Industrial manufacturer Siemens is encouraging users running devices that use its Ruggedcom protocol to apply firmware updates this week. The updates resolve a serious and remotely exploitable vulnerability that could let an attacker carry out administrative actions.
Source: Siemens Patches Improper Access Vulnerability in Ruggedcom Protocol
Insider threats can pose even greater risks to company data than those associated with external attacks. In fact, employees are responsible for nearly
Source: IT leader’s guide to reducing insider security threats – Tech Pro Research
Hackers are looking to crack ATM networks without needing physical access to the devices. And many cash machines are running antiquated versions of Windows like Windows XP.
Too many tools has been a common problem for Microsoft for years. I hope that they get all these tools corralled into one service offering.
Microsoft is using this week’s Ignite conference to try to help clarify its collaboration-tool strategy. Here’s how SharePoint, Teams and Yammer figure in the mix.
Source: Microsoft tries to stem its self-made collaboration-tool confusion | ZDNet
How many more of these IoT devices that use DRM technology to validate the use of proprietary refills do we have to endure?
The Internet of Things (IoT) is awesome. I love my smart devices when they make my life easier.
That’s supposed to be the point of connected devices, which is to add sensor capability, remote operation, and data gathering that benefits the end-user.
Yes, that data is valuable to the device manufacturer, too, which runs cloud services in order to make that product work. And it’s a huge liability should that data make it out into the wild. But that’s the cost of IoT.
I have a lot of connected devices in my home. Thermostats, lighting, fans, electrical switches, garage door openers, and even my swimming pool/spa heater and pump. And, of course, my smart speakers, such as my Amazon Echo devices and Sonos devices.
Source: Jailbreaking your connected coffee machine: The idiocy of things | ZDNet
And the #1 stupid admin of the day is…
The IT admin demanded $10,000, when he didn’t get it things got X-rated
Source: “Admin from Hell” holds company to ransom with porn makeover
Okay… going after a movie studio or corporation is one thing. Going after children is another. Where is Anonymous on this? #whereisanonymous
The hacking group stole personal information and sent explicit death threats against children to their parents.
Source: Hackers holds entire school district to ransom
Not a bad read, really… but still missing the point on some level.
Shadow IT can leave the virtual door open to hackers and cyber thieves. Learn 5 common risks, and how you can help avoid them, from Travelers.
Source: 5 Shadow IT Practices That Put Technology Companies at Risk
A cryptocurrency miner surfaced on The Pirate Bay for a day over the weekend.
Source: Pirate Bay Spotted Hosting Monero Cryptocurrency Miner
Mobile devices and facial recognition software have made the list this year.
Human error is often a factor when cybersecurity barriers fall, but according to hackers, password protection, facial recognition, and access controls are blind spots in corporate network security.
According to Bitglass’ Data Games: Security Blind Spots report, both black and white self-labeled hackers said that these security measures are the least effective and it may not even be necessary to brute-force for credentials or snoop and steal them with Man-in-the-Middle (MiTM) attacks.
Instead, human error and ignorance are always exploitable weak links and therefore phishing campaigns are the best data exfiltration strategy against the enterprise.
Source: Hackers reveal leading enterprise security blind spots | ZDNet
