U.S. authorities have extended the crackdown on the Sky ECC cryptophone service by charging the CEO of parent company Sky Global and its alleged main distributor - both Canadians - with running an "illicit secret communications network" for criminals and hiding profits via shell companies and cryptocurrency.
Tales of poorly secured internet-connected cameras come along regularly. But the latest installment seems especially egregious because it involves Verkada, a widely used "surveillance camera as a service" startup, and led to remote hackers being able to spy on customers via their own cameras.
Police say they have disrupted Sky ECC - a global encrypted communications network allegedly used by numerous criminals to plan their operations - and made numerous arrests. Authorities say starting in February, they "unlocked" 3 million messages exchanged daily by the service's 170,000 users.
The "Arson Cats" research group says it was able to exploit flaws in internet-accessible security cameras built by Silicon Valley "cloud-based enterprise video security" startup Verkada to access live video and audio feeds from inside Tesla, Okta and Cloudflare offices, plus healthcare facilities and prisons.
This multinational pharmaceutical
company’s supply chain was distributed
across multiple manufacturing plants
and countries. While it had a good
understanding of the number of OT devices
on its networks, it wasn’t able to clearly
see how assets were communicating and
where vulnerabilities and risks...
In the new world of increased cyber risk, approaches that bridge the
IT/OT divide are no longer optional – they’re mission critical. Executive
leadership expects CIOs and CISOs to anticipate and stay ahead of the
enterprise-wide threat landscape, including oversight of cyber risks
related to industrial...
Digital risk is everyone’s business, from the CEO to the end user. Yet in
many organizations, it’s the IT department that is tasked with managing
and minimizing it.
Gartner predicts that by 2023, 75% of organizations will expand their risk
management programs to address new cyber-physical systems...
As society deals with the second year of the COVID-19 pandemic,
organizations are accelerating digitization to survive and thrive. This
places more focus on operational systems, which are at the heart of
value and revenue creation.
Adding to challenges, cybersecurity is ranked by executives as the
Industrial networks are quickly adopting Internet of Things (IoT) technologies
to reduce costs and deliver more value to customers and shareholders.
Unfortunately, this trend is creating new security risks, as many organizations
lack the ability to monitor and secure their IoT assets.
The challenges will only...
The U.S. National Security Agency has issued "zero trust" guidance aimed at securing critical networks and sensitive data within key federal agencies. The NSA adds it is also assisting Defense Department customers with the zero trust implementations.
A newly-discovered phishing campaign posts harvested credentials using the Telegram messaging app's application programming interface to bypass secure email gateways, report researchers at the Cofense Phishing Defense Center.
This edition of the ISMG Security Report features an analysis of the impact of a hacking campaign linked to Russia’s Sandworm that targeted companies using Centreon IT monitoring software. Also featured: a discussion of CIAM trends; a critique of Bloomberg's update on alleged Supermicro supply chain hack.
The Biden administration is reviewing former President Donald Trump's policies addressing potential national security and cybersecurity concerns about Chinese-owned companies as it develops new plans for dealing with a wide range of issues tied to China.
CIOs and CISOs have now been charged with
addressing the cybersecurity risks of OT and IoT,
as well as Enterprise IT, environments. Because of
this, they are now looking to establish a holistic
route to cybersecurity management across the
broader technology stack.
Download this whitepaper to learn about what...
The latest edition of the ISMG Security Report features an analysis of the critical security issues raised by the hacking of a Florida city water treatment plant. Also featured: The CISO of the World Health Organization discusses supply chain security; hackers steal celebrities' cryptocurrency.