You are here
Home > Author: Peter Glock

Aging Software in Voting Machines are Causing Cyber security Issues

At least they're Windows 7, not XP or 2000!...: Ever since it was revealed that Russians were trying to hack into the voting machines of America during the elections in 2016, states have been investing heavily in newer systems and have heightened their security measures. There is only one problem and that is that the software on the latest machines is aging out and soon would not be supported by security updates from the production companies. The diverse majority of te

No, the Met Police wasn’t hacked. But its Twitter account and website were hijacked

I, along with quite a few people on my twitter feed, noticed that something wasn't quite write with the Met Police twitter account. Here's a look at what happened and alos a waring about embedding content in your public-facing website...: Late on Friday night, some rather out-of-character tweets seemed to be coming out of New Scotland Yard. The Twitter account of London’s Metropolitan Police (@metpoliceuk) broadcast to its more than one million followers a series of bizar

How DNS firewalls can burn security teams

A deceptively simple idea to take a bit more control of your network. The almost standard setup for enterprise DNS is to have 'internal' DNS servers and then only allow them to talk to 'external' DNS. That way you can gain some visibility on what your devices are connecting to...: It’s easy to see how DNS firewalls could have thwarted 33% of data breaches. For most IT and security teams, DNS has been an afterthought. Or, worse, not even that. The research, conducted by the G

Warning As Iranian State Hackers Target LinkedIn Users With Dangerous New Malware

TL;DR - don't click links without thinking...: [...] According to a FireEye blog post published on Thursday (July 18), the campaign targets specific industries that are clearly of interest to the regime in Teheran: "This threat group has conducted broad targeting across a variety of industries operating in the Middle East—however, we believe APT34's strongest interest is gaining access to financial, energy, and government entities." In the reference case cited by FireEye,

Huawei ensures cyber security with a huge transformation

Huawei appears to be getting on with the job of fixing the vulnerabilities in their equipment. Still no resolution of the trade war difficulties though...: Huawei Technologies, the world’s largest telecom equipment maker, has taken a series of measures to ensure the security of its products stands up to international scrutiny, a senior executive has revealed. “All the things that were published by the United Kingdom’s Oversight Board were obviously true. They are very pro

FaceApp creates opportunities for scammers: Eset

In an amendment to Rule 34, "If it's gone viral, there will be a scam version of it"...: The latest hype around the FaceApp application has attracted scammers who want to make some quick profits, according to research from Eset, a leader in IT and cyber security products. Scammers have been using a fake “Pro” version of the application as bait and have made an effort to spread the word about this fictitious version of the currently- viral app. One form of the scam uses a

Huawei rules out cybersecurity risk management mechanism in cooperation with Chinese gov’t

Huawei makes the point that all of its competitors operate in China, and use Chinese-manufactured components in their products. There's a bigger point here. If you have a disk drive in your device, it probably came from Thailand, LCD screens from Taiwan, and so on. To talk about a product being 'Chinese' or 'European' is basically meaningless...: [...]Chen said Huawei has signed over 50 5G commercial contracts across the world. Twenty-eight of these were signed in Europe.

MITRE ATT&CK Framework Not Just for the Big Guys

I've used the framework to create tailored deception campaigns for clients as it's a great way of identifying the likely threats. When combined with Threat Modelling, this can be used by organisations of any size...: [...] At Black Hat USA, Nickels and Kovar will present a briefing, "MITRE ATT&CK: The Play at Home Edition," during which they will show attendees how to use the framework in organizations of different sizes and types. Their goal is for attendees to "hit the

Party Like a Russian, Carder’s Edition

If you had any doubts about the professionalism of online fraudsters...: “It takes a certain kind of man with a certain reputation To alleviate the cash from a whole entire nation…” KrebsOnSecurity has seen some creative yet truly bizarre ads for dodgy services in the cybercrime underground, but the following animated advertisement for a popular credit card fraud shop likely takes the cake. The name of this particular card shop won’t be mentioned here, and its various

Privacy in the age of digital medicine

If you're in the UK, your health data is already shared within the NHS and, maybe, with initiatives like Google's which brings its own privacy issues. Here's a broader discussion on healthcare privacy...: This article is part of “Health Care 2024,” a survey-driven series of online debates in which POLITICO will explore how the European Union can best tackle health policy. Big data has the potential to provide personalized treatment, help researchers tackle the latest dise