-
"Ripple20 Threatens Increasingly Connected Medical Devices"JSOF security researchers recently discovered a series of vulnerabilities, dubbed "Ripple20", that impact connected devices in the enterprise, industrial, and healthcare industries. The Ripple20 vulnerabilities were found in a low-level TCP/IP software…
-
"FakeSpy Android Malware Spread Via ‘Postal-Service’ Apps"Researchers have discovered a new "smishing" campaign carried out by the Roaming Mantis threat group. The adversaries are targeting Android mobile devices and are spreading FakeSpy infostealer malware. The malware is disguised as legitimate…
-
"Philips Release Patches for Vulnerabilities Affecting its Medical Devices"Philips, a leading health technology solutions company, recently reported vulnerabilities discovered in its ultrasound medical devices to the U.S. Department of Homeland Security's (DHS) Cybersecurity and Infrastructure Security Agency (CISA). According…
-
"Resilience Improved, but Response Dragged Down by Too Many Tools, Too Few Playbooks"IBM Security's fifth annual Cyber Resilient Organization Report based on a global survey conducted by the Ponemon Institute found that most organizations' response plans are still inadequate. More than 70 percent of organizations have revealed that their…
-
"Email Sender Identity is Key to Solving the Phishing Crisis"There have been massive advancements in perimeter and endpoint defenses, but email remains a cybersecurity risk for many companies. Almost 90 percent of email attacks manipulate sender identity to fool recipients and initiate social…
-
"New EvilQuest macOS Ransomware is a Smokescreen For Other Threats"A new macOS ransomware dubbed EvilQuest was first spotted in late June by a malware researcher with K7 Lab. The ransomware was impersonating the Google Software Update program. The ransomware is usually delivered bundled up with pirated…
-
"No Keys to the Kingdom: New Single Sign-On Algorithm Provides Superior Privacy"Researchers from the Tokyo University of Science (TUS) have developed a new single sign-on (SSO) algorithm that prevents the disclosure of a user's identity and personal information to third parties. SSO systems provide users the option to access…
-
"iOS 14 Flags TikTok, 53 Other Apps Spying on iPhone Clipboards"
iOS 14 beta version has been released. iOS 14 can identify applications that silently and automatically read anything a user copies into their mobile device's clipboard. The iOS 14 flagged TikTok, and 53 other apps for spying on iPhone…
-
"Hackers Hide Credit Card Stealing Script in Favicon Metadata"
Malwarebytes recently reported malicious code insertion inside the Exchangeable Image File Format (EXIF) data of a favicon by hackers. A favicon is a small image used by web browsers to show a graphical representation of a website. Hackers are hiding…
-
"New Cybersecurity Standard for IoT Devices Established By ETSI"The European Telecommunications Standards Institute (ETSI) Technical Committee on Cybersecurity has revealed a new standard, titled ETSI EN 303 645, for the Internet of Things (IoT). It was developed through collaboration with members from academia,…
-
"US Cyber Command Says Foreign Hackers Will Most Likely Exploit New PAN-OS Security Bug"US Cyber Command is warning that foreign state-sponsored hacking groups will likely try to exploit a significant security bug disclosed today in PAN-OS. PAN-OS is the operating system running on firewalls and enterprise VPN appliances from Palo…
-
SoS Musings #38 - Critical Infrastructure Cybersecurity
SoS Musings #38 - Critical Infrastructure Cybersecurity
News