-
Insider risk management: Where your program resides shapes its focus
PRIVACY PRIVACY There’s no getting around it, I am long in the tooth and have been dealing with individuals who break trust within their work environment for more than 30 years, both in government (where we called it counterespionage or counterintelligence) and in the private sector. Today we call programs that help prevent or identify…
-
Friday Squid Blogging: Online Cephalopod Course
PRIVACY PRIVACY Atlas Obscura has a five-part online course on cephalopods, taught by squid biologist Dr. Sarah McAnulty. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Read More
-
Researchers find new ICS malware toolkit designed to cause electric power outages
PRIVACY PRIVACY Over the past few years state-sponsored attackers have been ramping up their capabilities of hitting critical infrastructure like power grids to cause serious disruptions. A new addition to this arsenal is a malware toolkit that seems to have been developed for red-teaming exercises by a Russian cybersecurity company. Dubbed COSMICENERGY by researchers from…
-
Anyone Can Try ChatGPT for Free—Don’t Fall for Sketchy Apps That Charge You
PRIVACY PRIVACY Anyone can try ChatGPT for free. Yet that hasn’t stopped scammers from trying to cash in on it. A rash of sketchy apps have cropped up in Apple’s App Store and Google Play. They pose as Chat GPT apps and try to fleece smartphone owners with phony subscriptions. Yet you can spot them…
-
Phishing Domains Tanked After Meta Sued Freenom
PRIVACY PRIVACY The number of phishing websites tied to domain name registrar Freenom dropped precipitously in the months surrounding a recent lawsuit from social networking giant Meta, which alleged the free domain name provider has a long history of ignoring abuse complaints about phishing websites while monetizing traffic to those abusive domains. The volume of…
-
New Russian-Linked Malware Poses “Immediate Threat” to Energy Grids
PRIVACY PRIVACY Researchers say the specialized OT malware has similarities with Industroyer, which was used to take down power in Kiev, Ukraine, in 2016 Read More
-
Expeditionary Cyberspace Operations
PRIVACY PRIVACY Cyberspace operations now officially has a physical dimension, meaning that the United States has official military doctrine about cyberattacks that also involve an actual human gaining physical access to a piece of computing infrastructure. A revised version of Joint Publication 3-12 Cyberspace Operations—published in December 2022 and while unclassified, is only available to…
-
Three Reasons You Need a VPN
PRIVACY PRIVACY You know what a VPN is, but the question remains—why do you need a VPN? There’s one good reason. Your privacy. Because it’s a commodity on today’s internet. For starters, you have advertisers and internet service providers (ISPs) that want to know what you’re doing, when you’re doing it, where you’re doing it,…
-
Careless IT security worker exploited ransomware attack against his employer, but failed to cover his tracks
PRIVACY PRIVACY Bad enough for your company to be held to ransom after a cyber attack. Worse still to then have one of your own employees exploit the attack in an attempt to steal the ransom for themselves. Read more in my article on the Tripwire State of Security blog. Read More
-
Romania’s Safetech Leans into UK Cybersecurity Market
PRIVACY PRIVACY The cyber innovator sees the UK is an ideal location to realize its global ambitions as it opens a SOC at the Plexal Innovation Hub Read More