USB DRIVES DELIVER DANGEROUS MALWARE TO INDUSTRIAL FACILITIES: HONEYWELL

Malware is still being delivered to industrial facilities via USB removable storage devices and some threats can cause significant disruptions, according to a report published on Thursday by Honeywell. The industrial giant last year launched SMX, a product designed to protect facilities from USB-born threats, and the company has also been using it to determine the risk posed by USB drives to such organizations. Honeywell has analyzed data collected from 50 locations across the United States, Sou...
SECURITYWEEK
READ MORE

FACEBOOK HOME TO 74 BLACK MARKET GROUPS

Researchers at Cisco Talos detected an excess of 70 Facebook groups that have been selling black-market cyber-fraud services, some of which have managed to remain on Facebook for up to eight years, according to a Talos Intelligence blog post. For several months, researchers have been investigating online criminal flea markets on Facebook, discovering a collective list of 74 groups. Members of the groups offer a wide range of services described as “shady (at best) and illegal (at worst) act...
INFOSECURITY MAGAZINE
READ MORE

ACTIVE CYBER DEFENCE SHOULD BE ROLLED OUT UK-WIDE: REPORT

The UK government’s highly successful Active Cyber Defence (ACD) program should be rolled out across other sectors to improve national cybersecurity, and could even be spurred by the government naming and shaming laggards, according to a new report. The Cyber Security Research Group at King’s College London (KCL) argued that the ACD has done well in reducing low-level cybercrime against government services. “There are no significant technical obstacles to extending these protec...
INFOSECURITY MAGAZINE
READ MORE

DIVERSITY KEY TO MORE EFFECTIVE CYBER SECURITY, SAYS NCSC

Diversity in defence teams is key to improved cyber security, according to the UK’s National Cyber Security Centre (NCSC). To combat the cyber security threat, “we need to be the very best in the world at what we do,” said Nicola Hudson, NCSC director of communications. “We need to approach and do things differently, using maths, behavioural sciences, linguistics, psychology, law, computer and sciences,” she told the opening session of CyberUK 2018 conference in Man...
COMPUTERWEEKLY
READ MORE

USPS REPORTEDLY FIXES WEBSITE BUG THAT EXPOSED DATA OF 60M USERS

Just in time for the holiday shopping season, it appears the US Postal Service has fixed a security flaw that allowed all USPS.com account holders, some 60 million people, to see personal details of fellow users. Cybersecurity expert Brian Krebs wrote about the bug on Wednesday, noting that he was contacted last week by a researcher who asked to remain anonymous. The researcher reportedly informed the USPS about his findings more than a year ago, but never received a response, Krebs said. Krebs ...
CNET
READ MORE

GOOGLE WARNS USERS OF POTENTIALLY RISKY WEB APPS

Google is taking another step to better protect users from malicious third-party web applications: it is now warning users of newly created web apps and Apps Scripts that are pending verification.The move follows a series of similar protective measures the Internet giant announced earlier this year, after many of its users were hit by a phishing attack where a rogue app was found impersonating Google Docs. To prevent similar incidents, the company tightened OAuth rules and also started scrutiniz...
SECURITY WEEK
READ MORE