News – August 2021


  • Black Hat: How cybersecurity incidents can become legal minefields

    August 5, 2021

    When a company becomes the victim of a cyberattack, executives are faced with a tsunami of challenges: containing a breach, remediation, informing customers and stakeholders, identifying those responsible, and conducting a forensic analysis of the incident — to name but a few. However, it is not just the real-world issues faced, in the now, that businesses ...

  • Security company warns of Mitsubishi industrial control vulnerabilities

    August 5, 2021

    Cybersecurity company Nozomi Networks Labs has warned the industrial control system (ICS) security community about 5 vulnerabilities affecting Mitsubishi safety PLCs. In a new report, the company said Mitsubishi acknowledged the issues — which are focused on the authentication implementation of the MELSOFT communication protocol — after they were discovered at the end of 2020. The Japanese ...

  • How Social Norms Can Be Exploited by Scammers on Social Media

    August 5, 2021

    Social media platforms are excellent hunting grounds for scammers. This is where we connect with our friends or people who we have something in common with. This is precisely what scammers exploit—our connections and the trust that is afforded between friends or acquaintances. From an early age, we are taught to be kind and compassionate as ...

  • Black Hat: This is how a naive NSA staffer helped build an offensive UAE security branch

    August 4, 2021

    What began as an incredible job offer for a naive, young security analyst turned into an explosive case of former US experts unwittingly helping a foreign service create an offensive security branch. Known as Project Raven, a team of over a dozen former US intelligence operatives was poached with promises of job roles that seemed too ...

  • The Next Disruptive ICS Attacker: A Disgruntled Insider?

    August 4, 2021

    Often, the most critical threats come from within an organization itself. This is true for all sectors, but it is especially true for industrial control systems (ICS). Technicians in these environments already have access to plant controls and may have the deep knowledge of industrial processes needed to achieve specific goals. The damage caused by ...

  • Ransomware attack hits Italy’s Lazio region, affects COVID-19 site

    August 4, 2021

    The Lazio region in Italy has suffered a reported ransomware attack that has disabled the region’s IT systems, including the COVID-19 vaccination registration portal. Early Sunday morning, the Lazio region suffered a ransomware attack that encrypted every file in its data center and disrupted its IT network. “The attack blocked almost every file in the data center. ...

  • MILIPOL PARIS 2021, 22nd edition – The leading event for homeland security and safety – Paris-Nord Villepinte exhibition centre from October 19 to 22, 2021

    August 4, 2021

    For several decades now, Milipol Paris has been the world’s top event dedicated to safety and security professionals. It is the place where technological innovations are presented as an effective response to the sector’s needs and the major threats. Organised under the patronage of the French Ministry of the Interior, this new edition of Milipol ...

  • ‘DeadRinger’ Targeted Exchange Servers Long Before Discovery

    August 4, 2021

    Threat actors linked to China exploited the notorious Microsoft Exchange ProxyLogon vulnerabilities long before they were publicly disclosed, in attacks against telecommunications companies aimed at stealing sensitive customer data and maintaining network persistence, researchers have found. Researchers from Cybereason have been tracking multiple cyberespionage campaigns – collectively dubbed “DeadRinger” – since 2017, reporting initially on findings ...

  • The Pentagon says its new AI can see events ‘days in advance’

    August 4, 2021

    The US military is testing the use of cutting-edge data gathering tools combined with artificial intelligence to predict enemies’ next moves with up to days of advance. Speaking at a press conference, the commander of the US Northern Command (NORTHCOM) Glen VanHerck revealed that trials have been on-going to improve the military’s use of data when ...

  • NSA, CISA release Kubernetes Hardening Guidance

    August 3, 2021

    FORT MEADE, Md. – The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity Technical Report, “Kubernetes Hardening Guidance,” today. This report details threats to Kubernetes environments and provides configuration guidance to minimize risk. Kubernetes is an open source system that automates the deployment, scaling, and management of applications run ...

  • PwnedPiper critical bug set impacts major hospitals in North America

    August 2, 2021

    Pneumatic tube system (PTS) stations used in thousands of hospitals worldwide are vulnerable to a set of nine critical security issues collectively referred to as PwnedPiper. PTS solutions are part of a hospital’s critical infrastructure as they are used to quickly deliver items like blood, tissue, lab samples, or medication to where they’re needed. Read more… Source: Bleeping ...

  • Risks in Telecommunications IT

    July 29, 2021

    Telecommunications is just one aspect of a 200-year-old field of research in IT. In our latest report, “Islands of Telecoms: Risks in IT,” we liken this field to what seems to be separate islands that are in fact connected by a larger landmass underneath an ocean of IT. Indeed, the features of telecommunications might seem ...