Security News

Closing the cybersecurity gender gap would boost the US economy by $30B
2020-03-11 08:00

82% of women in cybersecurity jobs agree the industry has a gender bias problem. A significant gender gap exists in cybersecurity, with women occupying less than a quarter of the roles.

Live Webinar | Four Identity Management Best Practices for Improving Patient Care as Learned from Top US Children's Hospitals
2020-03-09 17:48

The process of constructing a holistic policy-based identity management solution can be difficult and overly complex, especially in the sensitive hospital environment with myriad identities. An integrated identity ecosystem provides a unified view across both cyber and physical security system; improving the overall hospital experience.

US, UK and Estonia Accuse Russia of Cyber Attack on Georgia
2020-03-06 19:07

UNITED NATIONS - The United States, United Kingdom and Estonia accused Russia's military intelligence Thursday of conducting cyber attacks against the Georgian government and media websites in an attempt "To sow discord and disrupt the lives of ordinary Georgians." Estonian Ambassador Sven Jurgenson read a statement afterward, flanked by UK Ambassador Karen Pierce and acting U.S. deputy ambassador Cherith Norman Chalet, saying the cyber attacks "Are part of Russia's long-running campaign of hostile and destabilizing activity against Georgia and are part of a wider pattern of malign activity."

March 2020 Patch Tuesday forecast: Let’s put the madness behind us
2020-03-06 07:00

The updates were pulled, and we are waiting to see if Microsoft re-releases a more comprehensive fix this patch Tuesday. The advisory specifically stated, "The March 10, 2020 and updates in the foreseeable future will not make changes to LDAP signing or LDAP channel binding policies or their registry equivalent on new or existing domain controllers." These features will be included in the March Patch Tuesday updates, so take advantage and enable them.

US Lawmakers Propose Internet Controls to Fight Child Porn
2020-03-06 05:04

US lawmakers proposed legislation Thursday that could see internet companies held legally responsible for content on their platforms if they don't do enough to police child pornography. Senators from both parties, backed by the Department of Justice, said that existing laws immunizing internet hosts like social media companies from liability for user-posted content have allowed child pornography to proliferate.

Staffer emails compromised and customer details exposed in T-Mobile US's third security whoopsie in as many years
2020-03-05 19:00

T-Mobile US was hacked by miscreants who may have stolen some customer information. The hackers gained access to employee email accounts, which contained customer account information.

US Lawmakers Told of Security Risks From China-owned TikTok
2020-03-04 22:13

US officials on Wednesday stepped up warnings about the potential security risks from the fast-growing, Chinese-owned TikTok as a lawmaker unveiled legislation to ban the social media app from government devices. Senator Josh Hawley, who convened the hearing, said he was introducing a bill to ban TikTok from all US government devices, calling it "a major security risk for the American people."

How to gather cyber threat intelligence from dark markets without breaking US law
2020-03-03 13:55

The U.S. Department of Justice's Cybersecurity Unit has released guidelines for organizations that want to gather cyber threat intelligence from dark web forums/markets but, at the same time, want to stay on the right side of the law. The document focuses on "Information security practitioners' cyber threat intelligence-gathering efforts that involve online forums in which computer crimes are discussed and planned and stolen data is bought and sold. It also contemplates situations in which private actors attempt to purchase malware, security vulnerabilities, or their own stolen data-or stolen data belonging to others with the data owners' authorization-in Dark Markets."

Wi-Fi kit spilling data with bad crypto – Huawei, eh? No, it's Cisco. US giant patches Krook spy-hole bug in network gear
2020-03-02 18:16

It looks like Switchzilla is moving swiftly to clear up the Krook bug discovered by ESET. Just hours after the researchers delivered their findings in a report, Cisco gave its own advisory on the Wi-Fi data snooping flaw. Missing C++ update opens security hole in Ubuntu 16.04.

US Congress Passes Bill Funding 'Rip and Replace' for Huawei Gear
2020-03-01 12:40

US lawmakers have passed legislation offering $1 billion to help telecom carriers "Rip and replace" equipment from Chinese tech firms Huawei and ZTE amid national security concerns. To allay concerns over the impact for small telecom carriers, the bill provides funds to subsidize the removal of equipment "That poses a national security risk" for firms with fewer than two million customers, according to the text.