Security News
So-called cyber-attack insurance "Cannot be a substitute for better basic cybersecurity," the National Cyber Security Centre's chief exec has said in her first major speech since taking office. Lindy Cameron took over from founding CEO Ciaran Martin last summer and on Friday made her first public appearance since taking office.
Magic WAN with Magic Firewall gives customers of all sizes a one-stop-shop to connect and secure data, devices, offices, cloud networks, and more without relying on hardware boxes. Magic WAN is a SaaS solution that connects any traffic source to Cloudflare's global network for secure, fast connectivity, and Magic Firewall integrates with it to enforce security rules across all traffic.
In a change from its recent bombastic blather, the British government has published a new Defence Industrial Strategy that looks like it wants to put the infosec industry on a gold-plated pedestal. "Government also needs to provide complementary support to industry and ensure that the public sector can access the right skills to remain an intelligent customer," said the Defence and Security Industrial Strategy whitepaper published this week.
Akamai MFA provides FIDO2 multi-factor authentication without hardware security keys. Akamai Technologies announced the launch of Akamai MFA, a phish-proof solution designed to enable enterprises to quickly deploy FIDO2 multi-factor authentication without the need to deploy and manage hardware security keys.
A former asylum seeker with a postgraduate degree in cybersecurity who alleged his bosses were spying on him for MI5 has lost his attempt to claim he was racially discriminated against. The anonymous man, who worked for an unnamed company that set up a UK cyber range in mid-2019, told the Employment Tribunal that he had quit after being subjected to racial harassment at work - but judges overruled all of his legal claims.
Security intelligence firm Recorded Future's Insikt Group has written a paper alleging China was behind attacks on India's electricity grid. The attack is considered the probable source of Mumbai's power outage in October of the same year.
North Korea's hackers homed in on specific infosec researchers and infected their systems with a backdoor after luring them to a suspicious website, Google revealed on Monday. "The researchers have followed a link on Twitter to a write-up hosted on blog.br0vvnn[.]io, and shortly thereafter, a malicious service was installed on the researcher's system and an in-memory backdoor would begin beaconing to an actor-owned command and control server," said Googler Adam Weidemann.
Last week ended with news that the venerable infosec mailing list Bugtraq was being shutdown at the end of the month. From its first posts in November 1993, Bugtraq aimed to get details of vulnerabilities, as well as defence and exploitation techniques, onto netizens' radar, and discussed among admins and security researchers.
Last week ended with news that the venerable infosec mailing list Bugtraq was being shutdown at the end of the month. From its first posts in November 1993, Bugtraq aimed to get details of vulnerabilities, as well as defence and exploitation techniques, onto netizens' radar, and discussed among admins and security researchers.
By running a survey on whether infosec bods think the Common Vulnerability Scoring System is a useful tool for assessing security flaws, Dr Zinaida Benenson of Friedrich-Alexander Universität Erlangen-Nürnberg's IT Security Infrastructure Lab in Germany hopes to further the infosec world's understanding of how reliable the system really is. While the survey hopes to gain up to 300 respondents, Benenson was coy about precisely what she's hoping to prove or disprove, but she did drop The Register a hint about the current state of CVSS scoring.