In 2014, the National Institute of Standards and Technology published version 1.0 of its “Framework for Improving Critical Infrastructure Cybersecurity.” Commonly known as the NIST Cybersecurity Framework, its development was in response to Presidential Executive Order 13636 in February 2013: Improving Critical Infrastructure Cybersecurity. Subsequent versions of the NIST CSF appeared in 2017 and 2018,
Month: December 2019
by Naked Security writer Get yourself up to date with everything we’ve written in the last seven days – it’s weekly roundup time. Monday 23 December 2019 Serious Security: The decade-ending “Y2K bug” that wasn’t Smartphone location data can be used to identify and track anyone Congress passes anti-robocall bill Facebook will stop mining contacts
In the second blogpost of the two-part series we’ll suggest handy tips to help enhance the security of your mobile devices Yesterday, we discussed bad cybersecurity habits you should avoid in 2020, especially where computers are involved. We’re not done yet. Some of the recommendations apply to both computers and smartphones, such as being especially
IT has dramatically changed over the past decade with the advent of the cloud providing ubiquitous access, infinite compute and boundaryless storage. Operational technology, on the other hand — the technology that runs nuclear reactors, oil rigs, power utilities and the like — has evolved much more slowly. As a result of this dichotomy, the
by Paul Ducklin The UK Cabinet Office just published its latest list of civilian honours that recognise members of the public who are considered to have made a major contribution in fields such as arts, science, medicine, sport or government. Unfortunately, according to the Guardian newspaper, when the New Year 2020 list was first published,
In this first instalment of the two-article series we will be looking at cybersecurity habits to avoid when using your computing devices As we’re entering 2020, we’re also plotting out our New Year’s resolutions. Instead of suggesting what you should do next year, however, let’s have a look at some cybersecurity mistakes you should avoid
UK police officers and staff reported on average four lost or stolen devices every day over the most recent financial year, according to newly released data. Think tank Parliament Street received Freedom of Information (FOI) requests from 22 forces across the country to better understand their risk exposure from mobiles, tablets, laptops, radios, USBs and other devices.
by Paul Ducklin OK, technically, this article is about malware in general, not about viruses in particular. Strictly speaking, virus refers to a type of malware that spreads by itself, so that once it’s in your system, you may end up with hundreds or even thousands of infected files… …on every computer in your network,
Summary The activities of some non-governmental organizations (NGOs) challenge governments on politically sensitive issues such as social, humanitarian, and environmental policies. As a result, these organizations are often exposed to increased government-directed threats aimed at monitoring their activities, discrediting their work, or stealing their intellectual property. BRONZE PRESIDENT is a likely People’s Republic of China
Nearly 173 million usernames and passwords were compromised when a leading gaming developer was breached in September, it has emerged. Zynga burst on the gaming scene when its Farmville title became a hit a decade ago. It followed this success with Words with Friends, a hugely popular Scrabble-like word game it acquired. Although Zynga acknowledged
Some of the most popular coverage on SearchSecurity in 2019 highlighted current and emerging threats to organizations across verticals, while other articles offered insights to problems that have been plaguing enterprises for years, along with their well-known and new solutions. Check out some of the most popular articles with readers this year that dig into
by Paul Ducklin Here they are: the baddest stories and the biggest lessons, from 2010 to 2019. From a totally made-up hoax that shocked the world, through a social networking app that promised what it couldn’t deliver, to a larger-than life cybercelebrity who was busted in a military-scale takedown operation… …here’s our take on the
Disposing of old tech isn’t a one-click solution; there are multiple things you have to consider before moving on to greener pastures Black Friday, Cyber Monday and even Christmas are behind us. Which means some of us may have been fortunate enough to unwrap a shiny new laptop, smartphone or tablet. But what about our
Besides rewarding ethical hackers from its pocket for responsibly reporting vulnerabilities in third-party open-source projects, Google today announced financial support for open source developers to help them arrange additional resources, prioritizing the security of their products. The initiative, called “Patch Rewards Program,” was launched nearly 6 years ago, under which Google rewards hackers for reporting
A Londoner who blackmailed Apple threatening to factory reset hundreds of millions of iCloud accounts has been sentenced at Southwark Crown Court. Kerem Albayrak, 22, from North London, demanded that the tech giant give him $75,000 in crypto-currency or a thousand $100 iTunes gift cards in return for deleting what turned out to be a
by Paul Ducklin SophosLabs has a seen a variety of Christmas-time spam campaigns that shamlessly hitch a ride on the coat-tails of climate activist Greta Thunberg. The malware-spreading spams arrive with subject lines such as… Please help save the planet Greta Friends help Support Greta Thunberg - Time Person of the Year 2019 Greta Thunberg
Hello and welcome back to our regular morning look at private companies, public markets and the gray space in between. This morning we’re dialing into some late-stage venture activity in Utah. Why? Because Utah has become a hotbed of startup activity, yielding both IPOs and huge acquisitions. And as Utah isn’t a media hub in
It’s not a stretch to surmise that the incident was enabled by poor security settings Law enforcement in Thailand is looking into an incident that resulted in the streaming of live surveillance footage from a local prison on YouTube, according to a report by The Bangkok Post The feed, which gave a glimpse into inmates’
A British man suspected to be a member of ‘The Dark Overlord,’ an infamous international hacking group, has finally been extradited to the United States after being held for over two years in the United Kingdom. Nathan Francis Wyatt, 39, appeared in federal court in St. Louis, Missouri, on Wednesday to face charges related to
Wikimedia Foundation, the nonprofit group that operates Wikipedia and a number of other projects, has urged the Indian government to rethink the proposed changes to the nation’s intermediary liability rules that would affect swathes of companies and the way more than half a billion people access information online. The organization has also urged the Indian
Twitter has been forced to suspend thousands of accounts linked to state-backed campaigns driven by Saudi Arabia and designed to influence public opinion, it has revealed. The social networking site claimed in a new blog post on Friday that 5929 accounts had been removed for “violating our platform manipulation policies.” “These accounts represent the core
by Paul Ducklin A London man who tried to extort $100,000 from Apple by threatening to dump data from millions of iCloud accounts and then shut them down will be spending the holiday season at home, despite being sentenced in court last week. Kerem Albayrak, 22, from North London, ended up pleading guilty to three
Since roughly 2012, billionaire Bill Gates has been participating in Reddit’s annual Secret Santa gift exchange, which matches Reddit users with internet strangers who give them presents. He seems to relish the role. For example, in 2017, he was matched with a cat lover, sending off a giant load of feline-themed gifts, including a large
Advanced persistent threats (APTs) have emerged to be legitimate concerns for all organizations. APTs are threat actors that breach networks and infrastructures and stealthily lurk within them over extended spans of time. They typically perform complex hacks that allow them to steal or destroy data and resources. According to Accenture, APTs have been organizing themselves
Modern agriculture involves fields of mind-boggling size, and spraying them efficiently is a serious operational challenge. Pyka is taking on the largely human-powered spray business with an autonomous winged craft and, crucially, regulatory approval. Just as we’ve seen with DroneSeed, this type of flying is risky for pilots, who must fly very close to the
Researchers have unearthed a two-year phishing campaign targeting bank customers in Canada. Fourteen banks, including CIBC, TD Canada Trust, Scotiabank, and the Royal Bank of Canada (RBC) were spoofed in a large-scale operation that involved multiple look-alike domains. The attack starts by sending legitimate-looking emails containing a PDF attachment. The attachment uses what appears to
BOSTON — Healthcare facilities can advance their patient care with IoT remote monitoring if manufacturers understand how to develop and use connected medical devices. Medical IoT remote monitoring “will change the way you do service, the way your customers perceive you, not just you, but your products. They become reliant on the network of things
by Paul Ducklin Lots of us have the day off today, but there are plenty of people who don’t, including a veritable army of of IT techies, helpdesk staff, sysadmins… …and if you’ve ever been on IT duty over the Christmas period, you’ll know what a tricky time it can be. If all goes well,
The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 9am Pacific, you can subscribe here. 1. Uber founder Travis Kalanick is leaving the company’s board of directors Uber founder and former CEO Travis Kalanick will officially resign
There’s hardly any business nowadays that don’t use computers and connect to the Internet. Companies maintain an online presence through their official websites, blogs, and social media pages. People use online services to conduct day to day activities like banking. And of course, there are many businesses that are completely based on the web like
- 1
- 2
- 3
- …
- 7
- Next Page »