In response to recent events where unidentified cyber actors obtained unauthorized access to the supervisory control and data acquisition (SCADA) system at a U.S. drinking water treatment facility, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation, the Environmental Protection Agency (EPA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released joint Cybersecurity Advisory AA21-042A: Compromise of U.S. Water Treatment Facility. This advisory outlines how cybercriminals exploit desktop sharing software and end-of-life operating systems to gain unauthorized access to systems.
After auditing the security of Helpdesk Software solution Deskpro in accordance with the company's Responsible Disclosure Bug Bounty Program, the Checkmarx Security Research Team discovered a severe cross-site scripting (XSS) issue that can be exploited multiple ways.
New research from Tessian finds that almost one-third of people have fallen victim to a cyber romance scam, posing a new warning: don’t get cat-phished this Valentine’s Day.
In today’s world, business process automation solutions are considered the fastest-growing segment on the global enterprise software market. However, both business owners and frequent users alike often express their doubts about the capability of automation tools to operate at the proper level required by enterprise data security, especially with many employees working from home due to the pandemic.
The COVID-19 pandemic has sparked a unique convergence of security and health, and it’s up to security leaders to keep up and even drive that transformation for their organizations. One of the biggest facility management takeaways from the pandemic has been the need for flexibility within building infrastructures. Thoughtfully implemented solutions and strategies within repurposed spaces will not only safeguard buildings from traditional intruder threats, but also promote a healthy environment for employees and occupants.
Security ratings or cybersecurity ratings are a data-driven, objective, and dynamic measurement of an organization's security posture and cybersecurity performance. To learn more about the benefits of security ratings, we speak to Christos Kalantzis, Chief Technology Officer at SecurityScorecard.
INKY processed 656,954,951 emails in 2020. From this data, they ranked the top 25 most-phished brands during 2020. In round numbers, that’s two-thirds of a billion.
Lookout, Inc. announced the discovery of two novel Android surveillanceware, Hornbill and SunBird. The Lookout Threat Intelligence team believes these campaigns are connected to the Confucius APT, a well-known pro-India state-sponsored advanced persistent threat group. Hornbill and SunBird have sophisticated capabilities to exfiltrate SMS message content, encrypted messaging app content, geolocation, contact information, call logs, as well as file and directory listings. The surveillanceware targets personnel linked to Pakistan’s military and nuclear authorities and Indian election officials in Kashmir.
As 5G technology continues to be rolled out worldwide—providing latency of a mere 1 millisecond—it is critical that information security professionals become familiar with 5G system architecture and security architecture, as well as the risks that come with implementing new cellular technologies. ISACA’s new white paper, 5G Security: Addressing Risk and Threats of Mobile Network Technologies, explores these topics, and compares 5G technology with 4G and previous generation cellular technologies.
COVID-19 wasn’t the only thing to sweep the globe in 2020 — the year also brought a wave of privacy legislation. Major players, including Brazil, Canada and China, all introduced privacy legislation that closely aligns with the EU General Data Protection Regulation. And in the U.S., California debuted the highly anticipated California Consumer Privacy Act (CCPA) and quickly followed up by approving the California Privacy Rights Act of 2020 (CPRA), which modifies the existing CCPA obligations and introduces new ones. So, what’s in store for 2021?
RSS
