Blog

Unpatched Vulnerable Software Is Leaving Some FEMA Emergency Alert Systems Open to Cyber Attacks

The entire U.S. population relies on FEMA’s Emergency Alert Systems for its first warning of natural disasters and threats to public safety. Vulnerable software can be exploited to issue messages and even gain full control of these systems.
Zero-Day Security Breach Led to the Compromise of Unknown Number of Anonymous Accounts on Twitter

Twitter says that the security breach occurred in December 2021, but was not public knowledge until July 21 of this year. An attacker using a zero-day was able to capture phone numbers and email addresses from anonymous accounts.
Why Shutting Down Known Exploited Vulnerabilities and Regular Vulnerability Scanning Needs To Be a Top Priority

“Known exploited vulnerabilities” are usually the simplest category of cyber weakness to shut down. They are also the biggest danger to networks. Why does this apparent contradiction exist? Because, in some cases, organizations do not keep on top of vulnerability scanning and patching.
Federal Government Breaks Ground on Preparations for the Cryptographic Standards of the Future as Threat of Quantum Computing Looms

Four encryption algorithms have been selected to be part of the emerging cryptographic standards designed to defend against the quantum computing threat.
Mystery Surrounds Now Years-Old Data Breach of Federal Courts; Foreign Access to Records System May Have Included Multiple Attackers

The government is keeping the data breach of the federal courts out of the public eye. The electronic records system was breached sometime between 2020 and January 2021, and “three foreign hostile actors” may have had access.
Crypto Hacks Continue to Prey on Cross-Chain Bridges: Nomad Loses $190 Million to Security Oversight

Cross-chain bridges have already lost over $1 billion to crypto hacks in 2022. The attack on Nomad may well have set the new record had there been more money on hand to steal.
IBM Cost of Data Breach Report Finds Expenses Growing, “Longer Tail” of Damage to Businesses

Organizations are increasingly realizing the cost of data breach a year (or more) after the incident, with the biggest expenses coming in the form of fines from governments and lawsuits from consumers that were negatively impacted. Long-term reputational damage is also a consideration.
Stolen Data Increasingly Becoming Searchable on the Data Leak Sites of Ransomware Gangs; Will It Add Pressure To Pay?

While very sensitive data is regularly dumped by ransomware gangs, including financial information, the stolen data very often does not attract much casual attention to data leak sites. A search function might change that.
App Stores Not Safe From Fake Crypto Apps as Investment Scams Run Rampant

In total, the FBI says that $42 milion has been stolen by fake crypto apps since 2021. The more complicated of these apps almost always use a social engineering element.
One of the World’s Most Common Vehicle GPS Tracker Has a Hard-Coded Password Anyone Can Exploit

The hard-coded password vulnerability is the most serious of the bunch, but there are others that would likely cause the MiCODUS MV720 vehicle GPS tracker to be pulled out of circulation even if it was not present.

Blog

Got a Question?