Kryptowire, a mobile security research firm, has announced the discovery of firmware in select android phones that transmits data, including PII to third-party servers. According to Kryptowire: “These devices actively transmitted user and device information including the full-body of text messages, contact lists, call history with full telephone numbers, unique …
https://blogs.windows.com/business/2016/11/11/defending-against-ransomware-with-windows-10-anniversary-update/#zUlujDAxJIg4FloF.97 Microsoft has introduced a slew of new features in a recent patch to their Windows 10 product. The major push appears to be defending against Ransomware attacks, an attack that generally involves a take-over of the victim’s machine and encrypting the contents of the hard drive, locking the victim …
New Linux exploit found exploited in the wild. Nicknamed ‘Dirty Cow,’ this is a privilege escalation exploit contained in the Linux Kernel, which means it can affect almost all current versions of Linux, considering this is a bug from circa 2007. This issue is currently being patched by major Linux …
This month is officially National Cybersecurity Awareness Month, and the City of Virginia Beach has started a year-long campaign to increase cybersecurity awareness. Being that Virginia Beach is home to many of our members and is a large city in this region, this is important and a great development for …
Here is the link to the Committee on Oversight and Government Reform OPM Data Breach report.Articles filled with interesting analysis have been slowly coming out since the report has been released. This report is incredibly long and detailed per style for an official document, however, should you have the time …
An interesting article from Brian Krebs over at KrebsOnSecurity came out recently. He apparently came across a large database dump of a vDOS, described as an online DDOS attack service with subscriptions. I highly recommend reading the full article and analysis, it is the first in what is to be …
This article, by Rob Hegedus on LinkedIn, provides some interesting insight into the cat-and-mouse game of increasing and changing cybersecurity controls. It is a high-level overview that uses a (very fitting) healthcare analogy to explain some developments and a brief history of Cybersecurity trends in the Health Industry. The article …
Google recently announced their first implementation of “Post-Quantum Cryptography” for use in their Chrome Canary product. This marks their first released experimentation with post-quantum cryptography, and will be combined with standard Elliptic Curve Cryptography as a backup, in-case the technology is not quite up-to par. Their stated plan is to …