News
-
Security hygiene and posture management: A 2022 priority
While cybersecurity is complex and multifaceted, security certifications (i.e., CISSP common body of knowledge 8 domains), regulations (i.e., HIPAA, PCI DSS, etc.), and best practices (i.e., CIS critical security controls) all recommend starting cybersecurity programs at the same place: security hygiene and posture management. Experts agree that strong cybersecurity starts with the basics, like knowing…
-
Merck Wins $1.4bn NotPetya Payout from Insurer
Merck Wins $1.4bn NotPetya Payout from Insurer Merck has won a long-running legal battle to force its insurer to cover the costs of damages caused by the NotPetya ‘ransomware’ attacks. The pharma giant was one of many big-name multinationals hit by the destructive malware, disguised as ransomware by Russian attackers targeting Ukrainian organizations back in 2017,…
-
Cyberbullying: Words do Hurt When it Comes to Social Media
Most parents may find it difficult to relate to today’s form of cyberbullying. That’s because, for many of us, bullying might have come in a series of isolated, fleeting moments such as an overheard rumor, a nasty note passed in class, or a few brief hallway confrontations. Fast forward a few dozen decades, and the…
-
Biden Signs Memo to Boost National Cybersecurity
Biden Signs Memo to Boost National Cybersecurity United States President Joe Biden has signed a National Security Memorandum (NSM) requiring national security systems to implement network cybersecurity measures that are at least as good as those required of federal civilian networks. The requirements for federal civilian networks were laid out in Biden’s Executive Order 14028…
-
11:11 Systems Acquires iland
11:11 Systems Acquires iland Managed infrastructure solutions company, 11:11 Systems, has acquired Texas-based cloud services provider, iland. The completion of the acquisition was announced on Thursday. The terms of the deal were not disclosed. Headquartered in Houston with regional offices in London and Sydney, iland delivers cloud services including Disaster-Recovery-as-a-Service (DRaaS), Infrastructure-as-a-Service (IaaS) and Backup-as-a-Service (BaaS) from its cloud…
-
Third Firmware Bootkit Discovered
Third Firmware Bootkit Discovered Cybersecurity researchers at Kaspersky have discovered a third known case of a firmware bootkit in the wild. The kit, which made its first appearance in the wild in the spring of 2021, has been named MoonBounce. Researchers are confident that the campaign is the work of well-known Chinese-speaking advanced persistent threat (APT) actor APT41.…
-
CIS Risk Assessment Method (RAM) v2.1 for Implementation Group 2 (IG2)
CIS Risk Assessment Method v2.1 for IG2 is designed to help justify investments for reasonable implementation of the CIS Critical Security Controls (CIS Controls). Read More
-
Jail for prolific romance fraudster who fleeced besotted lonely hearts
To his victims he was “Tony Eden”, a middle-aged white man looking for love online, while working overseas for a drilling company. But in reality he was a school caretaker called Osagie Aigbonohan, originally from Lagos, Nigeria, and part of a criminal gang with links to the notorious Black Axe group. Read more in my…
-
San Francisco Police Illegally Spying on Protesters
Last summer, the San Francisco police illegally used surveillance cameras at the George Floyd protests. The EFF is suing the police: This surveillance invaded the privacy of protesters, targeted people of color, and chills and deters participation and organizing for future protests. The SFPD also violated San Francisco’s new Surveillance Technology Ordinance. It prohibits city…
-
Smashing Security podcast #258: Tesla remote hijacks and revolting YouTubers
Carole’s still on jury service, but the show must go on! We take a look at how some Tesla owners are at risk of having their expensive cars remotely hijacked, and why YouTubers are up in arms over NFTs. All this and much more is discussed in the latest edition of the award-winning “Smashing Security”…