Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Tech Trends in 2019

Information on trends in technology for drones, security robots, artificial intelligence, security smart homes, and securing IoT.


Feds can’t force you to unlock your phone with finger or face, says judge

The landmark decision asserts the same 4th and 5th amendment legal protection for biometrics that we’re given for passcodes.


Congressional Report on the 2017 Equifax Data Breach

[2018.12.19] The US House of Representatives Committee on Oversight and Government Reform has just released a comprehensive report on the 2017 Equifax hack. It’s a great piece of writing, with a detailed timeline, root cause analysis, and lessons learned.


China’s APT10

[2018.12.31] Wired has an excellent article on China’s APT10 hacking group. Specifically, on how they hacked managed service providers in order to get to their customers’ networks.

I am reminded of the NSA’s “I Hunt Sysadmins” presentation, published by the Intercept.


The Dark Web: A guide for business professionals

Free PDF.  The Dark Web is used to sell stolen data, drugs, and weapons—but it’s also used by legitimate outfits, like news organizations and the UN. This ebook looks at what the Dark Web is and how it affects you.


Israeli researchers find 29 ways to use a USB device to compromise a computer

The problem with USB devices (or the attraction, if you’re a cybercriminal) is that they’re a devastatingly simple way to sneak malware on to computers, especially important ones protected by air gaps.


USB-C Authentication sounds great, so why are people worried?

USB-C Authentication could banish USB threats forever, but it might also mean you’re tied to buying ‘approved’ accessories.


Update now! Chrome and Firefox patch security flaws

Google and Mozilla are tidying up security features and patching vulnerabilities in Chrome and Firefox for Mac, Windows, and Linux.


 

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.
  Related Posts

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.