cyberattack – Page 9 – WindowsTechs.com

Remotely Stopping Polish Trains

Posted on August 28, 2023 by Bruce Schneier

Turns out that it’s easy to broadcast radio commands that force Polish trains to stop:

…the saboteurs appear to have sent simple so-called “radio-stop” commands via radio frequency to the trains they targeted. Because the trains use a radio system that lacks encryption or authentication for those commands, Olejnik says, anyone with as little as $30 of off-the-shelf radio equipment can broadcast the command to a Polish train—sending a series of three acoustic tones at a 150.100 megahertz frequency—and trigger their emergency stop function…

Continue reading Remotely Stopping Polish Trains→

Cloud hosting firms hit by devastating ransomware attack

Posted on August 24, 2023 by Helga Labus

Danish cloud hosting firms CloudNordic and Azero – both owned by Certiqa Holding – have suffered a ransomware attack that resulted in most customer data being stolen and systems and servers rendered inaccessible. The CloudNordic and Azero r… Continue reading Cloud hosting firms hit by devastating ransomware attack→

UK Electoral Commission Hacked

Posted on August 16, 2023 by Bruce Schneier

The UK Electoral Commission discovered last year that it was hacked the year before. That’s fourteen months between the hack and the discovery. It doesn’t know who was behind the hack.
We worked with external security experts and the Nation… Continue reading UK Electoral Commission Hacked→

Keystroke sounds can betray passwords

Posted on August 7, 2023 by Helga Labus

Researchers from several UK universities have proven that the recorded sounds of laptop keystrokes can be used to obtain sensitive user data such as passwords with a high accuracy. Sounds of keystrokes can reveal passwords, other sensitive data Side-ch… Continue reading Keystroke sounds can betray passwords→

Budget constraints threaten cybersecurity in government bodies

Posted on August 7, 2023 by Help Net Security

Government organizations are attractive targets for threat actors whose motivations may be geopolitical, financial, or disruption, according to BlackBerry. Because threat actors may include private individuals, small groups, or state-sponsored APT grou… Continue reading Budget constraints threaten cybersecurity in government bodies→

The direct impact of cyberattacks on patient safety and care delivery

Posted on August 4, 2023 by Help Net Security

As the healthcare industry continues its rapid transformation through the adoption of digital technologies, it is also confronted with an ever-expanding range of cybersecurity threats. In this Help Net Security interview, Dr. Omar Sangurima, Principal … Continue reading The direct impact of cyberattacks on patient safety and care delivery→

New SEC Rules around Cybersecurity Incident Disclosures

Posted on August 2, 2023 by Bruce Schneier

The US Securities and Exchange Commission adopted final rules around the disclosure of cybersecurity incidents. There are two basic rules:

Public companies must “disclose any cybersecurity incident they determine to be material” within four days, with potential delays if there is a national security risk.
Public companies must “describe their processes, if any, for assessing, identifying, and managing material risks from cybersecurity threats” in their annual filings.

The rules go into effect this December.

In an email newsletter, Melissa Hathaway wrote:…

Continue reading New SEC Rules around Cybersecurity Incident Disclosures→

How credential stuffing works (and how to stop it)

Posted on July 27, 2023 by C.J. Haughey

In December 2022, Norton users were put on high alert after threat actors compromised the security application with a credential-stuffing attack. Norton’s security team locked down about 925,000 accounts after detecting a suspicious flurry of login attempts from Norton Password Manager users. After the investigation, news broke that the cyber criminals successfully cracked the codes […]

The post How credential stuffing works (and how to stop it) appeared first on Security Intelligence.

Continue reading How credential stuffing works (and how to stop it)→

Google Reportedly Disconnecting Employees from the Internet

Posted on July 24, 2023 by Bruce Schneier

Supposedly Google is starting a pilot program of disabling Internet connectivity from employee computers:
The company will disable internet access on the select desktops, with the exception of internal web-based tools and Google-owned websites like Goo… Continue reading Google Reportedly Disconnecting Employees from the Internet→

Cybersecurity measures SMBs should implement

Posted on July 19, 2023 by Helga Labus

Small and medium-sized businesses (SMBs) are targeted by cyberattackers as much as large companies, the 2023 Verizon Data Breach Investigations Report (DBIR) has revealed; here are some cybersecurity controls they should prioritize. Company size does n… Continue reading Cybersecurity measures SMBs should implement→