Security News > 2022 > June

There are technological and expertise hurdles that a miscreant would have to clear today to track a person through the Bluetooth signals in their devices, they wrote. The researchers - who hail from the school's departments of Computer Science and Engineering and Electrical and Computer Engineering - pointed to the applications governments added to Apple iOS and Android devices used in the COVID-19 pandemic that send out constant Bluetooth signals - or beacons - for contact-tracing efforts.

In this video for Help Net Security, Christian Lawaetz Halvorsen, CTO at Valuer, talks about what cybersecurity investors should be aware of in 2022. He discusses the pain points, what mitigating actions can be implemented and finally how to identify solutions that effectively target and solve these challenges.

The report found that 85% of IT security professionals have experienced preventable business impacts resulting from insufficient response procedures, while 97% said that more accurate alerting would increase their confidence in automating threat response actions. "Modern security operations centers should be equipped with high-fidelity alerts, that include proper contextualization and correlation to provide as clear of a picture of the threat as possible. Not only does that enable analysts to work better, but it also unlocks the ability to implement automated response actions that stop threats with speed and precision. The key is confidence in the detection."

Russia and China have each warned the United States that the offensive cyber-ops it ran to support Ukraine were acts of aggression that invite reprisal. The US has acknowledged it assisted Ukraine to shore up its cyber defences, conducted information operations, and took offensive actions during Russia's illegal invasion.

Abraham is a part of a team led by Kausik Majumdar, Associate Professor at ECE, which has developed a true random number generator, which can improve data encryption and provide better security for sensitive digital data such as credit card details, passwords and other personal information. Cryptographic keys are typically generated in computers using pseudorandom number generators, which rely on mathematical formulae or pre-programmed tables to produce numbers that appear random but are not.

"The rise and proliferation of cryptocurrency has also provided attackers with a new method of financial extraction." The targeting of sensitive cryptocurrency data by threat actors was recently echoed by the Microsoft 365 Defender Research Team, which warned about the emerging threat of cryware wherein private keys, seed phrases, and wallet addresses are plundered with the goal of siphoning virtual currencies by means of fraudulent transfers.

When Sandra Joyce, EVP of Mandiant Intelligence, describes the current threat landscape, it sounds like the perfect storm. "We predicted supply-chain attacks four years ago," Joyce said, in an interview with The Register at the RSA Conference.

Microsoft is finally rolling out the new File Explorer tabbed interface with the release of Windows 11 Insider Preview Build 25136 to the Dev Channel. "To help you work across multiple locations at the same time, the title bar of File Explorer now has tabs. We'd love your feedback on which tabs features you'd like to see next," the Windows Insider team said.

These days, cybercriminals are living off the cloud, according to Katie Nickels, director of intelligence for Red Canary and a SANS Certified Instructor. "It's not enough to pay attention to the operating systems, the endpoints, said Nickels, speaking on a SANS Institute panel about the most dangerous new attack techniques at RSA Conference."Adversaries, a lot of their intrusions, are using cloud services of different types.

Neat video. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.