Friday, May 17

Tag: cybersecurity

A Cybersecurity Expert Explains A Whistleblower’s Claims – Did Twitter Ignore Basic Security Measures?
No Comments
TECHNOLOGY, VIDEO REELS

A Cybersecurity Expert Explains A Whistleblower’s Claims – Did Twitter Ignore Basic Security Measures?

Twitter’s former security chief, Peiter “Mudge” Zatko, filed a whistleblower complaint with the Securities and Exchange Commission in July 2022, accusing the microblogging platform company of serious security failings. The accusations amplified the ongoing drama of Twitter’s potential sale to Elon Musk. Zatko spent decades as an ethical hacker, private researcher, government adviser and executive at some of the most prominent internet companies and government offices. He is practically a legend in the cybersecurity industry. Because of his reputation, when he speaks, people and governments normally listen – which underscores the seriousness of his complaint against Twitter. As a former cybersecurity industry practitioner and current cybersecurity researcher, I believe that Zatko’s most d...
Read More
5 Top Items Your Small Business Needs On Its Cybersecurity To-Do List
No Comments
FOR BUSINESS

5 Top Items Your Small Business Needs On Its Cybersecurity To-Do List

(BPT) - If you run a small to medium-sized business, you may think your risk of cyberattacks is slim to none. But just because your business is smaller and you have your data stored on-premises does not exempt you from risk. According to the Ninth Annual Cost of Cybercrime Study by Accenture, 43% of cyberattacks are now aimed at small businesses — but only 14% of those businesses are prepared to defend themselves. Since the pandemic, cybercrime has increased by 600%, according to Embroker.com. And the cost of cyberattacks — from business disruption and lost data to system downtime, damage to your company’s reputation and even legal liability — is higher than ever. Cyber defense needs to be a major component of your business strategy. What can your business do to help prevent these attacks...
Read More
AI Is Emerging As A Much-Needed Tool In The Cybersecurity Arms Race
No Comments
TECHNOLOGY, VIDEO REELS

AI Is Emerging As A Much-Needed Tool In The Cybersecurity Arms Race

The average business receives 10,000 alerts every day from the various software tools it uses to monitor for intruders, malware and other threats. Cybersecurity staff often find themselves inundated with data they need to sort through to manage their cyber defenses. The stakes are high. Cyberattacks are increasing and affect thousands of organizations and millions of people in the U.S. alone. These challenges underscore the need for better ways to stem the tide of cyber-breaches. Artificial intelligence is particularly well suited to finding patterns in huge amounts of data. As a researcher who studies AI and cybersecurity, I find that AI is emerging as a much-needed tool in the cybersecurity toolkit. Helping humans There are two main ways AI is bolstering cybersecurity. First, AI can he...
Read More
A Cybersecurity Expert Explains The Latest Internet Vulnerability (Log4j) How Bad It Is And What’s At Stake
No Comments
TECHNOLOGY

A Cybersecurity Expert Explains The Latest Internet Vulnerability (Log4j) How Bad It Is And What’s At Stake

Log4Shell, an internet vulnerability that affects millions of computers, involves an obscure but nearly ubiquitous piece of software, Log4j. The software is used to record all manner of activities that go on under the hood in a wide range of computer systems. Jen Easterly, director of the U.S. Cybersecurity & Infrastructure Security Agency, called Log4Shell the most serious vulnerability she’s seen in her career. There have already been hundreds of thousands, perhaps millions, of attempts to exploit the vulnerability. So what is this humble piece of internet infrastructure, how can hackers exploit it and what kind of mayhem could ensue? What does Log4j do? Log4j records events – errors and routine system operations – and communicates diagnostic messages about them to system administr...
Read More
A Cybersecurity Researcher Explains How To Trust Your Instincts – Identify Phishing Emails And Foil The Attacks
No Comments
TECHNOLOGY

A Cybersecurity Researcher Explains How To Trust Your Instincts – Identify Phishing Emails And Foil The Attacks

Rick Wash, Michigan State University An employee at MacEwan University got an email in 2017 from someone claiming to be a construction contractor asking to change the account number where almost $12 million in payments were sent. A week later the actual contractor called asking when the payment would arrive. The email about the account number change was fake. Instead of going to the contractor, the payments were sent to accounts controlled by criminals. Fake emails that try to get people to do things they wouldn’t normally do, such as send money, run dangerous programs or give out passwords, are known as phishing emails. Cybersecurity experts often blame the people who receive such messages for not noticing that the emails are fake. As a cybersecurity researcher, I’ve found that most pe...
Read More
A Cybersecurity Expert Explains What Pegasus Is , And How The Spyware Invades Phones And What It Does When It Gets In
No Comments
TECHNOLOGY

A Cybersecurity Expert Explains What Pegasus Is , And How The Spyware Invades Phones And What It Does When It Gets In

Bhanukiran Gurijala, West Virginia University End-to-end encryption is technology that scrambles messages on your phone and unscrambles them only on the recipients’ phones, which means anyone who intercepts the messages in between can’t read them. Dropbox, Facebook, Google, Microsoft, Twitter and Yahoo are among the companies whose apps and services use end-to-end encryption. This kind of encryption is good for protecting your privacy, but governments don’t like it because it makes it difficult for them to spy on people, whether tracking criminals and terrorists or, as some governments have been known to do, snooping on dissidents, protesters and journalists. Enter an Israeli technology firm, NSO Group. The company’s flagship product is Pegasus, spyware that can stealthily enter a smart...
Read More
Observations From A Cybersecurity Expert – The Sunburst Hack Was Massive And Devastating
No Comments
CYBERCRIME

Observations From A Cybersecurity Expert – The Sunburst Hack Was Massive And Devastating

So much remains unknown about what is now being called the Sunburst hack, the cyberattack against U.S. government agencies and corporations. U.S. officials widely believe that Russian state-sponsored hackers are responsible. The attack gave the perpetrators access to numerous key American business and government organizations. The immediate effects will be difficult to judge, and a complete accounting of the damage is unlikely. However, the nature of the affected organizations alone makes it clear that this is perhaps the most consequential cyberattack against the U.S. to date. An act of cyberwar is usually not like a bomb, which causes immediate, well-understood damage. Rather, it is more like a cancer – it’s slow to detect, difficult to eradicate, and it causes ongoing and significant ...
Read More
Basic Cybersecurity Precautions Are Key To Minimizing Ransomware Damage, Interference With Elections And Disinformation
No Comments
LIFESTYLE

Basic Cybersecurity Precautions Are Key To Minimizing Ransomware Damage, Interference With Elections And Disinformation

Government computer systems in Hall County, Georgia, including a voter signature database, were hit by a ransomware attack earlier this fall in the first known ransomware attack on election infrastructure during the 2020 presidential election. Thankfully, county officials reported that the voting process for its citizens was not disrupted. The attack follows on the heels of a ransomware attack last month on eResearchTechnology, a company that provides software used in clinical trials, including trials for COVID-19 tests, treatments and vaccines. Less than a week after the attack in Georgia was revealed, the FBI warned that cyber criminals have unleashed a wave of ransomware attacks targeting hospital information systems. Attacks like these underscore the challenges that cybersecurity exp...
Read More
The lack of women in cybersecurity leaves the online world at greater risk
No Comments
TECHNOLOGY

The lack of women in cybersecurity leaves the online world at greater risk

Women are highly underrepresented in the field of cybersecurity. In 2017, women’s share in the U.S. cybersecurity field was 14%, compared to 48% in the general workforce. The problem is more acute outside the U.S. In 2018, women accounted for 10% of the cybersecurity workforce in the Asia-Pacific region, 9% in Africa, 8% in Latin America, 7% in Europe and 5% in the Middle East. Women are even less well represented in the upper echelons of security leadership. Only 1% of female internet security workers are in senior management positions. I study online crime and security issues facing consumers, organizations and nations. In my research, I have found that internet security requires strategies beyond technical solutions. Women’s representation is important because women tend to offer vie...
Read More
Government cybersecurity commission calls for international cooperation, resilience and retaliation
No Comments
TECHNOLOGY

Government cybersecurity commission calls for international cooperation, resilience and retaliation

The global commons are under assault in cyberspace. Ransomware attacks, including North Korea’s WannaCry and Russia’s NotPetya, have disrupted vital medical services and global transportation systems, costing billions of dollars. Iran and China have engaged in similar actions. Real-time cyberattacks on a display at the 175th Cyberspace Operations Group of the Maryland Air National Guard. U.S. Air Force photo by J.M. Eddins Jr., CC BY-NC These cyberattacks are carried out by states and nonstate actors that seek to undermine global connectivity for their own interests. But like a pandemic, these attacks affect all of society. The world needs a new approach to combating how nations use cyberspace to advance their interests at the expense of people around the world. The U.S. Cyberspace Solar...
Read More