Logical Security
Logical Security RSS Feed RSS

energy critical infrastructure

Upcoming guidance from DHS S&T will improve critical infrastructure resilience

December 3, 2020

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) will be releasing a document that provides a roadmap to threat mitigation of Position, Navigation, and Timing (PNT) services, a national critical function powering many of the critical infrastructure sectors that enable modern society. The conformance framework was developed with input from industry stakeholders and will help critical infrastructure owners and operators make risk-informed decisions when deciding what PNT equipment to deploy. It provides distinct levels of resilience so end users can choose equipment that’s appropriate for their needs, based on criticality and risk tolerance.


Read More
Hacktivist

CISA warns APT groups targeting US think tanks

Maria Henriquez
December 3, 2020
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have observed persistent continued cyber intrusions by advanced persistent threat (APT) actors targeting U.S. think tanks. This malicious activity is often, but not exclusively, directed at individuals and organizations that focus on international affairs or national security policy. The following guidance may assist U.S. think tanks in developing network defense procedures to prevent or rapidly detect these attacks.
Read More
Cyber Incident Recovery

Turla Crutch attacks Ministry of Foreign Affairs in an EU country, misuses Dropbox in cyber-espionage

December 2, 2020
ESET researchers discovered a previously undocumented backdoor and document stealer used for cyber-espionage. ESET has been able to attribute the program, dubbed Crutch by its developers, to the infamous Turla APT group. It was in use from 2015 until at least early 2020. ESET has seen Crutch on the network of a Ministry of Foreign Affairs in a country of the European Union, suggesting that this malware family is only used against very specific targets. These tools were designed to exfiltrate sensitive documents and other files to Dropbox accounts controlled by Turla operators.
Read More
5 mins with

5 minutes with David Bodnick - Is the California Privacy Rights Act (CPRA) effective?

Maria Henriquez
December 2, 2020

On November 4, 2020, the YES on Prop 24 campaign announced the passage of the California Privacy Rights Act (CPRA), with a majority of Californians supporting the measure to strengthen consumer privacy rights. The new law aims to give Californians the strongest online privacy rights in the world. But, does the CPRA do enough to advance the data privacy of California consumers? Many security and privacy leaders argue that it does not. To find out more, we talk to David Bodnick, Chief Technology Officer and co-founder of Startpage, a private search engine. 


Read More
BEC email laptop

FBI warns of BEC scammers using email forwarding

Maria Henriquez
December 2, 2020
The U.S. Federal Bureau of Investigation (FBI) issued a Private Industry Notification alert, noting that cybercriminals are increasingly implementing auto-forwarding rules on victims' web-based email clients to conceal their activities. According to the FBI, cybercriminals then capitalize on this reduced visibility to increase the likelihood of a successful business email compromise (BEC).
Read More
online shopping

14% rise in suspected 2020 holiday weekend e-commerce fraud

December 2, 2020
TransUnion released new findings around online retail trends during the start of the 2020 global holiday shopping season. The research shows a 1% decrease in suspected online retail fraud worldwide during the start of the 2020 holiday shopping season compared to the same period in 2019, a 59% increase from the same period in 2018 and a 14% increase from all of 2020 so far. The findings are based on the same-store sales analysis of TransUnion’s e-commerce customers during the traditional start of the global holiday shopping season, Thanksgiving to Cyber Monday.
Read More
NSAcyber

NSA announces winner of 8th Annual Best Scientific Cybersecurity Research Paper Competition

December 1, 2020

The National Security Agency’s Research Directorate has announced it has selected “Spectre Attacks: Exploiting Speculative Execution” as the winner of its 8th Annual Best Cybersecurity Research Paper competition. Originally published at the 2019 IEEE Security & Privacy Symposium, the winning paper, in combination with Meltdown, another award-winning paper released earlier by the same researchers, launched a global effort to mitigate critical vulnerabilities in processors. 


Read More
data-enews

Analyzing the draft standard contractual clauses

Once finalized, US entities can use the new Standard Contractual Clauses to legally transfer data out of the EEA when combined with appropriate supplementary measures.
david stauss
David M. Stauss
December 1, 2020
As discussed in our prior post, on November 12, 2020, the European Commission published a draft implementing decision on standard contractual clauses (SCCs) for the transfer of personal data to third countries and draft standard contractual clauses. Once finalized, the SCCs will replace the existing SCCs for data transfers out of the EEA.
Read More
5 mins with

5 minutes with Matt Voska - The importance of in-office security guards

Maria Henriquez
November 30, 2020

Ensuring the safety of workers is the top priority for human resources (HR), whether that’s adhering to proper social distancing measures or following emergency response protocols. In today's divisive environment, how can HR departments leverage in-office security guards to keep employees safe? Here, we talk to Matt Voska about the importance of in-office security guards and why security management technology is critical in helping HR leaders ensure workforce safety. 


Read More

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!