The U.S. Air Force hosted a demonstration of its Advanced Battle Management System (ABMS), a digital battle network system designed to collect, process, and share data among U.S. and allied forces in real-time. Part of the demo also involved showing off its robot dogs for perimeter defense.
Untangle, Inc. released the results of its third annual SMB IT Security Report. Polling more than 500 SMBs, the report explores major barriers for managing IT security, particularly in the face of the unique challenges brought on by COVID-19 and its resulting shift to remote work.
There's a new tip line in Wisconsin for anyone who wants to report a school safety concern or threat. Funded by a $2 million federal grant, the Speak Up, Speak Out Resource Center was created by the Wisconsin Department of Justice and is available 24/7.
The Australian Government has released The Code of Practice: Securing the Internet of Things for Consumers (Code of Practice). The guide represents a first step in the Australian Government’s approach to improve the security of IoT devices in Australia.
The Transportation Security Administration (TSA) is piloting a new touchless “self-service” technology that matches a traveler’s live photo with the photo on their ID. The initiative automatically authenticates a traveler’s ID, matches the live photo with the image on their ID, and confirms their flight information in near real time.
The Department of Homeland Security today announced the imminent publication of a Notice of Proposed Rulemaking that proposes expanding department authorities and methods for collecting biometrics that will establish a defined regulatory purpose for biometrics.
The Secure Cyber Risk Aggregation and Measurement (SCRAM), a new platform from the Massachusetts Institute of Technology (MIT) Computer Science and Artificial Intelligence Laboratory (CSAIL), quantifies companies' security risk without requiring them to disclose sensitive data about their systems to the research team, much less their competitors.
I was chatting with a chief information security officer (CISO) recently, and we started talking about motivation and the role of love and hate in driving ourselves towards our goals. In cybersecurity, we tend to think about external opponents, most notably white hats vs. black hats, but rarely discuss the internal factors that guide our day-to-day decisions. Humans are dynamic beings that aren’t driven solely by love or hate (despite what the chatter on social media may have you believe). We do, however, have predilections based on our personalities and environment. How we choose to deal with those influences shapes who we become. A good strategy is a combination of love and hate where organizations work towards a grand vision of their future while eliminating things they hate one after the other.
In 2019, Business Email Compromise (BEC) attacks – a long-standing cybersecurity threat – accounted for $1.7 billion in losses, with cybercriminals using new tactics and techniques to carry out existing attacks. As cybercrime spikes in the wake of COVID-19, BEC’s toll is expected to rise this year. The Federal Bureau of Investigation (FBI) recently issued a warning to businesses on the growing threat of BEC attacks using the pandemic as a backdrop for unusual requests like payments to a “new” vendor or a change of account information.
Application programming interfaces (APIs) make everything a bit easier - from data sharing to system connectivity to delivery of critical features and functionality - but they also make it much easier for the bad actors (and the bad bots they deploy). Here are the top 5 API vulnerabilities that get exploited by hackers, including some tips to help close those gaps.