News – Page 26 – New England Safety Partners, LLC

Using Wi-FI to See through Walls

November 8, 2022 Cyber Security Ed Gardner 0

This technique measures device response time to determine distance:

The scientists tested the exploit by modifying an off-the-shelf drone to create a flying scanning device, the Wi-Peep. The robotic aircraft sends several messages to each device as it flies around, establishing the positions of devices in each room. A thief using the drone could find vulnerable areas in a home or office by checking for the absence of security cameras and other signs that a room is monitored or occupied. It could also be used to follow a security guard, or even to help rival hotels spy on each other by gauging the number of rooms in use…

The Conviction of Uber’s Chief Security Officer

November 7, 2022 Cyber Security Ed Gardner 0

I have been meaning to write about Joe Sullivan, Uber’s former Chief Security Officer. He was convicted of crimes related to covering up a cyberattack against Uber. It’s a complicated case, and I’m not convinced that he deserved a gui…

LinkedIn Adds Verified Emails, Profile Creation Dates

November 4, 2022 Cyber Security Ed Gardner 0

For whatever reason, the majority of the phony LinkedIn profiles reviewed by this author have involved young women with profile photos that appear to be generated by artificial intelligence (AI) tools.

We’re seeing rapid advances in AI-based synthetic image generation technology and we’ve created a deep learning model to better catch profiles made with this technology. AI-based image generators can create an unlimited number of unique, high-quality profile photos that do not correspond to real people. Fake accounts sometimes use these convincing, AI-generated profile photos to make their fake LinkedIn profile appear more authentic.

Friday Squid Blogging: Newfoundland Giant Squid Sculpture

November 4, 2022 Cyber Security Ed Gardner 0

In 1878, a 55-foot-long giant squid washed up on the shores of Glover’s Harbour, Newfoundland. It’s the largest giant squid ever recorded—although scientists now think that the size was an exaggeration or the result of postmortem stre…

NSA on Supply Chain Security

November 4, 2022 Welcome Ed Gardner 0

The NSA (together with CISA) has published a long report on supply-chain security: “Securing the Software Supply Chain: Recommended Practices Guide for Suppliers.“:

Prevention is often seen as the responsibility of the software developer, as they are required to securely develop and deliver code, verify third party components, and harden the build environment. But the supplier also holds a critical responsibility in ensuring the security and integrity of our software. After all, the software vendor is responsible for liaising between the customer and software developer. It is through this relationship that additional security features can be applied via contractual agreements, software releases and updates, notifications and mitigations of vulnerabilities…

Cisco Releases Security Updates for Multiple Products

November 3, 2022 Ed Gardner 0

Original release date: November 3, 2022Cisco has released security updates for vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lowe…

Apple Releases Security Update for Xcode

November 3, 2022 Ed Gardner 0

Original release date: November 3, 2022Apple has released a security update to address vulnerabilities in Xcode. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure S…

Hacker Charged With Extorting Online Psychotherapy Service

November 3, 2022 Cyber Security Ed Gardner 0

A 25-year-old Finnish man has been charged with extorting a once popular and now-bankrupt online psychotherapy company and its patients. Finnish authorities rarely name suspects in an investigation, but they were willing to make an exception for Julius “Zeekill” Kivimaki, a notorious hacker who — at the tender age of 17 — had been convicted of more than 50,000 cybercrimes, including data breaches, payment fraud, operating botnets, and calling in bomb threats.

CISA Releases Three Industrial Control Systems Advisories

November 3, 2022 Ed Gardner 0

Original release date: November 3, 2022CISA has released three (3) Industrial Control Systems (ICS) advisories on November 3, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS…

OpenSSL Releases Security Update

November 1, 2022 Ed Gardner 0

Original release date: November 1, 2022OpenSSL has released a security advisory to address two vulnerabilities, CVE-2022-3602 and CVE-2022-3786, affecting OpenSSL versions 3.0.0 through 3.0.6.

Both CVE-2022-3602 and CVE-2022-3786 can cause a denial of…

« 1 … 24 25 26 27 28 … 233 »