by Michael Schiebel, TechCrunch
Security remains one of the top unresolved challenges for businesses. Billions of dollars have been spent on security technology over the last 30 years, yet hackers seem to be more successful than ever. Every organization is now under extreme threat, all the time.
Today, hacking is a much more complex art than it used to be: It no longer only involves just scanning and penetrating the network via a vulnerability. Yet the traditional security tools used by most companies are often inadequate because they still focus on this, ignoring what is now a very complex post-compromise chain of events. Continue reading What your security scientists can learn from your data scientists to improve cybersecurity
by Sead Fadilpasic, betanews
Carbanak, a powerful cyber-crime group, is using certain Google services as command and control for its malware and other malicious elements. The news was released by cybersecurity firm Forcepoint this week.
Forcepoint uncovered a trojanized RTF document, which, once ran, will “send and receive commands to and from Google Apps Script, Google Sheets, and Google Forms services.” Continue reading Hacking group uses Google services to control malware
by Jigar, News In Bits
A leading cyber security company has released a list of worst passwords of 2016. ‘123456’ has topped the list. 17% of people use 123456 no wonder this was the same worse password as last year, due to a rapid growth of information and technology password is very tough to select for so many accounts like we hear this from childhood that ‘keep your password different from another accounts’.
On August 31, 2014, a collection of almost 500 private pictures of various celebrities, mostly women, and with much-containing nudity, were posted on the image board 4chan, and later disseminated by other users on websites and social networks such as Imgur and Reddit. The event, which media outlets and Internet users referred to under names such as “The Fappening”. Continue reading The most common and worse password of 2016 ‘123456’
by John Kindervag, Dark Reading
This approach to network design can cut the chance of a breach
Data breaches are all over the news. Yahoo admitted that at least 500 million user accounts were affected by a 2014 cybersecurity breach. The 2016 election season was filled with revelations gleaned from stolen emails. The Justice Department, Internal Revenue Service, the US Navy, and Snapchat all suffered breaches in 2016. The list seems endless. Most significant, however, were the 2015 breaches of the Office of Personnel Management (OPM), which experienced two separate cybersecurity incidents that resulted in stolen personnel files of almost 22 million people who had undergone background investigations. Continue reading ‘Zero Trust’: The Way Forward in Cybersecurity
by George Watson, Texas Tech University
Abdul Serwadda is working to advance research to develop secure user authentication methods
Cyber security and authentication have been under attack in recent months as, seemingly every other day, a new report of hackers gaining access to private or sensitive information comes to light. Just recently, more than 500 million passwords were stolen when Yahoo revealed its security was compromised.
Securing systems has gone beyond simply coming up with a clever password that could prevent nefarious computer experts from hacking into your Facebook account. The more sophisticated the system, or the more critical, private information that system holds, the more advanced the identification system protecting it becomes. Continue reading Professor Shows Brain Waves can be used to Detect Potentially Harmful Personal Information
by Dorothy Denning, Scientific American
For decades, deterrence has effectively countered the threat of nuclear weapons. Can we achieve similar results against cyber weapons?
Cyber-attackers pose many threats to a wide range of targets. Russia, for example, was accused of hacking Democratic Party computers throughout the year, interfering with the U.S. presidential election. Then there was the unknown attacker who, on a single October day, used thousands of internet-connected devices, such as digital video recorders and cameras compromised by Mirai malware, to take down several high-profile websites, including Twitter. Continue reading Cyber-security’s Next Phase: Cyber Deterrence
by Ravi Mandalia, Top Examiner
IBM has now buckled up Watson to put all its might into helping us strengthen our cyber security through the Watson for Cyber Security program.
The program is still in its beta and IBM is working with 40 of its clients to employ machine learning and artificial intelligence to identify and prioritize threats as a step towards ensuring greater security of information, and infrastructure. Continue reading IBM wants Watson to help in cyber security
by Matthew Wall, BBC News
OK, so how many of you have downloaded Pokemon Go on to your work phone? Come on, admit it.
If you were surprised the IT department let you do this, don’t be – many companies have absolutely no idea what their staff are up to it seems.
For example, when cyber-security firm Imperva asked one of its banking clients how many apps it thought its staff were using, the firm estimated between 75 and 100 in total. The figure was actually closer to 800. Continue reading Is that app you’re using for work a security threat?
by Jeremy Wagstaff and J.R. Wu, Reuters
Recent cyber attacks harnessing everyday devices such as cameras, video recorders, printers, routers and speakers are a wake-up call to the hidden dangers of the Internet of Things.
The problem for the device makers, though, is that few are well equipped to tackle the unfamiliar task of foiling hackers.
For a sense of that challenge, take AV Tech Corp, a once proud giant among CCTV camera makers whose 1990s building in a Taipei suburb hints at the gap it must overcome between hardware factories of a decade ago and those of today. Continue reading After cyber attacks, Internet of Things wrestles with making smart devices safer