We talk to David “moose” Wolpoff, Chief Technology Officer (CTO) and co-founder of Randori, about Black Hats’ processes for finding and exploiting weaknesses in software.
As businesses and schools seek to bring people back to brick and mortar establishments, it’s going to be important to make customers, students and teachers feel comfortable, in addition to simply following guidelines. Customers are going to have to feel that it’s worth going out, versus shopping on-line. For retailers, that comfort might in part be derived from visible occupancy monitoring efforts and automated voice-down messages when people aren’t wearing masks or keeping their distance.
In late February 2020, news broke in the United States that the once faraway threat of a “novel coronavirus” had spread to U.S. soil. As COVID-19 case numbers in major cities grew, stay-at-home orders were put in place, businesses closed, restaurants shifted to take-out only, and retailers adopted curbside service. All of this took place to slow the spread of COVID-19. Meanwhile, however, hospitals remained open — accepting new patients at the direction of the U.S. Center for Disease Control and Prevention (CDC) and working diligently to adhere to new safety guidelines. During virus, or any pandemic outbreaks, we are acutely reminded of our essential frontline healthcare workers, the critical need to enhance their overall safety, security, and to be as efficient as possible when communicating vital information.
Integrated into one of the most complex industries, blockchain technology can help legislation catch up with the exciting developments in cannabis medicine. At the same time, implementing blockchain in pharmacies can help provide patients with a wider variety of treatment options. In a fast-paced industry, where innovation drives growth, blockchain is the next step in encouraging access and security for cannabinoid-based medicine.
The coronavirus pandemic has triggered an unprecedented chain reaction of border closures around the world. This truly is an extraordinary situation, and many countries have also grappled with lack of information, resources and coordination between relevant agents and authorities. These operational issues have raised questions globally about whether border controls are effective in containing such outbreaks, how prepared border agencies were for the emergency and what this will mean for border management in a post-pandemic world.
I was chatting with a chief information security officer (CISO) recently, and we started talking about motivation and the role of love and hate in driving ourselves towards our goals. In cybersecurity, we tend to think about external opponents, most notably white hats vs. black hats, but rarely discuss the internal factors that guide our day-to-day decisions. Humans are dynamic beings that aren’t driven solely by love or hate (despite what the chatter on social media may have you believe). We do, however, have predilections based on our personalities and environment. How we choose to deal with those influences shapes who we become. A good strategy is a combination of love and hate where organizations work towards a grand vision of their future while eliminating things they hate one after the other.
In 2019, Business Email Compromise (BEC) attacks – a long-standing cybersecurity threat – accounted for $1.7 billion in losses, with cybercriminals using new tactics and techniques to carry out existing attacks. As cybercrime spikes in the wake of COVID-19, BEC’s toll is expected to rise this year. The Federal Bureau of Investigation (FBI) recently issued a warning to businesses on the growing threat of BEC attacks using the pandemic as a backdrop for unusual requests like payments to a “new” vendor or a change of account information.
Application programming interfaces (APIs) make everything a bit easier - from data sharing to system connectivity to delivery of critical features and functionality - but they also make it much easier for the bad actors (and the bad bots they deploy). Here are the top 5 API vulnerabilities that get exploited by hackers, including some tips to help close those gaps.
Why do organizations find it challenging to respond to social engineering incidents and how they can better defend against them? We talk to Daniel Wood, CISSP, GPEN, Associate Vice President of Consulting at Bishop Fox, to find out.
While the burgeoning world of IoT has transformed the ways in which we live and work, the world of IoT has also caught the attention of cybercriminals. As IoT devices become increasingly more advanced, hackers have simultaneously become more sophisticated in their attacks, often targeting pre-existing security loopholes to gain access to company systems.