I don’t think it is just me. The number of alerts I have been getting over the last few weeks regarding vulnerabilities in very mainstream industrial control system components seems to be out of control. Here are just a few: April 20th – CISA releases 10 Industrial control system (ICS) advisories. This includes Hitachi/ABB, Rockwell, […]
Continue reading → [DISPLAY_ACURAX_ICONS]Last month New York’s Department of Financial Services (DFS) fined Residential Mortgage Services $1.5 million for not having a compliant cybersecurity program and, even worse, not telling the regulator that they had a breach. DFS said that RMS did not investigate the breach seriously, did not conduct a comprehensive risk assessment and did not notify […]
Continue reading → [DISPLAY_ACURAX_ICONS]Not a Good Week for Social Media Privacy After the January 6th attack on the US Capitol, we saw terabytes of conversations and videos and profiles from the alt-right Twitter clone Parler posted online. Last week we saw 500+ million Facebook profiles for sale on the dark web (Facebook says this isn’t a breach) and […]
Continue reading → [DISPLAY_ACURAX_ICONS]While China is a serious threat and the last administration pushed on that hard, that administration ignored Russia. Today the National Security Agency, the FBI and the Cybersecurity and Infrastructure Security Agencies issued a joint alert titled Russian SVR Targets U.S. and Allied Networks. The NSA, FBI and CISA said that the Russian Foreign Intelligence […]
Continue reading → [DISPLAY_ACURAX_ICONS]Well that is certainly not a comforting thought. Last month the public water supply in a small town in Florida was hacked. Only PURE DUMB LUCK protected those citizens. Did the hacker use exotic unknown vulnerabilities to compromise the system? No. The city didn’t even have a firewall, was using software that was no longer […]
Continue reading → [DISPLAY_ACURAX_ICONS]Ubiquiti All But Confirms Breach Story As the stories about Ubiquiti’s really bad attempts to save their reputation after a breach earlier this year swirled, they were completely silent, other than a very short statement. Now they have posted a statement on their user forum that says that they have no evidence that customer information […]
Continue reading → [DISPLAY_ACURAX_ICONS]