Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


 Falling Chinese Space Station

Sometime around April 3—give or take about a week—China’s 9.5-ton Tiangong-1 space station will fall out of orbit and enter Earth’s atmosphere. While media reports for the last few months have hyped the “uncontrolled” de-orbit as ...

Continue Reading →
0

Tomorrow is World Backup Day

Which means we all get into our cars and spend the day driving in reverse?  Not quite.  What this means for some of your that today is the day you quit kicking that can down the road and set up a data backup for your systems.  Hardware, software, cloud – pick your poison and set it up.

For those of you who are already using a backup solution, today would be a ...

Continue Reading →
0

Something You Are: Typing Cadence

What would it be like if you could identify yourself and authenticate your account by the way you type?  A Romanian company, TypingDNA, has created a Chrome extension that does just that.

I am a big advocate of two-factor authentication, but there are some problems.  One of the three types of authentication is biometrics, which is “something you are.”  NIST, in SP 800-63B states ...

Continue Reading →
0

Using Artificial Intelligence in Cybersecurity

The problem with cybersecurity it that an attacker only needs to exploit a single vulnerability, while a defender needs to protect everything.  Defense has evolved from perimeter defense, to defending all endpoints, to adding automated detection and prevention appliances, to universal threat management that looks at not just north/south traffic passing through the Internet gateway, but also east/west traffic across the LAN between ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


 Second company claims it can unlock iPhone X

A tiny US company called Grayshift is reportedly quietly touting software it claims can unlock Apple’s flagship handsets, the iPhone X and 8.


How women are helping to fight ...

Continue Reading →
0

Why Do I Need a VPN?

Did you know that most traffic across the Internet travels in an unencrypted state.  And when you make an open wireless connection  in a coffee bar or other public location, the radio connection is unsecured and  unencrypted, too.  This traffic travels as plain text, and can be read by anyone with the skills to intercept the traffic and open the data packets.

We know ...

Continue Reading →
0

USB Exploits Pose Security Threats

Often when I am writing about cybersecurity, the situation seems worse than ever.  But its not more dangerous than its ever been, it dangerous in ways that its never been.

A team of Israeli researchers have cataloged 29 different USB exploits and attacks.  These attacks can come disguised as a smartphone charger connection, or may come hidden on a USB thumb drive.  Plugging an unknown ...

Continue Reading →
0

Spectre and Meltdown Chip Based Security Vulnerabilities – Where Are We Now?

In January we learned about a pair of cybersecurity vulnerabilities called Spectre and Meltdown.  Discovered last summer by different security researchers, these vulnerabilities are proving difficult to mitigate because the problem exists in the way central processing units (CPUs) have been designed and manufactured.  These processor cores are at the heart of all computer hardware, from PCs and servers, to smartphones, ...

Continue Reading →
0

Are Malicious Bots Visiting Your Website?

Bots are alive, well, and busy on the Internet, making up nearly half of Internet traffic. Bad bots are used by cyber-criminals and cyber attackers to automate harmful exploits and attacks, such as denial of service attacks, crypto-coin mining, data mining, information exfilitration, account hijacking, vulnerability scanning, spamming, and other illegal or illicit activities.

Not all bots are bad.  Some of these site visitors are helpful, such as the automated bots from ...

Continue Reading →
0

Is Your Vendor a Security Risk? A Look at Vendor Risk Management

What if the biggest security risk your company faced was from an employee at a trusted vendor company?  Third party risk management, or vendor risk management, is an emerging cybersecurity practice that larger companies are using to mitigate the risk that smaller, network connected third party and vendor companies can represent.

The classic example of the dangers a vendor can bring to another company ...

Continue Reading →
0
Page 5 of 55 «...34567...»