A quick Saturday digest of cybersecurity news articles from other sources.
Tech Trends in 2019
Information on trends in technology for drones, security robots, artificial intelligence, security smart homes, and securing IoT.
Feds can’t force you to unlock your phone with finger or face, says judge
The landmark decision asserts the same 4th and 5th amendment legal protection for biometrics that we’re given for passcodes.
Congressional Report on the 2017 Equifax Data Breach
[2018.12.19] The US House of Representatives Committee on Oversight and Government Reform has just released a comprehensive report on the 2017 Equifax hack. It’s a great piece of writing, with a detailed timeline, root cause analysis, and lessons learned.
China’s APT10
[2018.12.31] Wired has an excellent article on China’s APT10 hacking group. Specifically, on how they hacked managed service providers in order to get to their customers’ networks.
I am reminded of the NSA’s “I Hunt Sysadmins” presentation, published by the Intercept.
The Dark Web: A guide for business professionals
Free PDF. The Dark Web is used to sell stolen data, drugs, and weapons—but it’s also used by legitimate outfits, like news organizations and the UN. This ebook looks at what the Dark Web is and how it affects you.
Israeli researchers find 29 ways to use a USB device to compromise a computer
The problem with USB devices (or the attraction, if you’re a cybercriminal) is that they’re a devastatingly simple way to sneak malware on to computers, especially important ones protected by air gaps.
USB-C Authentication sounds great, so why are people worried?
USB-C Authentication could banish USB threats forever, but it might also mean you’re tied to buying ‘approved’ accessories.
Update now! Chrome and Firefox patch security flaws
Google and Mozilla are tidying up security features and patching vulnerabilities in Chrome and Firefox for Mac, Windows, and Linux.
Share
FEB
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com