The Internet of Things (IoT) is transforming our homes, businesses and public spaces – mostly for the better – but without proper precautions IoT devices can be an attractive target for malicious actors and cyberattacks. Security threats involving IoT devices often stem from the fact that many IoT devices usually have single-purpose designs and may lack broader capabilities to defend themselves in a hostile environment. For example, a door bell, a toaster or a washing machine frequently do not contain as much storage, memory and processing capability as a typical laptop computer.
In June, Apple announced iOS 14 updates that, among other changes, would require apps to ask users for permission to collect and share data with developers. As a result, Facebook has just announced it would no longer collect the identifier for advertisers (IDFA) on their own apps on iPhones.
Risk Based Security's Q1 2020 Vulnerability report, for the first time in years, saw a decline in the quantity of vulnerabilities being reported. However, the latest trends indicate we may be back on track to see the same amount of vulnerabilities, or even more, than last year. Why might this be the case? One possible reason: the Vulnerability Fujiwhara Effect.
A developer error caused the leak of 150,000 to 200,000 patient health records stored in productivity apps from Microsoft and Google that were recently found on GitHub.
The Center for Internet Security, Inc. (CIS®) released its Community Defense Model (CDM). The model shows that the CIS Controls® (Controls) – a prioritized and prescriptive set of safeguards that mitigate the most common cyberattacks against systems and networks – mitigate approximately 83 percent of all attack techniques found in the MITRE ATT&CK Framework.
Miami Dade College has launched its new, state-of-the-art Cybersecurity Center of the Americas, a facility designed to mimic what a Security Operations Center (SOC) looks and feels like.
New Digital Shadows research provides a breakdown of the traffic data behind the top cybercriminal forums and how they square up against each other. The research was inspired by a June 2020 post on the English-language cybercriminal carding forum Altenen announcing a “big victory” for the site in terms of its website traffic rank statistics. This piqued the interest of the Digital Shadows research team who compared how the statistics aligned with their pre-existing perceptions of these sites, whether they show any trends they were previously unaware of, and if there was anything that would indicate deceptive tactics behind these numbers.
The Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury (Treasury), the Federal Bureau of Investigation (FBI) and U.S. Cyber Command (USCYBERCOM) are issuing a joint technical alert about an ongoing automated teller machine (ATM) cash-out scheme by North Korean government cyber actors – referred to by the U.S. government as “FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks.”
The unfolding COVID-19 crisis has been the most significant test of the world’s internet infrastructure to date. With employers and schools moving to remote environments, the expectation was that the expanded use of Software-as-a-Service (SaaS) tools like video conferencing would lead to crippling levels of web traffic. On top of that, experts anticipated the increase in internet use would prompt a corresponding rise in network attacks from cybercriminals. Many in the industry were concerned that the internet would not be able to sustain these unseen levels of duress.
While cyber threats continue to be a massive drain on business productivity, there is another, less obvious vulnerability: unintentional employee error. Indeed, a majority of businesses say that simple human error is their leading cause of data loss.