More than three-quarters of DevOps professionals do not practice “DevSecOps”, or are still in the process of implementation. According to the DevOps Pulse 2018 survey by Logz.io, its survey of 1044 DevOps engineers, sys admins, developers and other IT professionals found that 54% said that their department handles security incidents in their organization, while only 41% have dedicated […]
A US senator has written to three key government agencies responsible for federal cybersecurity, urging them to begin the transition process away from Adobe Flash. Oregon senator, Ron Wyden, wants the Department of Homeland Security (DHS), NSA and NIST to collaborate to end government use of the buggy software before it is “end-of-lifed” in 2020. “As the three agencies that provide […]
Senator sends letter to NSA and NIST urging a mandate to stop using Adobe Flash by August 2019. Citing security concerns, Sen. Ron Wyden is urging the government to create a plan away from Adobe Flash before the vendor stops supporting it in 2020. To that end, he Oregon Democrat delivered a formal request to […]
Eddie Habibi, the CEO of industrial IoT security company PAS, sounds off on how to secure the increasingly connected industrial control space. As more industrial systems become connected, so follows increased awareness of security issues surrounding industrial control systems, programmable logic controllers and SCADA. These once rare worlds of operational technology (OT) and IoT have […]
The bank is also suing its insurance carrier for not covering the full extent of the damage. A regional Virginia bank, the National Bank of Blacksburg, has lost $2.4 million in a cyber-heist that affected the STAR ATM and debit network, following a successful phishing attack that compromised the institution’s internal networks. The bank is […]
Intel patches three flaws that could allow a local attacker to execute arbitrary code on impacted systems. Intel issued three fixes for bugs that could allow a local attacker to execute code on Intel Core and Atom processor-based PCs. The vulnerabilities are tied to versions of its own Intel Smart Sound Technology, used to boost […]
According to new research from Clearswift, the introduction of GDPR has led to a slight drop in insider threats in both the UK and Germany. Survey respondents said that insider threats make up 65% of reported incidents in 2018, compared to 73% last year. German companies reported similar declines, with insider error incidents at 75% […]
An uncharacteristic spate of strikes against IoT devices in Finland during the summit was likely an indicator of a coordinated cyberespionage effort, researchers said. Cyberattackers, unsurprisingly, appear to be interested in Donald Trump as an intelligence target – as evidenced by an uncharacteristic spate of strikes against IoT devices in Finland during the American president’s […]
Dasan and D-Link routers running GPON firmware are being targeted by hackers in an attempt to create a botnet. Unpatched D-Link and Dasan GPON router vulnerabilities are being targeted by hackers attempting to build a botnet army, according to research published Friday by eSentire Threat Intelligence. Researcher observed on Thursday a massive uptick in exploit […]
A report by Huawei’s Cybersecurity Evaluation Centre (HCSEC) has found that the company’s products, which are deployed or are contracted to be deployed in the UK, have underlying engineering issues. Addressed to the UK National Security Advisor, HCSEC Oversight Board’s fourth annual report explained that there were still concerns regarding the company broadband and mobile […]
