Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 115

A Boiling Cauldron: Cybersecurity Trends, Threats, And Predictions For 2023

By Chuck Brooks

There are many other interesting trends to look out for in 2023. These trends will include the expansion of use of a Software Bill of Materials (SBOM), the integration of more 5G networks to bring down latency of data delivery, more Deep Fakes being used for fraud, low code for citizen coding, more computing at the edge, and the development of initial stages of the implementation of quantum technologies and algorithms.

When all is said and done, 2023 will face a boiling concoction of new and old cyber-threats. It will be an especially challenging year for all those involved trying to protect their data and for geopolitical stability.

How to fix insecure operational tech that threatens the global economy

Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Watch now.

Today, with the rampant spread of cybercrime, there is a tremendous amount of work being done to protect our computer networks — to secure our bits and bytes. At the same time, however, there is not nearly enough work being done to secure our atoms — namely, the hard physical infrastructure that runs the world economy.

Nations are now teeming with operational technology (OT) platforms that have essentially computerized their entire physical infrastructures, whether it’s buildings and bridges, trains and automobiles or the industrial equipment and assembly lines that keep economies humming. But the notion that a hospital bed can be hacked — or a plane or a bridge — is still a very new concept. We need to start taking such threats very seriously because they can cause catastrophic damage.

Cybersecurity incidents cost organizations $1,197 per employee, per year

Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Watch now.

Cybersecurity is an expensive business. To prepare to address sophisticated threat actors, an enterprise needs to maintain a complete security operations center (SOC) filled with state-of-the-art technologies and experienced professionals who know how to identify and mitigate threats.

All of these factors add up. According to a new report released by threat prevention provider Perception Point and Osterman Research, organizations pay $1,197 per employee yearly to address cyber incidents across email services, cloud collaboration apps or services, and web browsers.

Hackers breach energy orgs via bugs in discontinued web server

Microsoft said today that security vulnerabilities found to impact a web server discontinued since 2005 have been used to target and compromise organizations in the energy sector.

As cybersecurity company Recorded Future revealed in a report published in April, state-backed Chinese hacking groups (including one traced as RedEcho) targeted multiple Indian electrical grid operators, compromising an Indian national emergency response system and the subsidiary of a multinational logistics company.

The attackers gained access to the internal networks of the hacked entities via Internet-exposed cameras on their networks as command-and-control servers.

Cybersecurity 101: How to choose and use an encrypted messaging app

Secure communications provider Wickr has announced that it will shutter its free encrypted messaging app, Wickr Me, next year.

Text messaging has been around since the dawn of cellular technology, and sparked its own unique language. But it’s time to put sending regular SMS messages out to pasture.

If you have an iPhone, you’re already on your way. iPhones (as well as iPads and Macs) use iMessage to send messages between Apple devices. It’s a data-based messaging system reliant on 3G, 4G, and Wi-Fi, rather than SMS messaging, which uses an old, outdated but universal 2G cellular network. iMessage has grown in popularity, but has left Android devices and other computers out in the dark.

That’s where other messaging services have filled a gap in the market.

Russia, U.S. to hold first talks under nuclear treaty since Ukraine war —State Dept

WASHINGTON, Nov 8 (Reuters) — The United States and Russia are expected to meet soon and discuss resuming inspections under the New START nuclear arms reduction treaty that have been paused since before Russia’s invasion of Ukraine, U.S. State Department spokesperson Ned Price said on Tuesday.

Speaking at a daily press briefing, Price said the bilateral consultative commission (BCC), the mechanism for implementation of the last remaining arms control agreement between the world’s two largest nuclear powers, will meet “in the near future.”

Russia in August suspended cooperation with inspections under the treaty, blaming travel restrictions imposed by Washington and its allies over Moscow’s February invasion of Ukraine, but said it was still committed to complying with the provisions of the treaty.

Cyber vulnerability discovered in networks used by spacecraft, aircraft and energy generation systems

A major vulnerability in a networking technology widely used in critical infrastructures such as spacecraft, aircraft, energy generation systems and industrial control systems was exposed by researchers at the University of Michigan and NASA.

It goes after a network protocol and hardware system called time-triggered ethernet, or TTE, which greatly reduces costs in high-risk settings by allowing mission-critical devices (like flight controls and ) and less important devices (like passenger WiFi or data collection) to coexist on the same network hardware. This blend of devices on a single network arose as part of a push by many industries to reduce network costs and boost efficiency.

That coexistence has been considered safe for more than a decade, predicated on a design that prevented the two types of network traffic from interfering with one another. The team’s attack, called PCspooF, was the first of its kind to break this isolation.

/* */