Blog

The CEO of TSMC - the manufacturer of key chipsets for Apple's iPhones, and for many other global companies - reported Monday that the company was forecasting a drop of 2% in Q3 revenues, or about $160M, due to an infection of its manufacturing facilities...

OT remote access is efficient and convenient - for attackers Remote access might look like a good idea. Every computer on an enterprise network certainly has some sort of Remote Desktop capability: tech support takes control of my laptop routinely to install new software or to...

“The beginning of wisdom is the definition of terms.” - Socrates (470 – 399 B.C.) Definitions are important - good ones shape our understanding of concepts while poor ones impair that understanding. Consider the definition: pen: a tube of ink with a tiny ball bearing at the...

Different continents point to similar concerns The Black Hat Asia 2018 attendee survey polled IT and security professionals from 12 East Asian countries, Australia and elsewhere, asking about the threats and challenges they are most concerned with, the attacks and attackers they fear most, as well...

Written into law The Directive on the Security of Network Information Systems (NIS) represents the first pan-European law covering requirements for cybersecurity. It aims to achieve a common security posture for European countries by means of strengthening 1) cybersecurity capabilities at a national level, 2) EU-wide...

The Meltdown / Spectre saga continues. Ulf Frisk just posted a description of a vulnerability he has coined "Total Meltdown". It seems that Microsoft developers introduced an even worse vulnerability while fixing the Meltdown vulnerability in Windows 7 and Windows 2008 Server R2. With this...

Consider a prolonged power outage over a large metropolitan area, or a cyber attack targeting a nuclear power plant. These are real attacks, not hypothetical ones, that affected people’s lives, and cost owners and operators both monetary and reputational damages.  A key problem with modernization...

Cybersecurity best practice according to ANSSI, France’s National Agency for the Security of Information Systems, points to unidirectional data flow solutions. Why? Because it’s the safest and most reliable way to segregate and protect your critical network from less trusted networks and cyber threats. The...

A chronic complaint of industrial control system (ICS) security practitioners is under-funding, and funding decisions for security programs are frequently made by business decision-makers with a limited understanding of cybersecurity and cyber risk issues. Waterfall Security Solutions has just released a new report proposing a...

Black Hat and Dark Reading’s attendee survey from their recent 2017 Black Hat Europe event is a wake-up call to company stakeholders, boards, and information and operational security practitioners; yielding some significant findings about the perceptions of the current threat landscape. Survey participants were sourced...