Items tagged with cybersecurity

Equifax may be now getting its public lashings for a cybersecurity breach that resulted in personal information of 143 million Americans being exposed to hackers, but it appears that the Securities and Exchange Commission (SEC) has a few skeletons in its closet as well. The regulatory agencies announced late last night that its EDGAR database was hacked last year. At the time, the SEC did not make any public disclosures regarding the hack, which took advantage of a vulnerability in the EDGAR test filing system. However, once it discovered the intrusion, it quickly patched it and went about its... Read more...
This could be the mother of all cyberattacks; Equifax just announced that it experienced a "cybersecurity incident" that occurred between mid-May of this year through late July. During that time, malicious parties were able to gain access to some of its online databases courtesy of a website vulnerability. As a result, over 143 million -- yes, MILLION -- U.S. consumers are affected by the data breach. We're not just talking about names and birth dates (yes, those were included), but also Social Security numbers. In some cases, even driver license numbers were obtained by the hackers. And that's... Read more...
  The United Kingdom is basking in the glory of its latest warship: the HMS Queen Elizabeth. The 65,000-ton aircraft carrier cost nearly $4 billion to construct and began its first sea trials on Monday. But the carrier’s big budget price tag isn’t the only thing that is raising eyebrows; it is the British Royal Navy’s decision to allow critical systems on the ship to be powered by Microsoft’s ancient Windows XP operating system. Windows XP was first released to the public in 2001, and commercial support for the operating system ended in 2014. However, many businesses and militaries around... Read more...
In what is being billed as one of the largest data leaks recorded in the United States, an analytics firm contracted by the Republican National Committee (RNC) was found to have exposed the personal details and political biases of nearly 200 million Americans. According to Chris Vickery, a risk analyst for cybersecurity firm UpGuard, the information was left exposed on the internet due to a “misconfigured database” using Amazon Web Services for server storage. The firm responsible for this serious lapse in security was Deep Root Analytics. Over 1.1 terabytes of data was made publicly available... Read more...
Do we need a “digital” Geneva Convention? Microsoft certainly thinks so. The corporation’s Chief Legal Officer Brad Smith recently argued that a digital Geneva Convention would potentially be able to protect civilians from state-sponsored cyber-warfare. First, what is the Geneva Convention? The Geneva Convention is comprised of four treaties and three protocols that outline the international law for humanitarian treatment in war. One of the main purposes of the Geneva Convention is to protect civilians, soldiers incapable of fighting, and prisoners of war.Smith noted that 74 percent of businesses... Read more...
What do you collect? Rare stamps? Falcons fans’ tears? How about classified national defense documents? Former National Security Agency (NSA) contractor Harold Thomas Martin III was recently indicted by a federal grand jury on the charge that he purposely collected classified information regarding national defense. He faces twenty criminal accounts, each punishable by up to 10 years in prison. Rod J. Rosenstein, the United States attorney for Maryland, remarked, “The indictment alleges that for as long as two decades, Harold Martin flagrantly abused the trust placed in him by the government by... Read more...
The White House recently appointed Gregory Touhill, a retired U.S. Air Force brigadier general, as the government’s first federal cyber security chief. The position was announced eight months ago as an attempt prevent and defend against hackers. The position is part of a $19 billion “cyber security national action plan”. Touhill will be responsible for creating and implementing new cyber security plans as well as conducting audits. He will report to Tony Scott, the federal chief information officer and former executive at business software company VMware. Touhill could potentially be replaced when... Read more...
If you have an iPhone, there's a chance that nefarious parties not affiliated with Apple could be tracking you. However, Apple’s latest update, iOS 9.3.5, eliminates several critical security and privacy exploits and should [hopefully] keep you safe. NSO Group, an Israeli startup that sells software that can track mobile phones, was responsible for the intrusion. Its software can read text messages and emails, track calls and contacts, record sounds, collect passwords, and physically locate the mobile phone user. NSO Group executives have boasted that its spyware functions like a “ghost” and... Read more...
Azure customers are getting a welcomed safety upgrade. Microsoft announced Azure Information Protection, a service that works to secure a company’s data, particularly employee identities. This service was made possible through Microsoft's acquisition in November of Secure Islands, an “innovator in advanced information protection solutions”. Microsoft CEO Satya Nadella in Washington D.C. announcing cybersecurity plans in November 2015 In November, Microsoft demonstrated how Windows 10, Office 365, Microsoft Azure, and Microsoft Enterprise Mobility Suite work in tandem to protect against password... Read more...
Last month, US and Chinese governments agreed to a "digital truce", where neither country would knowingly support cyberattacks against each other to steal commercial secrets. While the agreement is solid overall, it does have a number of caveats, including the lack of protection where government secrets are concerned. Nonetheless, based on the findings of security research firm CrowdStrike, it seems like this agreement could be considered pointless. Since the agreement took place, CrowdStrike monitored seven different instances where Chinese-based hackers tried to penetrate U.S. businesses. Five... Read more...
As the years pass, our lives continue to become intertwined even more with the Internet. Today, the Internet acts as a backbone to critical infrastructure, and much like the risk of someone exploiting a flaw to break into our home PC, a real risk exists that enemies of the government could break into and cause harm to utilities. It's for that reason that all governments are overdue on penning up agreements with friendly countries to lessen the chance of a cyberattack. Nonetheless, it's being reported that President Obama is going to be taking some important steps in this when... Read more...
In line with a HotHardware report published last October, officials yesterday confirmed to CNN that the White House was hacked last year and that the alleged culprit is the Russian government. The hackers — believed to be the same group that managed to gain entry to State Department computer system last October — were able to access sensitive information regarding President Barack Obama, including his private schedule. White House officials say although these cyber-attacks are among the most advanced to ever hit the US government, no classified systems were in breach. “This report is not referring... Read more...
U.S. President Barack Obama is getting a little hot under the collar, and we’re not talking about the speech that Israeli Prime Minister Benjamin Netanyahu gave this morning. Instead, President Obama is troubled over new regulations that are being proposed by the Chinese government, which would affect American tech companies that conduct business within China’s borders. President Obama is fearful that China’s plans — which include allowing the Chinese government to install security backdoors, requiring companies to hand over encryption keys, and keeping user data on Chinese soil — are an assault... Read more...
When engaged in war, it's of utmost importance to keep plans and secrets secure. On the other side of the coin, it's likewise important to do what you can to gather intelligence on the opposition -- something quite difficult given the obvious fact that the opposition is also doing its best to keep its secrets, secret. But lest we forget that there are sometimes much easier ways to get information you need. Sometimes it can involve social engineering of the most modest levels, because after all, the bearers of this important information are still human. Hackers targeting the Syrian opposition (an... Read more...
1 2 Next