Utah Wind and Solar Power Generation hit by a Cyber Attack

A Cyber Attack that took place on a Utah based renewable energy generation provider named sPower is said to have disconnected the power generation source from the Central US Power Grid. Although the cyber incident took place in March this year, it was revealed yesterday by a news resource named E&E News after it obtained information from the Department of Energy as per the Freedom of Information Act (FOIA). Highly placed sources say that the attack disrupted the operator in two ways- One by disconnecting it from the Central US Power Grid. Secondly,...

Read More

App stores become home to Government Spyware

Security researchers from BlackBerry’s Cylance have discovered that Android and iOS app stores have become home to government-induced espionage malware. According to the company’s latest report, prolific and pervasive government spyware are being spread on Android and iOS application platforms which give us a confirmation that consumers are being misled by technology companies that are making them live in a false sense of security. Blackberry claims that hundreds of apps have somehow found a way into Apple and Google app stores by breaking into...

Read More

The Bitglass Blog

Despite the massive international push for cloud adoption, a distressing number of corporations have not deployed the proper means to securing critical data. Traditional firewalls may have sufficed in the traditional on-prem setting, but with businesses adopting BYOD (bring your own device) for on-premises use and the emerging trend of telecommuting for employees that work remotely, the need for a borderless solution has become increasingly vital. This day in age, enterprises that solely rely on traditional firewall solutions are waging a bet and...

Read More

Pay Ransom to Ransomware spreading hackers says FBI

  US Federal Bureau of Investigation(FBI) has suddenly taken a U-Turn on its decision to not pay ransom to hackers during ransomware incidents. And that’s because it is proving as a cost-effective option to victims rather than recovering data through various means.   Although the company doesn’t want the victimized companies to cave into the demands of hackers, it does say to pay if that’s the only option left to unlock the data.   “Paying a ransom encourages cyber crooks to launch more cyber attacks on organizations and companies...

Read More

Dtrack Malware attack on India’s largest Nuclear Power Plant

The Nuclear Power Corporation of India Limited (NPCIL) has issued a press statement yesterday admitting that its digital infrastructure did go through a Dtrack malware attack. However, AK Nema, the associate director of NPCIL has cleared the air that the attack was neutralized before it could affect any sensitive infrastructure. Going by the details, CERT-In (India’s Computer Emergency Response Team) was the first agency that detected the malware attack on September 4th, 2019 and is said to have reported the same to NPCIL in September 5th, 2019....

Read More

Hackers plead guilty for hacking and accessing 57m user details from Uber and LinkedIn

Two hackers have pleaded guilty for stealing account information of over 57 million users belonging to tech companies Uber and Lynda- now renamed as LinkedIn Learning after acquisition by the professional networking giant. Highly placed sources say that the two hackers, Brandon Glover, of Florida and Vasile Mereacre of Toronto, Canada were presented before the Florida Court of Justice yesterday and admitted for hacking information from Amazon Web Servers related to two companies. They also agreed that their intention to fraudulently access the...

Read More

Security Congress: Securing a Rapidly Changing Environment

The cyber ecosystem is changing faster than ever, creating new attack surfaces and increasing the challenge of defending against new and evolving threats. The fast-changing landscape requires new ways of thinking and approaches to protect environments that spread across on-premise and cloud infrastructures and connect IT with OT (operational technology) systems. Just accepting...

Read More

Security Visibility is Mission-Critical

IaaS has continued to evolve and make it easier for companies to set up public cloud infrastructure faster than ever. Many are doing just that and moving more and more workloads to cloud environments. Although in these new, dynamic environments where changes happen often, and fast, security is mission-critical, but achieving security visibility is still a challenge for security teams. The same properties that make a dynamic cloud environment attractive to businesses often add complexity to matters of security and compliance—a daunting challenge...

Read More

Physical threats to Cybersecurity that you must address

Photo by Nahel Abdul Hadi on Unsplash Over 90% of data breach is attributed to human error costing a company anywhere from $1.25 million to $8.19 million. Tackling cybersecurity does not only entail non-physical risks, but also includes an assessment of physical threats such as human, internal, and external hazards. Only then can an appropriate and effective...

Read More

Cyber Attacks on Asian Ports cost $110 Billion

A survey conducted by London firm Lloyd says that the cyberattacks on Asian Ports could cost as much as $110 Billion which is equal to the loss borne by natural catastrophes in 2018. Therefore, covering commercial risks has become a lucrative earning option for insurance providers having businesses in Europe, Asia, and the United States.   Lloyd’s report also states that the past year witnessed the disruption of operations in more than 15 ports running in Japan, Malaysia, Singapore, South Korea, and China. However, the bad news is that more...

Read More

Security Congress Day 2: From PAM to Cyber Insurance to Finding a Voice

While cybersecurity spending is expected to hit $124 billion this year, only a small portion of it will go toward identity management. Yet, a disproportionate number of breaches occur because of flaws in access management and dangerous practices such as the sharing of passwords, according to Tariq Shaikh, CISSP, Senior Security Advisor for CVS Health. Identity management spending...

Read More

Facebook sues Israeli firm NSO for spying on 1400 targets via WhatsApp malware

Facebook has issued a press update yesterday saying that an Israeli firm named NSO group has used malware tactics to spy on 1400 targets across the world between April- May 2019 via WhatsApp. The social networking giant is intending to sue the firm for carrying malpractices and will be contacting all affected customers individually by detailing them about the cyber attack.   Chances are high that Facebook might intend to block the company soon from using its service on a permanent note as it has violated laws including the US Computer Fraud...

Read More

Google Pay users get Biometrics Security

All those who use Google Pay for making digital payments might feel happy by knowing that the technology giant has introduced Biometrics security to allow users to protect their online transactions using fingerprint and facial recognition features. The feature can be seen in the latest 2.100 version of the app and will be rolled out across the digital wallet platform in the next few days. As a result of this payment security update, users can also opt for biometrics API so that they can use fingerprints or facial recognition to authenticate a money...

Read More

Security Congress Keynote Speaker: Put Down Your Phone

At public events, speakers and performers often ask the audience to turn off their mobile phones, but Catherine Price really meant it. She asked attendees of Tuesday’s keynote speech at (ISC)2 Security Congress 2019 to actually press their phones’ power button. “I’m going to guess a lot of people are feeling uncomfortable. A lot of you faked it. A lot of you are probably hating...

Read More

Privacy Regulations: More Work for Cyber Professionals

Whenever new data privacy and cybersecurity laws go into effect, they create more work and responsibilities for cyber professionals. This reality hasn’t gone unnoticed by attorney Scott Giordano, who reminded cybersecurity professionals during a session about the California Consumer Privacy Act (CCPA) that the law will create new duties for them. Giordano, Vice President of...

Read More

Security Expert: AI Not Ready for Cybersecurity

While artificial intelligence (AI) has gotten a lot of attention in recent years as a possible solution for cybersecurity issues, Winn Schwartau argues there’s a long way to go before we can trust AI and its siblings, machine learning (ML) and deep learning (DL), to deliver the results we need. During a presentation on the ethical bias of AI-based systems at the (ISC)2 Security...

Read More

New payment revolution lets consumers manage ecommerce transactions from their mobile banking app

For many of us it would be practically impossible to count all of the times we’ve had to provide credit card details to online retailers. There are millions of ‘digital footprints’ of financial records across the internet, making it an arduous – likely impossible – task to find out which retailers have kept these details on file, whether that card is still in use or whether...

Read More

Three developments helping to increase trust in the commercial drone ecosystem

In recent years, vast leaps forward in drone technology have helped to confirm their practical application in a variety of different environments. In times of natural disasters, such as avalanches for example, drones have help saved the lives of people buried under the snow, by scanning large mountainous areas quicker than a person on foot. What’s more, in point-to-point...

Read More

Apple issues Mobile Security warning to old iPhone and old iPad users

Apple Inc has issued a mobile security warning to owners of old iPhones and Old iPads saying their devices will be prone to vulnerabilities such as failing to connect to the internet and can easily be intercepted by hackers after this weekend. Technically speaking, the iPhone giant has issued a warning that all its old iPhone devices are prone to GPS Clock reset in April next year, after which the devices will lose track of time. And this is reported to happen every 19.5 years. So, iPhone and iPad users are being requested to update their software...

Read More

Microsoft previews Azure Sphere with Cloud Security controls

Microsoft has announced the release date of its Azure Sphere which happens to be February 9th of 2020. The Linux based chip which was earlier named ‘Project Sopris’ by the tech giant was previewed to the world yesterday at the IoT Solutions World Congress.   Microsoft Azure Sphere is a Linux based silicon wafer that can be used to power internet-connected devices. Operating with a MediaTek MT3620 processor and an Azure Sphere OS entailed with Linux Kernel, the architecture is ambled to provide authentication, threat response and info related...

Read More

Over 2K of Media, Government and TV station websites hacked in Georgia

More than 2,000 websites are reported to be hacked in Georgia in a massive cyberattack launched late yesterday. And security analysts suggest that it was a sophisticated attack made on web hosting provider Pro-Service which led to the disruption. Highly placed sources say that the shutdown websites include those related to government agencies, Media and TV stations and a few from local banks and legal courts. TV Channel Pirveli was also partially affected by the cyber incident. As all those websites were being hosted on a single provider, hackers...

Read More

Cybersecurity Ethics: How Far Is Too Far?

When doing their work, cybersecurity professionals often come across situations that put their skills to the test. And sometimes those tests have far less to do with technology or business than with questions of ethics. When cyber professionals discover vulnerabilities while performing penetration tests or some other security-related work, is it OK to disclose those vulnerabilities...

Read More

Security Congress Kickoff: Creating a Safe World

The spotlight was on safety at the kickoff this morning of (ISC)² Security Congress 2019, taking place this week in Orlando. First, (ISC)² CEO David Shearer talked about the role that association members have in protecting society through their cybersecurity work. Then, Capt. Chesley Burnett “Sully” Sullenberger, the pilot of flight 1549, which landed on the Hudson River in...

Read More

UK offers a £20M worth Cyberthreat contract to CGI

Canadian Global Information is shortly known as CGI has bagged a government contract worth £20M to develop a Cyber Threat analysis system for the UK’s Ministry of Defense. A white paper released by the government of Britain recently has confirmed the same and added that the service will be utilizing a combination of various data sources to support the decision-making skills for authorities in the field of Cyber Defense.   Readers of Cybersecurity Insiders have to notify a fact that the same company won a £5.6 million contract two years back...

Read More

UK suspects China is conducting espionage with few among 100,000 Chinese University students

MI5 and GCHQ have warned universities and educational institutes operating across their region that the Chinese government could be conducting espionage on its research and computer systems through hidden spies among the 100,000 Chinese students who are studying on the campus. The agency suspects that the investment made by the Beijing in the research work of UK Universities was multi-purpose as it could be using students as espionage agents to transmit data related to research to the Xi Jinping government. It has to be notified over here that...

Read More