NSA: Top 25 vulnerabilities actively abused by Chinese hackers

The U.S. National Security Agency (NSA) warns that Chinese state-sponsored hackers exploit 25 different vulnerabilities in attacks against U.S. organizations and interests. In an advisory issued today, the NSA said that it is aware of targeted attacks by Chinese state-sponsored Read More …

Biometrics in the limelight in presentation of novel healthcare cybersecurity toolkit

An EU-backed project team presented their holistic approach to cybersecurity for healthcare organisations at the European Association for Biometrics Research Projects Conference 2020. From electronic medical records to teleconsultations, the healthcare industry is becoming more and more digitised. While offering Read More …

Hacker groups chain VPN and Windows bugs to attack US government networks

Hackers have gained access to government networks by combining VPN and Windows bugs, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) said in a joint security alert published on Friday. Attacks have targeted federal Read More …

Next-gen ACAS X just as vulnerable to spoofing as its predecessor

Aviation boffins have found that next-gen collision aircraft avoidance systems appear to be just as vulnerable to signal spoofing attacks as older kit. In a paper distributed via ArXiv, computer scientists at the UK’s University of Oxford and Switzerland’s Federal Read More …

4G, 5G networks could be vulnerable to exploit due to ‘mishmash’ of old technologies

The next-generation wireless technology is expected to account for 21% of all wireless infrastructure investments over 2020. Pilots and official rollouts are underway worldwide — despite the disruption caused by COVID-19 — and many vendors now offer 5G-supporting devices in Read More …

Update now: Cisco warns over 25 high-impact flaws in its IOS and IOS XE software

Cisco has alerted customers using its IOS and ISO XE networking gear software to apply updates for 34 flaws across 25 high-severity security advisories. The large number of flaws affecting ISO and ISO XE are due to the advisories being Read More …

A Blind Spot in ICS Security: The Protocol Gateway [Part 3] What ICS Security Administrators can Do

A protocol gateway is a small network device, also called a “protocol converter” or “IoT gateway.” It is similar to an “interpreter” in the digital word, and acts as a communications intermediary between different protocols. As the integration of networks Read More …

Critical Industrial Flaws Pose Patching Headache For Manufacturers

While patch management already presents challenges for enterprises, it’s even more of a headache for manufacturers and other industrial firms – who may even need to shut down entire factory operations in order to apply fixes. Sharon Brizinov, the principal Read More …

US govt orders federal agencies to patch dangerous Zerologon bug by Monday

The Department of Homeland Security’s cybersecurity division has ordered federal civilian agencies to install a security patch for Windows Servers, citing “unacceptable risk” posed by the vulnerability to federal networks. The DHS order was issued via an emergency directive, a Read More …

UK National Cyber Security Centre releases toolkit to easily disclose vulnerabilities

The National Cyber Security Centre (NCSC) in the U.K. has released a guideline to help companies implement a vulnerability disclosure process or improve it if one is already set up. Named “The Vulnerability Disclosure Toolkit,” the document underlines the need Read More …