These agencies were the departments of State, Homeland Security, Health and Human Services, Transportation, Education, Agriculture, and Housing and Urban Development, as well as the Social Security Administration. Of these agencies, the report found that seven had failed to provide adequate protection for personal information in their systems and that six of the agencies had not installed system patches in a timely way to protect against cyber vulnerabilities.
Members of the Senate Commerce security subcommittee examined the impact of banning Chinese-made drones, or components for drones, during a hearing on Tuesday. The senators compared the debate on drones to the recent decision by the Department of Commerce to blacklist Chinese telecommunications giant Huawei in May, a move that barred U.S. firms from working with the company.
Cybercrime may cost the global economy as much as $6 trillion annually by 2021, and the threats are becoming increasingly sophisticated, a cybersecurity expert said on Friday at a conference focused on threats facing international business. Additonally, cyberattacks are so prevalent that they represent "... the greatest wealth transfer in history...
Since 2017, when the N.S.A. lost control of the tool, EternalBlue, it has been picked up by state hackers in North Korea, Russia and, more recently, China, to cut a path of destruction around the world, leaving billions of dollars in damage. But over the past year, the cyberweapon has boomeranged back and is now showing up in the N.S.A.’s own backyard.
Password managers are the vegetables of the internet. We know they're good for us, but most of us are happier snacking on the password equivalent of junk food. For seven years running that's been "123456" and "password"--the two most commonly used passwords on the web. The problem is, most of us don't know what makes a good password and aren't about to remember hundreds of them every day.
Drone aircraft used to be prohibitively expensive, but now you can buy a camera-equipped drone that talks to your smartphone for under $100. The US Department of Homeland Security has issued an alert that drones manufactured by Chinese firms might have become a little too accessible. The DHS says much of the data collected by these drones ends up on servers in mainland China where the Chinese government can access it.
Lawmakers moved on a host of bills this week centered around educational technology, including legislation aimed at restoring student privacy, bolstering the nation’s cybersecurity workforce, funding school security and better understanding participation in science and technology-related subjects among underrepresented groups.
Personnel working in cyber must continually look for opportunities to learn, say cyber professionals from across government. During a morning panel discussion on the final day of the AFCEA TechNet Cyber conference in Baltimore, high-ranking officials from the Defense Department, Department of Homeland Security and National Security Agency discussed a wide range of issues concerning the cyber workforce today and tomorrow.
“The simple reality is there are so many 0-day exploits for iOS,” Stefan Esser, a security researcher that specializes in iOS, wrote on Twitter. “And the only reason why just a few attacks have been caught in the wild is that iOS phones by design hinder defenders to inspect the phones.”
Thus far, no attacks actually utilizing Spectre and Meltdown have been spotted in the wild, beyond proof-of-concept work submitted by researchers. Similarly, taking advantage of MDS is trickier than this website implies. Attackers can’t directly control what’s in the buffers they target, for example, which means the exploit may leak old, stale data of no interest. Microcode updates for systems with Sandy Lake through Kaby Lake CPUs have already shipped out to customers. First-generation-and-following Coffee Lake and Whiskey Lake CPUs are immune to this attack already.