Millions of IoT Devices Open to Attack Due to Security Flaws

Forescout Research Labs and JSOF researchers have discovered nine security flaws in four commonly used TCP/IP stacks that make 100+ million devices vulnerable to attack. The set of flaws, dubbed Name:Wreck, mainly impact Internet of Things (IoT) products and IT management servers. The TCP/IP stacks that integrate network communication protocols to connect devices and the Internet are found in operating systems such as the open-source FreeBSD and Siemens’ Nucleus NET. An attacker could crash a device, take it offline or gain control of it. Continue reading Millions of IoT Devices Open to Attack Due to Security Flaws

C-Suite Trends: Spending on Defensive AI, IT to Rise in 2021

MIT Technology Review Insights and cybersecurity firm Darktrace published a survey of 300+ worldwide C-level executives, directors and managers that reveals 96 percent are adopting “defensive AI” against AI-driven attacks. Of this cohort, 55 percent said traditional security solutions aren’t able to anticipate such AI-driven attacks. Defensive AI is comprised of self-learning algorithms that recognize normal user, device and system patterns and can spot anomalies. Gartner reported that global spending on IT will reach $4.1 trillion this year. Continue reading C-Suite Trends: Spending on Defensive AI, IT to Rise in 2021

Biden to Issue Executive Order Upgrading U.S. Cybersecurity

President Joe Biden is working on a draft executive order to require companies doing business with the federal government to report hacks within a few days. Homeland Security secretary Alejandro Mayorkas stated the order would also require the companies to use data encryption and two-factor authentication and would combat ransomware and improve protection for industrial control systems, transportation and election security. The SolarWinds hack has prompted the government to pay closer attention to cybersecurity. Continue reading Biden to Issue Executive Order Upgrading U.S. Cybersecurity

New Report Finds TikTok Does Not Pose a U.S. Security Risk

University of Toronto’s cybersecurity group The Citizen Lab just released a report with the finding that TikTok’s underlying code does not pose a threat to U.S. national security. Former president Donald Trump and leaders in other countries accused ByteDance’s TikTok of spying for China but The Citizen Lab, which reports on censorship and surveillance by Chinese social media apps, found no evidence of “overtly malicious behavior.” However, they added that there could be undiscovered security issues. Continue reading New Report Finds TikTok Does Not Pose a U.S. Security Risk

Facebook’s Red Team X Finds Bugs in Third Party Products

Facebook’s Red Team is tasked with spotting vulnerabilities on the platform before hackers do. Many tech companies have similar red teams but, at Facebook, Red Team manage Nat Hirsch and his colleague Vlad Ionescu saw an opportunity to do more after COVID-19 hit. Established last spring and headed by Ionescu, Facebook’s Red Team X both works independently with its internal, original Red Team and looks into weaknesses of third-party products that represent a potential threat to its own platform. Continue reading Facebook’s Red Team X Finds Bugs in Third Party Products

Cybersecurity: White House Pursues Public-Private Alliances

Russia and China recently ran sophisticated hacks from servers inside the United States, going undetected by the National Security Agency, which is prohibited from conducting surveillance in the U.S., as well as the FBI and Department of Homeland Security. Private computer security firms were the first to raise the alarm on these foreign attacks, and Microsoft reported that its patches are being reverse-engineered by criminal groups to launch ransomware attacks on corporations. The White House is paying attention. Continue reading Cybersecurity: White House Pursues Public-Private Alliances

After SolarWinds Hack, Big Tech Debates Cloud Data Security

The SolarWinds hack invaded at least nine U.S. government agencies and 100+ corporations. Now, Microsoft is at odds with Dell Technologies and IBM on the best way to secure data. Microsoft president Brad Smith stated that “cloud migration is critical to improving security maturity,” but the other two companies opine that a hybrid cloud and on-premise data storage is preferable. Smith stated that all the breached accounts Microsoft identified involved on-premise systems and that a hybrid system is more vulnerable to attacks. Continue reading After SolarWinds Hack, Big Tech Debates Cloud Data Security

White House Names Official to Lead Probe of Expansive Hack

In December, suspected Russian hackers compromised SolarWinds Corp., a small software vendor, leveraging it to infiltrate the U.S. departments of Commerce, State and Treasury, as well as numerous private companies. An in-depth investigation revealed that the hack’s scope was larger than first known, with about one-third of those hacked having no direct connection with SolarWinds. Now, the Biden administration has selected White House National Security Council senior official Anne Neuberger to lead the response. Continue reading White House Names Official to Lead Probe of Expansive Hack

CES: Snapshot of All-Digital Show’s Announcements, Trends

CES 2021 concluded last week in the wake of a challenging year marked by political unrest, social upheaval and a global pandemic that continues to impact our personal and professional lives. And much like all that we’re juggling in our current COVID world, the all-digital format of this year’s CES presented a number of unique challenges, most notably how to determine which products and services are most relevant to an M&E audience without the benefit of interacting up close in person. We’re still working our way through information from nearly 2,000 companies and will continue to report our findings on ETCentric. In the coming weeks, ETC will also publish a comprehensive overview of the show with a focus on four dynamic themes, rather than trends: Adaptation, Change, Snapback and Opportunity. In the meanwhile, we provide this snapshot of some of the key products, technologies, trends and announcements. Continue reading CES: Snapshot of All-Digital Show’s Announcements, Trends

CES: Microsoft Keynote on Promises, Responsibility of Tech

Microsoft president Brad Smith’s CES keynote balanced Microsoft’s global footprint with the opportunities, challenges and responsibilities of technology, government and people. Smith illustrated these themes with sections on massive data, environmental impact, cybersecurity, privacy, artificial intelligence, regulation, and a call for a 9/11-type commission to protect the future by understanding the threats of the present. Smith wrapped his remarks with the words of John F. Kennedy from 1962 when he said, “Technology has no conscience of its own. Whether it becomes a force for good or ill depends on man.” Continue reading CES: Microsoft Keynote on Promises, Responsibility of Tech

CES: Sessions Examine the Potential of Quantum Computing

Two CES 2021 panels addressed the current state and anticipated advances in quantum computing, which is already being applied to problems in business, academia and government. However, the hardware is not as stable and robust as people would like, and the algorithms are not yet up to the task to solve the problems that many researchers envision for them. This has not stopped entrepreneurs, major corporations and governments from dedicated significant resources in R&D and implementations, nor from VCs and sovereign funds making major bets on who the winners will be. Continue reading CES: Sessions Examine the Potential of Quantum Computing

Amazon Commits to Train Millions Worldwide in Cloud Skills

As the COVID-19 pandemic continues to dramatically change the work landscape, Amazon plans to retrain 29 million people globally in cloud-computing skills by 2025. In addition to building on existing programs, Amazon will invest in new ones by teaming with schools, nonprofits and other organizations. Last year, Amazon earmarked $700 million to retrain 100,000 of its own workers. Some of those trained in the new programs may find employment at Amazon or in other companies that use Amazon Web Services. Continue reading Amazon Commits to Train Millions Worldwide in Cloud Skills

Congress Is United in Passing Internet of Things Security Bill

Congress gave unanimous approval to the IoT Cybersecurity Improvement Act, a law covering all the bases for the security of the Internet of Things. The Act was written with advice from Symantec, Mozilla and BSA | The Software Alliance among others, which contributed a list of considerations including secure development, identity management, patching, and configuration management. The law is perceived as establishing a baseline for IoT devices and products. Manufacturers can choose to release products that do not comply. Continue reading Congress Is United in Passing Internet of Things Security Bill

New York State Calls for a Dedicated Social Media Regulator

On the heels of a cyberattack on Twitter this summer, the New York State Department of Financial Services (DFS) called for a dedicated regulator to oversee big social media platforms. In a 37-page report, the department described the July 15 attack in which accounts of Barack Obama, Joe Biden, Jeff Bezos, Elon Musk and others were hacked and used to promote a cryptocurrency scam. Three people have since been charged with posing as employees to launch that attack, which relied on relatively simple tactics. Continue reading New York State Calls for a Dedicated Social Media Regulator

Cybersecurity Chiefs Concerned Over Risks of Remote Work

In the corporate work world, cybersecurity experts are worried about their limited ability to track how employees are working remotely, including whether they record conference calls, share corporate devices with family members or take photos of sensitive documents. Their actions could inadvertently put the company at greater risk to be hacked; organizations such as the National Bureau of Economic Research are tracking an uptick in hacking attempts while corporate security teams are devising new policies to head off the problems. Continue reading Cybersecurity Chiefs Concerned Over Risks of Remote Work

Page 1 of 1212345678910...»