Threats & Vulnerabilities

Courtesy of Brett Sayles

Finding bugs faster than hackers

Cybersecurity Insights Hackers have many ways to exploit vulnerabilities in various types of technology. Staying ahead of potential vulnerabilities and preventing attacks poised researchers at USC to develop a new approach to identify security liabilities. […]

Courtesy: Brett Sayles

Throwback Attack: Elfin team changes tactics

In recent years, cybersecurity in critical infrastructure has been at the forefront of people’s minds. With attacks on the U.S.’s critical infrastructure, such as Colonial Pipeline, Kemuri Water Company and many more, cybersecurity threats aren’t […]

A hacker in the background.

Throwback Attack: Bad Rabbit ransomware hops across Europe

In 1989, the first known ransomware attack occurred; 33 years later we are still being faced with more varied and complex ransomware incursions. Over the years, threat actors have found innovative ways to exploit vulnerabilities […]

Courtesy: Brett Sayles

Throwback Attack: DDoS attacks are born in the Big Ten

Every insidious and pervasive menace plaguing society has to begin somewhere. As more and more devices are connected to networks and information is shunted to the cloud, industrial cyberattacks continue to rise. Sophos’ recent State […]

Courtesy: CFE Media

A rise in ransomware leaves businesses looking for answers

Ransomware attacks have plagued the cybersecurity industry for years, and they’re coming at an increasing rate. In late April, Sophos, a software security company, released data and analysis from a survey on the state of […]

Courtesy: CFE Media and Technology

Shields up for industrial control systems

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) put out a Shields Up advisory in conjunction with Russia’s invasion of Ukraine. It’s probably necessary, as they would have been disparaged if they didn’t, and not […]

How Conti ransomware took down operational technology

How Conti ransomware took down operational technology

Ransomware has taken the world by storm, and informational technology (IT) is not the only technology affected. Operational technology (OT), which is increasingly blending with IT, is also susceptible to ransomware tactics, techniques and procedures […]

Courtesy of CFE Media and Technology

Cybersecurity tactics to defend your workforce

As an organization’s security awareness grows, it’s important to know what cybersecurity tactics to communicate to the workforce during these unprecedented times. As security professionals, it is important to keep the communications calm, simple and […]

As threat increases, college cybersecurity programs are more in demand

Researchers show they can steal data during homomorphic encryption

Homomorphic encryption is considered a next generation data security technology; but researchers have identified a vulnerability that allows hackers to steal data—even as it is being encrypted. “We weren’t able to crack homomorphic encryption using […]

Image courtesy: Brett Sayles

Colonial Pipeline attack debrief and lessons

In the past decade, we have seen an alarming increase in attacks on critical energy infrastructure, with cyber incidents occurring across any number of geographies and industries. Common attacks can involve ransomware on a corporation’s […]

A lightbulb

Throwback Attack: The Marconi wireless hack of 1903

Sometimes the gap between the unveiling of a life-altering new technology and the corruption of that technology is exceedingly small. Take, for example, wireless technology, a potent attack vector in modern times. It’s also something […]

The top 5 worst data breaches of 2021

The top 5 worst data breaches of 2021

It took only nine months for 2021 to bypass 2020 in publicly reported data breaches. By the end of September, the total number of publicly reported breaches in 2020 was already exceeded by 17%, according […]

The suply chain is increasingly under threat

The rise of supply chain attacks

Back in December, Darktrace predicted that supply chain attacks would overtake CEO fraud as a top cybersecurity concern. This year, the importance of supply chains has been brought to the forefront by a series of disruptions hitting […]

Courtesy: CFE Media

Throwback Attack: Petya, the red skull of ransomware

When people think of ransomware, they often picture a screen blinking with an ominous skull and crossbones image, indicating that something bad is happening. In fact, search for any ransomware attack, and there’s about a […]

Image courtesy: Brett Sayles

Four ways cyber criminals fly under the radar

The challenge of reliably attributing cyber threats has amplified in recent years, as cyber criminals have adopted a collection of techniques to ensure that even if their attacks are caught, they themselves escape detection and […]

Unintended consequences: When a cyberattack goes wild

Unintended consequences: When a cyberattack goes wild

In 1988, a Harvard graduate began an experiment to see how many computers were connected to the Internet. Twenty-four hours later, 10% of all computers around the world had been taken down, and the damages […]

Test 2 Alt Text

Throwback Attack: ILOVEYOU, a love letter no one wanted

Most people would be happy to open their computer to see a love letter; however, starting on May 4, 2000, the terms “love letter” and “Love Bug” took on a whole new meaning. Windows users […]

A hacker in the background.

The art of cyber-war

“All war is based on deception.” — Sun Wu Tzu, “The Art of War” Influencing the Vietcong, Chairman Mao and the KGB, Sun Tzu has had a profound impact on military strategy around the world. […]

Image courtesy: Brett Sayles

Improve legacy critical infrastructure protection

Distributed network protocol 3.0 (DNP3) is the second most-widely used serial communications protocol in industrial control systems (ICS), after Modbus. As EPRI (Electric Power Research Institute) mentioned in a 2019 technical update: “it is the […]

Image courtesy: Brett Sayles

Ignoring cyber risk is dangerous to society and your bottom line

To anyone working in cybersecurity, it is not news that just about every critical infrastructure industry is significantly behind on their path toward cybersecurity maturity. There continues to be a fundamental friction between the estimation […]

Cybersecurity & Infrastructure Security Agency (CISA)

Cybersecurity & Infrastructure Security Agency (CISA)

The Cybersecurity and Infrastructure Security Agency (CISA) is the Nation’s risk advisor, working with partners to defend against today’s threats and collaborating to build more secure and resilient infrastructure for the future. CISA’s new logo officially […]

Courtesy of Brett Sayles

Finding bugs faster than hackers

Cybersecurity Insights Hackers have many ways to exploit vulnerabilities in various types of technology. Staying ahead of potential vulnerabilities and preventing attacks poised researchers at USC to develop a new approach to identify security liabilities. […]

Courtesy: Brett Sayles

Throwback Attack: Elfin team changes tactics

In recent years, cybersecurity in critical infrastructure has been at the forefront of people’s minds. With attacks on the U.S.’s critical infrastructure, such as Colonial Pipeline, Kemuri Water Company and many more, cybersecurity threats aren’t […]

A hacker in the background.

Throwback Attack: Bad Rabbit ransomware hops across Europe

In 1989, the first known ransomware attack occurred; 33 years later we are still being faced with more varied and complex ransomware incursions. Over the years, threat actors have found innovative ways to exploit vulnerabilities […]

Courtesy: Brett Sayles

Throwback Attack: DDoS attacks are born in the Big Ten

Every insidious and pervasive menace plaguing society has to begin somewhere. As more and more devices are connected to networks and information is shunted to the cloud, industrial cyberattacks continue to rise. Sophos’ recent State […]

Courtesy: CFE Media

A rise in ransomware leaves businesses looking for answers

Ransomware attacks have plagued the cybersecurity industry for years, and they’re coming at an increasing rate. In late April, Sophos, a software security company, released data and analysis from a survey on the state of […]

Courtesy: CFE Media and Technology

Shields up for industrial control systems

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) put out a Shields Up advisory in conjunction with Russia’s invasion of Ukraine. It’s probably necessary, as they would have been disparaged if they didn’t, and not […]

How Conti ransomware took down operational technology

How Conti ransomware took down operational technology

Ransomware has taken the world by storm, and informational technology (IT) is not the only technology affected. Operational technology (OT), which is increasingly blending with IT, is also susceptible to ransomware tactics, techniques and procedures […]

Courtesy of CFE Media and Technology

Cybersecurity tactics to defend your workforce

As an organization’s security awareness grows, it’s important to know what cybersecurity tactics to communicate to the workforce during these unprecedented times. As security professionals, it is important to keep the communications calm, simple and […]

As threat increases, college cybersecurity programs are more in demand

Researchers show they can steal data during homomorphic encryption

Homomorphic encryption is considered a next generation data security technology; but researchers have identified a vulnerability that allows hackers to steal data—even as it is being encrypted. “We weren’t able to crack homomorphic encryption using […]

Image courtesy: Brett Sayles

Colonial Pipeline attack debrief and lessons

In the past decade, we have seen an alarming increase in attacks on critical energy infrastructure, with cyber incidents occurring across any number of geographies and industries. Common attacks can involve ransomware on a corporation’s […]

A lightbulb

Throwback Attack: The Marconi wireless hack of 1903

Sometimes the gap between the unveiling of a life-altering new technology and the corruption of that technology is exceedingly small. Take, for example, wireless technology, a potent attack vector in modern times. It’s also something […]

The top 5 worst data breaches of 2021

The top 5 worst data breaches of 2021

It took only nine months for 2021 to bypass 2020 in publicly reported data breaches. By the end of September, the total number of publicly reported breaches in 2020 was already exceeded by 17%, according […]

The suply chain is increasingly under threat

The rise of supply chain attacks

Back in December, Darktrace predicted that supply chain attacks would overtake CEO fraud as a top cybersecurity concern. This year, the importance of supply chains has been brought to the forefront by a series of disruptions hitting […]

Courtesy: CFE Media

Throwback Attack: Petya, the red skull of ransomware

When people think of ransomware, they often picture a screen blinking with an ominous skull and crossbones image, indicating that something bad is happening. In fact, search for any ransomware attack, and there’s about a […]

Image courtesy: Brett Sayles

Four ways cyber criminals fly under the radar

The challenge of reliably attributing cyber threats has amplified in recent years, as cyber criminals have adopted a collection of techniques to ensure that even if their attacks are caught, they themselves escape detection and […]

Unintended consequences: When a cyberattack goes wild

Unintended consequences: When a cyberattack goes wild

In 1988, a Harvard graduate began an experiment to see how many computers were connected to the Internet. Twenty-four hours later, 10% of all computers around the world had been taken down, and the damages […]

Test 2 Alt Text

Throwback Attack: ILOVEYOU, a love letter no one wanted

Most people would be happy to open their computer to see a love letter; however, starting on May 4, 2000, the terms “love letter” and “Love Bug” took on a whole new meaning. Windows users […]

A hacker in the background.

The art of cyber-war

“All war is based on deception.” — Sun Wu Tzu, “The Art of War” Influencing the Vietcong, Chairman Mao and the KGB, Sun Tzu has had a profound impact on military strategy around the world. […]

Image courtesy: Brett Sayles

Improve legacy critical infrastructure protection

Distributed network protocol 3.0 (DNP3) is the second most-widely used serial communications protocol in industrial control systems (ICS), after Modbus. As EPRI (Electric Power Research Institute) mentioned in a 2019 technical update: “it is the […]

Image courtesy: Brett Sayles

Ignoring cyber risk is dangerous to society and your bottom line

To anyone working in cybersecurity, it is not news that just about every critical infrastructure industry is significantly behind on their path toward cybersecurity maturity. There continues to be a fundamental friction between the estimation […]

Cybersecurity & Infrastructure Security Agency (CISA)

Cybersecurity & Infrastructure Security Agency (CISA)

The Cybersecurity and Infrastructure Security Agency (CISA) is the Nation’s risk advisor, working with partners to defend against today’s threats and collaborating to build more secure and resilient infrastructure for the future. CISA’s new logo officially […]

SUBSCRIBE

GET ON THE BEAT

 

Keep your finger on the pulse of top industry news

RECENT NEWS
HACKS & ATTACKS
RESOURCES