More than a third of organizations have no real-time insight on cyber risks necessary to combat rising threats, a survey has shown. These organizations also lack the agility, budget and skills to mitigate known vulnerabilities to prepare for and address cyber security, according to EY's latest annual Global Information Security survey. Read more here.
Cyber Security Compliance for Power, Oil & Gas, Water Treatment, NERC-CIP, NEI 0809 and CFATS
Friday, October 31, 2014
Thursday, October 30, 2014
Cyber Security: Online Security Experts Link More Breaches to Russian Government
For the second time in four months, researchers at a computer security company are connecting the Russian government to electronic espionage efforts around the world. In a report released on Tuesday by FireEye, a Silicon Valley firm, researchers say hackers working for the Russian government have for seven years been using sophisticated techniques to break into computer networks, including systems run by the government of Georgia, other Eastern European governments and militaries, the North Atlantic Treaty Organization and other European security organizations. Read the article here.
Wednesday, October 29, 2014
Cyber Security: Targeted cyber attacks on the rise
All companies have to fend off the viruses and malware floating around the modern Internet. But a growing number face much more targeted attacks, in which hackers take aim squarely at them. Twelve percent of companies participating in an annual cyber security survey from Kaspersky Lab and B2B International reported experiencing a targeted attack during the last year. That’s up from 9 percent in 2013. Click here to read the article.
Tuesday, October 28, 2014
Cyber Security: ICS-CERT Vulnerability Summary for Week of October 20
Click the link below to view the summary of cyber security vulnerabilities for the week of October 20 as collected and reported by ICS-CERT.
https://www.us-cert.gov/ncas/bulletins/SB14-300
https://www.us-cert.gov/ncas/bulletins/SB14-300
Cyber Security: Asia Pacific countries most vulnerable to advanced cyber attacks
229 days of plundering and phishing data. That is how long it takes for advanced hackers to remain undetected before being discovered, exposing organizations to potential malicious activity for months. Besides the alarming statistic uncovered by network security company FireEye, its other reports have revealed that Asia Pacific countries are more susceptible to advanced-cyber attacks than the world as a whole. Read the article here.
Monday, October 27, 2014
Cyber Security: New York financial regulator pushes banks to plug gaps in cyber security
Following the massive cyber attack on the biggest U.S. bank JPMorgan Chase & Co (JPM.N) disclosed in August, and other financial institutions, government authorities in United States are pushing financial institutions and brokerage houses to close glaring gaps in cyber security. Click here to read the article.
Friday, October 24, 2014
Cyber Security: The 3 Biggest Cyber Security Threats Of 2014
The cyber attack on JP Morgan Chase that compromised the personal information of 76 million households is just the latest in a slew of security breaches that have plagued some of the nation’s most trusted institutions. Indeed, the number and scope of cyber attacks and threats looming today can seem overwhelming, but some are more dangerous than others. Read more here.
Thursday, October 23, 2014
Cyber Security: U.S. government probes medical devices for possible cyber flaws
The U.S. Department of Homeland Security is investigating about two dozen cases of suspected cyber security flaws in medical devices and hospital equipment that officials fear could be exploited by hackers, a senior official at the agency told Reuters. Read the article here.
Wednesday, October 22, 2014
Cyber Security: Oil and Gas Industry Unites to Pull Plug on Cyberintruders
Companies in the U.S. oil and gas industry are moving to work together to fight the onslaught of cyber security marauders infiltrating their computer network systems. Last year, the Department of Homeland Security said it worked on 256 security events involving critical infrastructure; sixty percent involved the energy sector. Read more here.
Tuesday, October 21, 2014
Cyber Security: China says US must change 'mistaken policies' before deal on cyber security
Resuming cyber security cooperation between China and the United States would be difficult because of “mistaken US practices”, China’s top diplomat has told the secretary of state, John Kerry.
Yang Jiechi, a state councilor overseeing foreign affairs, told Kerry at private talks in Boston the US “should take positive action to create necessary conditions for bilateral cyber security dialogue and cooperation to resume”, according to a statement seen on the Chinese foreign ministry website on Sunday.
“Due to mistaken US practices, it is difficult at this juncture to resume Sino-US cyber security dialogue and cooperation,” Yang was quoted as saying. The statement did not elaborate.
Read the article here.
Yang Jiechi, a state councilor overseeing foreign affairs, told Kerry at private talks in Boston the US “should take positive action to create necessary conditions for bilateral cyber security dialogue and cooperation to resume”, according to a statement seen on the Chinese foreign ministry website on Sunday.
“Due to mistaken US practices, it is difficult at this juncture to resume Sino-US cyber security dialogue and cooperation,” Yang was quoted as saying. The statement did not elaborate.
Read the article here.
Monday, October 20, 2014
Cyber Security: ICS-CERT Vulnerability Summary for Week of October 13
Click the link below to view the summary of cyber security vulnerabilities for the week of October 13 as collected and reported by ICS-CERT.
https://www.us-cert.gov/ncas/bulletins/SB14-293
https://www.us-cert.gov/ncas/bulletins/SB14-293
Cyber Security: May-August 2014 ICS-CERT Monitor
View ICS-CERT's May-August 2014 newsletter, with a feature article on control system anomalies at water treatment facilities.
https://ics-cert.us-cert.gov/sites/default/files/Monitors/ICS-CERT_Monitor_May-Aug2014.pdf
https://ics-cert.us-cert.gov/sites/default/files/Monitors/ICS-CERT_Monitor_May-Aug2014.pdf
Friday, October 17, 2014
Cyber Security: Cyber attacks an increasing threat for Mideast oil and gas
Cyber attacks are increasingly becoming a cause for concern for oil and gas
companies operating in the Middle East, information technology and security
experts say.
“We are aware these attacks are happening all the time,” said Morgan Eldred,
Research Director at American information technology research and advisory
Gartner, by phone.
Last year, Saudi Arabia’s national oil company Saudi Aramco was hit by a
virus that infected as many as 30,000 of its machines. It took nearly two weeks
for Saudi Aramco to recover from the damage, disrupting the world’s largest oil
producer.
Read the article here.
Read the article here.
Thursday, October 16, 2014
Cyber Security: Protecting Your Personal Information
The increase in large data breaches, with K-Mart being the most recent, is causing major retailers to pay closer attention to their cyber security. The FBI is offering a whole list of tips right now for National Cyber Security Awareness Month. The Cyber Security Center at the University of Nevada, Reno also has recommendations for protecting your personal information. Read the article here.
Wednesday, October 15, 2014
Cyber Security: Russian Cyberspies Hit Ukrainian, US Targets With Windows Zero-Day Attack
The Russian cyber espionage and cybercrime worlds once again have collided in a newly discovered cyberspying campaign that uses a zero-day flaw found in all supported versions of Microsoft Windows. Researchers at iSIGHT Partners, who have been tracking the so-called Sandworm cyber espionage team out of Russia and four other such teams there for some time, discovered the group using a previously unknown security weakness in Windows. Click here to read the article.
Tuesday, October 14, 2014
Cyber Security: The Holidays Bring A New Season For Credit Card Breaches
By this time next year, U.S consumers will likely use credit cards with electronic chips, like these in Germany. But they're only expected to stop 60 percent of fraud, prompting a retailers' spokesperson to call them the "not-so-smart card." Click here to read the article.
Monday, October 13, 2014
Cyber Security: Kmart becomes latest retailer hit by data theft
Sears Holdings Corp. announced late Friday that it detected a data breach at its Kmart stores that started last month and that certain customers' credit and debit card accounts may have been hacked. The data theft at Kmart is the latest in a string of incidents that have hit several big retailers, including Target, Supervalu and Home Depot. Read more here.
Cyber Security: ICS-CERT Vulnerability Summary for Week of October 6
Click the link below to view the summary of cyber security vulnerabilities for the week of October 6 as collected and reported by ICS-CERT.
https://www.us-cert.gov/ncas/bulletins/SB14-286
https://www.us-cert.gov/ncas/bulletins/SB14-286
Friday, October 10, 2014
Cyber Security: The one cybersecurity threat everyone misses
After a spate of high-profile cyber security breaches at major companies like Target and, more recently, Home Depot and JPMorgan Chase, the biggest players for the most part have strong protections to wall off their proprietary information. But smaller vendors who can't afford expensive security measures—and yet have links to some of their larger client's sensitive data—are now in the crosshairs of sophisticated hackers. Read the article here.
Thursday, October 9, 2014
Cyber Security: China military calls for stronger cybersecurity, domestic software
China's armed forces will ramp up their cybersecurity and speed domestic development of software, state media said on Wednesday, as the world's largest military seeks to shore up potential technological weaknesses. Read more here.
Wednesday, October 8, 2014
Cyber Security: Banks move to secure ATM machines following brazen cyber attacks
In an immediate measure to prevent future hacking of their automated teller machines , banks will install alarms on the top panel of their machines and seal the CD-ROM slots. This comes after a meeting between the police and managers of banks affected by the recent spate of ATM hacking in Selangor, Malacca and Johor. Click here to read the article.
Tuesday, October 7, 2014
Cyber Security: Cyber security mystery at JPMorgan Chase
The online security breach of JPMorgan Chase has raised puzzling questions about what the overseas hackers were after - and has pointed up just how steep the challenges are to keep information safe online. In the JPMorgan Chase incident, which is one of the largest online security breaches in history, the hackers were able to access the contact information of 76 million households and 7 million small businesses having accounts with the banking behemoth, the company disclosed Thursday. Read the full story here.
Monday, October 6, 2014
Cyber Security: Critical USB hack goes public; how bad is the risk?
Because we just don't already have enough tech security problems to worry about, computer science researchers have just published a potentially catastrophic security exploit. It's ubiquitous, it's nearly impossible to fix, and it's all thanks to these little devices. Read the article here.
Cyber Security: ICS-CERT Vulnerability Summary for Week of September 29
Click the link below to view the summary of cyber security vulnerabilities for the week of September 29 as collected and reported by ICS-CERT.
https://www.us-cert.gov/ncas/bulletins/SB14-279
https://www.us-cert.gov/ncas/bulletins/SB14-279
Friday, October 3, 2014
Cyber Security: Computer security threat could be worse than Heartbleed
Internet security experts are warning a new programming flaw known as the “Bash Bug” may pose a serious threat to computers and other devices, such as home Internet routers. Even the systems used to run factory floors and power plants could be affected. Read the article here.
Thursday, October 2, 2014
Cyber Security: Inside Hackers Seen as $40 Billion Threat for Employers
Fired from a job as a technology contractor for a Toyota Motor Corp. factory in Kentucky, Ibrahimshah Shahulhameed went home, logged into the company’s computer network and attacked it with programming commands. It took the automaker months to fix the damage and landed Shahulhameed in prison. Read more here.
Wednesday, October 1, 2014
Cyber Security: Yes, hackers can now control traffic lights
We’ve seen it happen in movies like The Italian Job, but could hackers manipulate traffic signals in the real world?
According to a study released last month from the University of Michigan, the answer is sometimes yes, and with ease. Click here to read the article.
Subscribe to:
Posts (Atom)