smart home devices are pretty cool, but they are also a hacker’s dream.
By  | July 25, 2017 10:29 BST

Consumers are still unaware that modern home devices, including fridges, kettles and lightbulbs, leave them vulnerable to cybercrime, according to a leading UK police officer. Known as internet of things (IoT) products, experts say hackers can exploit them to infiltrate home networks.

Durham chief constable Mike Barton, who leads the National Police Chiefs Council on crime operations, believes that such products should now come with a cybersecurity rating alongside the more traditional energy evaluations at point-of-sale in shops and retailors.Hackers could turn your home security camera into a spy hole with ‘Devil’s Ivy’ security flawREAD MORE Why advertise with us

By , ITWeb | Johannesburg, 21 Jul 2017

US-based networking company Cisco has uncovered the rapid evolution of threats and the increasing magnitude of attacks and forecasts potential “destruction of service” (DeOS) attacks.

In its 2017 Mid-year Cyber security Report, Cisco says these DeOS attacks could eliminate organisations’ backups and safety nets required to restore systems and data after an attack.

Car hacking is easier than you think. Often people think of it as criminal or dangerous, but in fact, the DIY process can teach you a lot about car computer systems, allow you to make cool mods to your personal vehicle, and just be a hell of a lot of fun! Here’s all the info you need to know.

Five fundamentals of security in the internet of things era

By Ben Mann | Updated Wed, June 14th 2017 at 12:38 GMT +3

The sad truth is that many consumers now find themselves asking the same questions that security researchers asked many years ago: What do we trust, who can we trust, and why should we automatically trust anything, regardless how familiar or benign it looks?

With an estimated 6.4 billion devices already in circulation, we’re almost to the point where there’s an Internet of Things (IoT) device for every person on the planet. By 2020, devices will outnumber us by almost three-to-one. While we’re still working on securing desktops, laptops, servers, phones and tablets, we must start applying those same standards of trust to the smaller (and sometimes larger) devices that don’t seem as dangerous.

I run a small marketing firm, how much do I really need to worry about our cyber-security?

Myron Jobson, of This is Money, says: This is increasingly a really important consideration for business owners, whatever their size or market.

Indeed, the recent WannaCry ransomware attack that rocked the NHS and a plethora of businesses in 150 different countries underlined the importance for company chiefs to think seriously about fortifying their businesses against unscrupulous online bandits.

Cyberattack Forces West Virginia Hospital to Scrap Its Computer Systems

By Melanie Evans |  | Features | Dow Jones Newswires

Princeton Community Hospital in rural West Virginia will scrap and replace its entire computer network after being struck by the cyberattack paralyzing computers globally.

The cyberattack, known as Petya, froze the hospital’s electronic medical record system early Tuesday, leaving doctors unable to review patients’ medical history or transmit laboratory and pharmacy orders, said Rose Morgan, the hospital’s vice president of patient care services.

Officials were unable to restore services, and found there was no way to pay a ransom for the return of their system. So, after consulting with the Federal Bureau of Investigation and cybersecurity experts, officials made the decision to replace the system.

Why Cybersecurity’s Biggest Worries Still Stem From Old School Hacks

– Staff Writer 6/21/17 @8:55am in Tech

We see it in the news almost everyday — a retail company, hospital or even our government and voter systems got hacked. Their customers’ emails, phone numbers, addresses and credit card numbers are out there in the darkness awaiting a proper exploit. Everyone wants answers.

But, as we focus on the next threat and try to secure artificial intelligence, the Internet of Things and other nascent technologies, a panel of Austin’s top cybersecurity experts said the cybersecurity industry is still mostly grappling with old school phishing tricks and mind-bogglingly simple social engineering scams.

How to make your employees care about cybersecurity: 10 tips

People are the largest security vulnerability in any organization. Here’s some expert advice on how to make cybersecurity training more effective and protect your business.

By | June 19, 2017, 4:00 AM PST

Employees are a company’s greatest asset, but also its greatest security risk.

“If we look at security breaches over the last five to seven years, it’s pretty clear that people, whether it’s through accidental or intentional introduction of malware, represent the single most important point of failure in terms of security vulnerabilities,” said Eddie Schwartz, chair of ISACA‘s Cyber Security Advisory Council.

In the past, companies could train employees once a year on best practices for security, said Wesley Simpson, COO of (ISC)2. “Most organizations roll out an annual training and think it’s one and done,” Simpson said. “That’s not enough.”

Amazon’s new dirt-cheap gadget is a Trojan horse built to beat Google and invade your home

 | Jun. 18, 2017, 4:57 AM

Amazon, Google, and Apple are in the early stages of an epic war for your home — and a new $20 (£15) gadget may give Amazon a crucial upper hand.

One of the hottest areas in tech right now is the world of AI-powered virtual assistants. These voice-controlled bots can manage your schedule, tell you the news, play music, control your heating and lights, and order you food.

Originally available only in smartphones or smart speakers like the Amazon Echo and the Google Home, they’re now rapidly invading every device and home appliance they can get their hands on, from fridges to cars.

CIA has been hacking dozens of wifi routers for years, but seemingly not Apple ones

Young members will learn about data privacy, cyberbullying and how to protect themselves online.

The latest documents posted by WikiLeaks reveal that the CIA has been hacking wireless routers for years. One particular hack, known as CherryBlossom, allowed the agency to monitor all Internet activity of a target, and even redirect their browser to government-created phishing sites …  ZDNet spotted the reference. Although the document says that the hack was operational for 25 different models of routers from major manufacturers, it is likely that the real number was much higher.

Girl Scouts can start earning cybersecurity badges in fall 2018

Young members will learn about data privacy, cyberbullying and how to protect themselves online.

David Lumb, @OutOnALumb | 06.16.17 in Security

If your office in the future dodges a spearphishing attempt in the future, you might be thanking a Girl Scout. The organization partnered with Palo Alto Networks to release 18 new cybersecurity badges for members to earn over the next two years, with the first slated to come out in September 2018.

CYBERTHREAT REAL-TIME MAP

Based on data from Kaspersky Lab.

Five fundamentals of security in the internet of things era

By Ben Mann | Updated Wed, June 14th 2017 at 12:38 GMT +3

The sad truth is that many consumers now find themselves asking the same questions that security researchers asked many years ago: What do we trust, who can we trust, and why should we automatically trust anything, regardless how familiar or benign it looks?  With an estimated 6.4 billion devices already in circulation, we’re almost to the point where there’s an Internet of Things (IoT) device for every person on the planet. By 2020, devices will outnumber us by almost three-to-one. While we’re still working on securing desktops, laptops, servers, phones and tablets, we must start applying those same standards of trust to the smaller (and sometimes larger) devices that don’t seem as dangerous.

The “Internet of Things” is way more vulnerable than you think—and not just to hackers

WRITTEN BY Richard Clarke RP Eddy

Not far from San Francisco International Airport, San Bruno is a quaint middle-class residential suburb, yet underground in San Bruno was a gas pipeline controlled by SCADA software that used the Internet as its communications backbone. On Sept. 9, 2010, a short circuit caused the operations room to read a valve as open when it had actually closed, spiking the readings coming from pipeline pressure sensors in different parts of the system. Unbeknownst to the families returning home from ballet and soccer practice, technicians were frantically trying to isolate and fix the problem. At 6:11 pm, a corroded segment of pipe ruptured in a gas-fueled fireball. The resulting explosion ripped apart the neighborhood. Eight people died. Seventeen homes burned down. The utility, PG&E, was hit with a $1.6 billion fine.

‘First ever’ malware-as-a-service for Apple Macs discovered on dark web

 

‘MacRansom’ and ‘MacSpy’ being sold ‘as a service’ on the dark web, experts warn.

Two separate malware-as-a-service websites catering to cybercriminals lacking the expertise to create their own computer exploits have appeared on the dark web, claiming to offer “sophisticated” strains of ransomware and spyware which can easily infect Apple’s Mac computers.

Researchers from cybersecurity firms AlienVault and Fortinet were able to obtain samples of the malicious code by posing as potential buyers. The underground portals peddling the illicit services have been online since late-May this year, according to Bleeping Computer.

8 digital skills we must teach our children

The social and economic impact of technology is widespread and accelerating. The speed and volume of information have increased exponentially. Experts are predicting that 90% of the entire population will be connected to the internet within 10 years. With the internet of things, the digital and physical worlds will soon be merged. These changes herald exciting possibilities. But they also create uncertainty. And our kids are at the centre of this dynamic change.

Children are using digital technologies and media at increasingly younger ages and for longer periods of time. They spend an average of seven hours a day in front of screens – from televisions and computers, to mobile phones and various digital devices. This is more than the time children spend with their parents or in school. As such, it can have a significant impact on their health and well-being. What digital content they consume, who they meet online and how much time they spend onscreen – all these factors will greatly influence children’s overall development.

The leaked NSA report shows 2-factor authentication has a critical weakness: You

So you’ve created a strong password, kept an eye out for sketchy links, and enabled two-factor authentication — what could possibly go wrong?

Well, it turns out the answer is “you.”

As the leaked NSA report on Russian efforts to hack the computers of U.S. election officials before the 2016 presidential election demonstrates, we are all often our own biggest security weakness. The document, published by The Intercept, shows that hackers found a way around the protections offered by two-factor authentication that is striking in its simplicity: They asked the targets for their verification codes. “If the victim had previously enabled two-factor authentication (2FA),” explains a slide detailing the Russian attack, “the actor-controlled website would further prompt the victim to provide their phone number and their legitimate Google verification code that was sent to their phone.”

Why Is Cybersecurity So Hard?

After nearly 20 years of trying and billions of dollars in investment, why are organizations are still struggling with cybersecurity? In fact, the problem seems to be getting worse, not better. Answering this question requires moving beyond a purely technical examination of cybersecurity. It’s true that the technical challenges are very real; we don’t know how to write bug-free code, for example. But if you look at the challenge more broadly, even if we resolved the technical issues, cybersecurity would remain a hard problem for three reasons:

  • It’s not just a technical problem

  • The rules of cyberspace are different from the physical world’s

  • Cybersecurity law, policy, and practice are not yet fully developed

Microsoft’s Old Software Is Dangerous. Is There a Duty to Fix It?

Jeff John Roberts May 20, 2017

A global ransomware epidemic is winding down, but questions over the fallout are just beginning. Who’s to blame for the crisis that hijacked hundreds of thousands of computers? And can anyone stop such criminals, whose victims included hospitals and police, from striking again?

These aren’t easy questions, but one company, Microsoft, has more explaining to do than most. After all, it was flaws in Windows systems that allowed hackers to carry out the ransomware attacks, which also struck companies and governments. In some cases, like the U.K.’s National Health Service, the frozen computers put lives at risk.

The Best Cybersecurity Investment You Can Make Is Better Training

Anthony Hilton: Cost-cutting has opened the door to hackers

ANTHONY HILTON

It came as a shock to the world some years ago when it realised that the illegal international trade in drugs was organised very much on business lines with its own supply chain of growers, producers, finance, logistics, distribution and sales. There is something particularly unnerving in the thought of criminal activity on an industrial scale.

Now the world is struggling to come to terms with the fact that cybercrime is going the same way. According to consultants and security specialists with detailed knowledge of this shadowy world and the dark web through which some of it communicates, it divides into software specialists, distributors of that software, hackers, network specialists and financial experts capable of handling and laundering the ill-gotten gains.

The security measures big companies take to stop hackers are becoming pointless

That’s because many hackers are simply choosing to attack a company’s smaller vendors, who often have copies of the same data they are after, yet not the same security protections, reports the New York Times. This is how a hacker was able to obtain the upcoming season of Netflix’s Orange Is the New Black. It targets the systems of not Netflix, but one of the many postproduction companies Netflix uses to work on the series. That postproduction company didn’t have the same cyber security defenses as Netflix, so it was easier to penetrate. As a result, some security companies are considering providing cyber security software for free to all of the vendors a larger paying client uses. – 

Old Windows Server machines can still fend off hacks. Here’s how

Many businesses still use Windows Server 2003, even as Microsoft no longer supports the OS

By  U.S. Correspondent, IDG News Service | APR 25, 2017 4:11 PM PT

If you’re running a Windows Server 2003 machine, you have a problem. Your already-vulnerable computer is now at severe risk of being hacked.

That’s due to the internet release earlier this month of a batch of updates that paint a bulls-eye on computers running Windows Server 2003, according to security researchers.

“I can teach my mom how to use some of these exploits,” said Jake Williams, founder of Rendition Infosec, a security provider. “They are not very complicated at all.”

Measure Aims to Help Small Businesses Build Cyberdefenses

Eric Chabrow (GovInfoSecurity) • April 5, 2017


Senate Commerce Panel OK’s Bill Directing NIST to Create Guidance Tailored to Small Businesses.

Legislation aimed to provide a set of tools, best practices and guidance to help small businesses protect their digital assets is heading to the U.S. Senate.

The Senate Commerce, Science and Transportation Committee on April 5 approved the Main Street Cybersecurity Act, short for Making Available Information Now to Strengthen Trust and Resilience and Enhance Enterprise Technology Cybersecurity Act.

“This legislation will help small businesses get the information they need to protect themselves and their customers from cyberattacks,” Committee Chairman John Thune, R-S.D., said at the panel’s markup session on the bill.

How to transition from consumer to small-business computer security

 – 

How is the average small business like a cybersecurity home consumer? They’re similar not only in the kinds of threats they face, but also in the resources and tools they need to defend themselves.

When my co-founder, Nipul Patel, and I started Townsquared in the summer of 2013 to better connect local small businesses to one another, our bank, Wells Fargo, insisted that we use a hardware dongle called an RSA key to prove our identities every time we wanted to wire cash to our contractors.

The unique six-digit code the key generated—a security technique called two-factor authentication—verified that I was exactly who I said I was. I must confess that before we went down the startup road and opened our first corporate accounts, I never would have considered using the key…

There’s no such thing as a free lunch: Why business needs to understand cloud threats

The issue affects smartphones from a number of big-name brands, including Samsung, LG and Google

Businesses across the country have bought into the extraordinary benefits of cloud computing. Senior executives have become passionate advocates, attracted by the promise of greater agility, cost savings and convenience. It is no surprise that global spending on public cloud services will reach $141bn by 2019. But business leaders are less well informed when it comes to the risks the cloud can introduce to enterprise environments…

Android malware: 38 new phones and tablets found to be pre-installed with virus before being sold

The issue affects smartphones from a number of big-name brands, including Samsung, LG and Google

Aatif Sulleyman – The Independent

Over 30 different Android smartphones and tablets have been found to have had malware preinstalled on them before users even switched them on, according to a cyber security firm.

Check Point detected a “severe infection” on 38 handsets being used by two of its corporate clients, a telecommunications firm and a multinational technology company that have not been named…

Detecting a Cyberattack with the Microsoft Operations Management Suite


This 30 minute video demonstrates how cyberattacks occur and how the Microsoft Operations Management Suite Security Solution and Advanced Threat Analytics can be used to both detect and respond to these attacks.  This is a 300-400 level technical drilldown where real attacks are executed using real penetration testing (“hacking”) tools to access systems which are monitored by OMS and ATA.  The demo then shows how the attack would have been detected by OMS and ATA.  If you’ve ever wondered if the Microsoft Intelligent Security Graph and our advanced detection tools built on machine learning actually work, this video will show you they do!

How to practice cybersecurity (and why it’s different from IT security)

Cybersecurity isn’t about one threat or one firewall issue on one computer. It’s about zooming out and getting a bigger perspective on what’s going on in an IT environment.

Lior Div, Network World

Keeping companies safe from attackers is no longer just a technical issue of having the right defensive technologies in place. To me, this is practicing IT security, which is still needed but doesn’t address what happens after the attackers infiltrate your organization (and they will, despite your best efforts to keep them out).

I’m trying to draw attention to this topic to get security teams, businesses executives and corporate boards to realize that IT security will not help them once attackers infiltrate a target. Once this happens, cybersecurity is required…

5 shocking new threats to your personal data

I don’t mean to alarm you, but these trends make panic sound like a good idea.

Mike Elgan

I’m not paranoid. Tinfoil hats aren’t my scene.

But watch out! In just the past month, the internet and smartphones have come up with five new and surprising ways to steal or expose our personal data.

Of course, these new concerns can now be added to all the old ones. Companies like Google and Facebook still track you and harvest personal data. Hackers still want to steal your data. And the National Security Agency is still out there doing its thing…

WikiLeaks releases new CIA documents describing Mac exploits


Cyber security readiness study finds widespread shortcomings

Hiscox Ltd

A study of 3,000 companies in the UK, US and Germany, conducted for specialist insurer Hiscox, reveals that more than half (53%) of businesses in the three countries are ill-prepared to deal with cyber-attacks. The Hiscox Cyber Readiness Report 2017 assessed firms according to their readiness in four key areas – strategy, resourcing, technology and process – and ranked them accordingly. While most companies scored well for technology, fewer than a third (30%) qualified as ‘expert’ in their overall cyber readiness…

Hackers Are Targeting Schools in a Wave of Tax Info Phishing Attacks

It looks like hackers may be targeting more schools than last year for valuable tax info.

JOSEPH COX – MOTHERBOARD

Hackers will target anyone and anything, be that hospitals, the police, or other hackers. Even though the year is just getting started, schools have already faced a wave of phishing attacks designed to steal sensitive employee tax information, according to a consultancy focused on education and technology…

Study finds 100% of IE and Edge vulnerabilities can be neutered by not running as Admin

by Surur 

Edge is already a pretty safe browser, but all software has flaws and vulnerabilities, meaning to be truly safe on the internet it would be a good idea to wear both belt and braces.

Security experts have long recommended that Windows users should use a non-admin account for their day-to-day computing, and now security company Avecto has released a study which shows that 100% of Edge vulnerabilities in 2016 could have been mitigated by running as a non-admin user…

Consumer Reports to consider cyber security in product reviews

REUTERS

Consumer Reports, an influential U.S. non-profit group that conducts extensive reviews of cars, kitchen appliances and other goods, is gearing up to start considering cyber security and privacy safeguards when scoring products.

The group, which issues scores that rank products it reviews, said on Monday it had collaborated with several outside organizations to develop methodologies for studying how easily a product can be hacked…

CONTACT

Free your time and start focusing

on your business now!

We’ll take care of the rest.

New to site? Create an Account


Login

Lost password?
(close)

Already have an account? Login


Signup

(close)