Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Cop awarded $585K after colleagues snooped on her via license database

A local story made the international press.  Why do Twin Cities and Minnesota cops think the driver’s license database is a dating app?  Krekelberg alleged that 58 fellow officers broke a federal privacy law by searching for her driver’s license data without any reason.


Continue Reading →
0

Guest Post – Can You Trust Your Trusted Sources?

What follows is a sponsored post from cybersecurity firm Sequretek.

Businesses usually tend to trust their partners/ technology partners when related to the security of the data flowing across partners. This approach has changed drastically these days; now businesses themselves need to focus on their cyber security measures. There is a sudden rise in the number of supply chain attacks, by which we can conclude that attackers are easily spotting out vulnerabilities in the supply chain network of the organisations. Today, ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Today’s Weekend Update is our 100th edition

Somehow we have published 100 of these Saturday cybersecurity news roundups.  Hope you have enjoyed them, and maybe learned a thing or two.  Leave a comment and the first 10 commentators will receive some WyzGuys swag.


Boeing 737-MAX Crashes Brought on by Flight Computers

A really scary article about what went ...

Continue Reading →
0

Does Microsoft’s Office365 Cloud Service Have Security Flaws?

Have you recently migrated to Microsoft Office 365 for your company email services?  US-CERT and CISA recently released  Analysis Report (AR19-133A) Microsoft Office 365 Security Observations that described several security flaws or weaknesses inherent in the default deployment of O365.

Here are the findings of that report.  The good news is that these are shortcomings with the default, out-of-box experience.  These issues can be corrected through configuration.  For ...

Continue Reading →
0

Fallout, RIDL, ZombieLand, MDSUM and other MDS Vulnerabilities

Last year we covered the SPECTRE and MELTDOWN vulnerabilities that affected Intel processors.  This year security researchers have discovered a new series of vulnerabilities around the Microacrhitecture Data Sampling MDS process.  This vulnerability would allow an attacker to read data as it crossed the L1 and L2 data caches on the processor.   These vulnerabilities can affect cloud computing services, and be leveraged by ...

Continue Reading →
0

Millions of Chinese-made IoT Devices Easily Hacked says Brian Krebs

If you bought a security camera, webcam, baby monitor, smart doorbell, digital video recorder or other IoT device manufactured in China, there is bad news.  Security flaws have been discovered that can easily  allow an attacker remote access, remote control, and password discovery on affected systems.  These devices can also be hijacked to use in a variety exploits including eavesdropping through ...

Continue Reading →
0

Guest Post – Mobile App Security Threats and Secure Best Practices Part 2

A guest post by KC Karnes

Mobile App Security Exploit Examples: Painful Real-life Lessons

The climate around mobile app security is heating up.

Mobile app vulnerabilities are exploited every day, resulting in expensive data breaches and loss of public trust.

In this section, we will try to learn from the failures of other companies and highlight how real the threats outlined above can be.

Timehop Fails To Trust Two-Factor Authentication

Starting in December of 2017, TimeHop was ...

Continue Reading →
0

Guest Post – Mobile App Security Threats and Secure Best Practices Part 1

A guest post by KC Karnes

Is your mobile app secure?

It shouldn’t come as a surprise that mobile apps are targeted by hackers, given the rapid adoption and increased usage globally. By some estimates, one out of every 36 mobile devices has high-risk apps installed.1

An even more sobering mobile app security statistic for businesses to hear: 71% of fraud transactions came from mobile apps and mobile browsers in the ...

Continue Reading →
0

New Attacks Against SCADA, ICS, and Industrial Safety Control Systems

This can’t be good.  Klaxons sounding at the chemical plant only meant one thing, that the automatic safety systems were not working and that a dangerous explosion was immanent.  The explosion would release a toxic cloud of hydrogen sulfide gas that would kill everyone at the plant and hundreds of people living nearby.

A movie scene?  A spy novel plot?  Unfortunately not, this is an actual event that took place in Saudi ...

Continue Reading →
0
Page 1 of 11 12345...»