Israel's voter registration database - comprising close to 6.5 million people - was exposed to the internet because of an elementary coding flaw in an election application. It's unclear how long the exposure lasted or if bad actors accessed the data.
The latest edition of the ISMG Security Report offers an analysis of the missteps that led to problems with the app used in this week's Democratic presidential caucuses in Iowa. Also featured: growing privacy concerns about facial recognition and business continuity tips for dealing with the coronavirus.
The electric utility industry is a valuable target for adversaries seeking to exploit industrial control systems (ICS) and operations technology (OT) for criminal, political, and economic goals. A power disruption event from a cyber attack is not only catastrophic but highly complex, occurring from multiple components...
Understanding the 4 main types of threat detection for Industrial Control Systems can help avoid significant financial impact to the organization, environmental impacts, loss of safety, or inappropriate response plans.
Historically, detection has been positioned without any clear alignment to application. This...
With numerous ICS solutions and approaches available, it can be difficult to determine which one is right for your organization.
This paper covers the key considerations in key technologies for comprehensive asset identification, threat detection and response, and how to best leverage technologies for your needs....
Cyber attackers now have the ability to compromise process functions through the very communication networks that are depended upon for control and safety. This fact has motivated security professionals to develop frameworks specifically designed to identify vulnerabilities and mitigate the risk of cyber attacks...
A review of the mobile app that malfunctioned during Iowa's critical tally of the Democratic Party's caucus has uncovered a security vulnerability, ProPublica reports. Security firm Veracode says the app insecurely sends data, but it did not provide more details.
The latest edition of the ISMG Security Report discusses the ramifications of the U.K's decision to allow limited use of Huawei's equipment in 5G networks. Plus: Updates on Wawa's stolen card data offered for sale and nascent security threats from social networks and drones.
One gaping hole in the U.S. government's push to counter Chinese-built 5G telecommunications gear remains the lack of alternatives. But a bipartisan group of senators is seeking to create a $1 billion fund to create trusted, Western-built options.
Hackers have been increasingly probing the North American power grid for weaknesses, but the industry - driven in part by regulators - is increasingly able to identify and repel attackers, industrial cybersecurity experts say.
Is it possible that a nation-state actor such as Iran could create a cybersecurity incident that compromises the U.S. power grid? Bernie Cowens, most recently CISO at the nation's largest electric utility, says that's unlikely because the power grid is more cybersecure than you might think.
The latest edition of the ISMG Security Report discusses "Orwellian" surveillance activity in 2020 via the ToTok app. Also featured: the controversy over enabling law enforcement to circumvent encryption; the cyberattack risks posed by IoT devices.
In a message to employees, Huawei's rotating Chairman Eric Xu says the company is preparing for a "difficult" 2020 as security concerns over national security and the U.S. trade ban will linger into the new year.
The cybersecurity outlook for 2020 and the new decade will be characterized by more advanced, targeted and coordinated attack vectors designed to exploit the cybersecurity skills shortage, along with congenitally poor security fundamentals and hygiene.