A newly disclosed vulnerability (CVE-2019-9506) in the Bluetooth Core Specification can be exploited by attackers to intercept and manipulate Bluetooth communications/traffic between two vulnerable devices. Researchers Daniele Antonioli, Nils Ole Tippenhauer and Kasper Rasmussen discovered the flaw and demonstrated a practical Key Negotiation …
On a global scale, cybersecurity is suffering from a severe shortage of experts. What is to be done? Organizations, government, academia and professional associations need to work together to develop a sustainable cyber skills strategy. To date, strategic thinking has largely focused on what to defend and how to defend, but less on who is …
While there is much discussion about the data security and privacy risks created by third parties, another source of risk can be significant but overlooked: that from fourth parties – those vendors that your vendors use – who may be integral players in your mission fulfillment but who are beyond your direct contractual oversight. Because third …
In this podcast recorded at Black Hat USA 2019, Jimmy Graham, Senior Director of Product Management at Qualys, discusses the importance of a tailored patch management process. Security obviously will have some say in a patch management process because a lot of patching is security driven, but patching is beyond just security, there’s …
Companies are under constant threat. Opportunistic attackers scan the internet for weak points, …
On a global scale, cybersecurity is suffering from a severe shortage of experts. What is to be …
The European Central Bank (ECB) confirmed on Thursday that its Banks’ Integrated Reporting Dictionary (BIRD) website has been compromised by attackers and taken down until the situation is brought under control. The compromise may have resulted …
Anomali announced the results of a survey conducted by The Harris Poll. It includes responses from more than 2,000 American adults and reveals how Americans believe business and government organizations should respond to ransomware attacks as …
You likely know to avoid suspicious emails to keep hackers from gleaning personal information from your computer. But a new study from SMU (Southern Methodist University) suggests that it’s possible to access your information in a much …
Companies are under constant threat. Opportunistic attackers scan the internet for weak points, motivated attackers target specific organizations for susceptibility to a scam or digital exploit, and persistent attackers don’t give up until they …
Users of deception technology reported a 12X improvement in the average number of days it takes to detect attackers operating within an enterprise network when compared to those unfamiliar with the technology, according to a research report …
While many organizations and home networks use a host and guest network on the same router hardware to increase security, a new study by Ben-Gurion University indicates that routers from well-known manufacturers are vulnerable to cross-router …
Accelerating demand for embedded security in industrial and automotive segments is driving the market for technologies such as secure microcontrollers (MCU) and trusted platform modules (TPM). ABI Research forecasts that total global shipments …
The Global Cyber Alliance, working with its partners, launched the Automated IoT Defence Ecosystem (AIDE), a first-of-its-kind cybersecurity development platform for Internet of Things (IoT) products. AIDE enables small businesses, …
Today’s threat environment is complex and dynamic. The internet was built for connectivity, not security, and approaches such as intrusion detection systems, anti-virus programs, and traditional incident response methodologies by themselves are …
