Under the Microscope: ISACA Survey on Cybersecurity Workforce, Resources and Budgets
A major survey that like all surveys needs to be examined carefully rather than accepted blindly. read more Source: Security Week
Continue ReadingAuthor: Kevin Townsend
Qualcomm Modem Chip Flaw Exploitable From Android: Researchers
Billions of Android devices are exposed to a vulnerability in Qualcomm’s Mobile Station Modem (MSM) chip A vulnerability in Qualcomm’s Mobile Station Modem (MSM) chip– installed in around 30% of the world’s mobile devices – can be exploited from within Android. read more Source: Security Week
Continue ReadingUnknown Chinese APT Targets Russian Defense Sector
Researchers at Cybereason say they have discovered an undocumented malware targeting the Russian military sector and bearing the hallmarks of originating in China if not being Chinese state sponsored. read more Source: Security Week
Continue ReadingStealthy RotaJakiro Backdoor Targeting Linux Systems
Previously undocumented and stealthy Linux malware named RotaJakiro has been discovered targeting Linux X64 systems. It has been undetected for at least three years, and operates as a backdoor. Four samples have now been discovered, all using the same C2s. The earliest was discovered in 2018. None of the samples were labeled malware by VirusTotal. […]
Continue ReadingDeath of the Manual Pen-Test: Blind Spots, Limited Visibility
Manual penetration testing (pen-testing) is increasingly challenged by automated methods of vulnerability discovery and management. The reasons are not difficult to understand: the cost and coverage of manual testing is too high and too limited. read more Source: Security Week
Continue Reading
CISO Conversations: Raytheon and BAE Systems CISOs on Leadership, Future Threats
read more Source: Security Week
Continue ReadingDark Hash Collisions: New Service Confidentially Finds Leaked Passwords
New service can tell a company which users have a password known to hackers, without having to know the usernames read more Source: Security Week
Continue ReadingFBI/DHS Issue Guidance for Network Defenders to Mitigate Russian Gov Hacking
The FBI and DHS have issued a Joint Cybersecurity Advisory on the threat posed by the Russian Foreign Intelligence Service (SVR) via the cyber actor known as APT 29 (aka the Dukes, Cozy Bear, Yttrium and CozyDuke). read more Source: Security Week
Continue Reading
US Air Force Adopts Zero Trust to Secure Flightline Operations
Zero trust is an important part of business transformation. As the information infrastructure expands with new technologies and locations, zero trust allows organizations to focus on protecting the data, regardless of where it is sourced or how it is used. read more Source: Security Week
Continue Reading
The Logistics Supply Chain is Being Targeted by Both Cybercriminals and Nation States
read more Source: Security Week
Continue Reading