Author Archives: Joe Uchill
Firms with exposed IoT have a higher concentration of other security problems
Exposed enterprise IoT devices can be an indicator of security issues to come, with firms sporting exposed devices having a 62% higher density of other security problems, new research shows. For example, companies with exposed IoT are more than 50% more likely to have email security issues, according to a new report and blog post…
The post Firms with exposed IoT have a higher concentration of other security problems appeared first on SC Media.
‘Don’t take Tom Bossert’s word on Trinity Cyber’: startup snags big-name board additions
The analyst from FireEye that discovered the SolarWinds attack and the co-founder of Tenable will join the advisory board of Trinity Cyber – contributing expertise to the company that counts former homeland security adviser Tom Bossert among its top executives.
The post ‘Don’t take Tom Bossert’s word on Trinity Cyber’: startup snags big-name board additions appeared first on SC Media.
‘One of the most beautiful bugs I’ve seen’: Decade-old sudo bug grants Linux root access
Cybersecurity researchers and the U.S. Cyber Command are warning users about a decade-old buffer overflow bug in sudo that can grant root access to malicious users with low level access to systems. The vulnerability, discovered by Qualys and nicknamed “Baron Samedit,” affects all versions of Linux Qualys has tested against. The glitch allows users, even…
The post ‘One of the most beautiful bugs I’ve seen’: Decade-old sudo bug grants Linux root access appeared first on SC Media.
Speed of White House cyber appointments should make CISOs ‘a bit more confident’
The appointments and presumed future appointments draw heavily from people with public sector experience, a move that some praise and others criticize as a failure to consider private sector expertise.
The post Speed of White House cyber appointments should make CISOs ‘a bit more confident’ appeared first on SC Media.
Sunbust avoided indicators of compromise with SolarWinds hack, but left breadcrumbs
Joe Slowik, senior security researcher at DomainTools, spoke to SC Media about how the SolarWind attackers remained undetected for so long, and how domain data could be used to weaponize network observables against sophisticated attackers.
The post Sunbust avoided indicators of compromise with SolarWinds hack, but left breadcrumbs appeared first on SC Media.
70% of apps for the manufacturing sector spent all of 2020 with at least one security flaw
With public administration apps, the number that went a year with an unpatched security flaw dropped to 67 percent, and nine other sectors ranged between 50 and 60 percent, according to research from WhiteHat Security.
The post 70% of apps for the manufacturing sector spent all of 2020 with at least one security flaw appeared first on SC Media.
Last-minute Trump order adds new security regulation to cloud providers
An eleventh-hour executive order will require infrastructure-as-a-service providers to log the identity of foreign clients. The executive order will stand, unless specifically repealed by new President Joe Biden.
The post Last-minute Trump order adds new security regulation to cloud providers appeared first on SC Media.
With all eyes on the inauguration, lessons in the convergence of physical and digital security emerge
Washington, D.C. is on high alert, extending a special designation for security that always applies to inaugurations to Jan. 21, and calling in the National Guard. But in the wake of the attack on the Capitol, protection of digital assets is paramount.
The post With all eyes on the inauguration, lessons in the convergence of physical and digital security emerge appeared first on SC Media.
Intel unveils ransomware-fighting CPUs
The capability is an easy win for CISOs, which can benefit with limited tweaks to machines.
The post Intel unveils ransomware-fighting CPUs appeared first on SC Media.