2016 Security Predictions – Looking Ahead – Infographic by Symantec. Are the predictions coming true? – eForensics
https://eforensicsmag.com/2016-security-predictions/ →
Cybersecurity
Penetration Test vs Vulnerability Assessment
https://www.linkedin.com/pulse/penetration-test-vs-vulnerability-assessment-akyuz-cissp-cisa-pmp?trk=hp-feed-article-title-like Get to know what they are and how they are different with this article. →
Expert Questions Claim That St. Jude Pacemaker Was Hacked – IEEE Spectrum
http://spectrum.ieee.org/the-human-os/biomedical/devices/were-pacemakers-from-st-jude-medical-really-hacked?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+IeeeSpectrum+%28IEEE+Spectrum%29&utm_content=FaceBook This is an interesting case where security researchers claimed they have found serious vulnerability in medical device and earned money when the company stock value dropped. →
What’s the Best Way to Handle Medical Device Security Concerns?
http://www.govinfosecurity.com/interviews/whats-best-way-to-handle-medical-device-security-concerns-i-3313 We need to work on protocol how to properly reveal security vulnerabilities on medical devices to keep patients safe. →
OneLogin breached, hacker finds cleartext credential notepads • The Register
http://www.theregister.co.uk/2016/08/31/onelogin_breached_hacker_finds_cleartext_credential_notepads/ What to learn from this case: Saving your secrets to cloud service has risks. Strong encryption of user data does not protect the secrets if they end up stored in cleartext in the server logs and someone gets access to them. →
Dropbox hack leads to dumping of 68m user passwords on the internet | Technology | The Guardian
https://www.theguardian.com/technology/2016/aug/31/dropbox-hack-passwords-68m-data-breach If you still use the same password as in 2012 still in Dropbox or other service, then change it now or you can be soon in trouble. →
How Your Wi-Fi Signal Can Expose Everything You Type | The Daily Dot
http://www.dailydot.com/layer8/keystroke-recognition-wifi-signal/ WiFi signal can be used to track your hand position on your keyboard. →
Meet USBee, the malware that uses USB drives to covertly jump airgaps | Ars Technica
http://arstechnica.com/security/2016/08/meet-usbee-the-malware-that-uses-usb-drives-to-covertly-jump-airgaps/ This hack makes an USB drive to transmit your secrets in a way a nearby radio can receive it. Technique works on virtually all USB drives with no modifications necessary. “We introduce a software-only method for short-range data exfiltration using electromagnetic emissions from a USB dongle,” The software works on just about any storage →
Less than a third of organisations prepared for IoT security risks
http://www.computerweekly.com/news/450303211/Less-than-a-third-of-organisations-prepare-for-IoT-security-risks It seems tham many companies have problems in understanding IoT. →
Chinese Certificate Authority ‘mistakenly’ gave out SSL Certs for GitHub Domains
http://thehackernews.com/2016/08/github-ssl-certificate.html?m=1 Internet security is really broken when you can’t trust the integrity of CAs. →