Lifeboat Foundation

Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Watch now.

Today, with the rampant spread of cybercrime, there is a tremendous amount of work being done to protect our computer networks — to secure our bits and bytes. At the same time, however, there is not nearly enough work being done to secure our atoms — namely, the hard physical infrastructure that runs the world economy.

Nations are now teeming with operational technology (OT) platforms that have essentially computerized their entire physical infrastructures, whether it’s buildings and bridges, trains and automobiles or the industrial equipment and assembly lines that keep economies humming. But the notion that a hospital bed can be hacked — or a plane or a bridge — is still a very new concept. We need to start taking such threats very seriously because they can cause catastrophic damage.

Researchers warn against the Windows malware ViperSoftX, which infects users’ Chromium-based web browsers with malicious extensions.

SharkBot Android banking fraud malware has resurfaced on the official Google Play Store and pretends to be a file manager app.

Black Basta ransomware gang is actively infiltrating U.S. companies with the Qakbot malware to create an initial entry point.

Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Watch now.

Cybersecurity is an expensive business. To prepare to address sophisticated threat actors, an enterprise needs to maintain a complete security operations center (SOC) filled with state-of-the-art technologies and experienced professionals who know how to identify and mitigate threats.

All of these factors add up. According to a new report released by threat prevention provider Perception Point and Osterman Research, organizations pay $1,197 per employee yearly to address cyber incidents across email services, cloud collaboration apps or services, and web browsers.

Microsoft said today that security vulnerabilities found to impact a web server discontinued since 2005 have been used to target and compromise organizations in the energy sector.

As cybersecurity company Recorded Future revealed in a report published in April, state-backed Chinese hacking groups (including one traced as RedEcho) targeted multiple Indian electrical grid operators, compromising an Indian national emergency response system and the subsidiary of a multinational logistics company.

The attackers gained access to the internal networks of the hacked entities via Internet-exposed cameras on their networks as command-and-control servers.

Secure communications provider Wickr has announced that it will shutter its free encrypted messaging app, Wickr Me, next year.

Text messaging has been around since the dawn of cellular technology, and sparked its own unique language. But it’s time to put sending regular SMS messages out to pasture.

If you have an iPhone, you’re already on your way. iPhones (as well as iPads and Macs) use iMessage to send messages between Apple devices. It’s a data-based messaging system reliant on 3G, 4G, and Wi-Fi, rather than SMS messaging, which uses an old, outdated but universal 2G cellular network. iMessage has grown in popularity, but has left Android devices and other computers out in the dark.

Continue reading “Cybersecurity 101: How to choose and use an encrypted messaging app” »

WASHINGTON, Nov 8 (Reuters) — The United States and Russia are expected to meet soon and discuss resuming inspections under the New START nuclear arms reduction treaty that have been paused since before Russia’s invasion of Ukraine, U.S. State Department spokesperson Ned Price said on Tuesday.

Speaking at a daily press briefing, Price said the bilateral consultative commission (BCC), the mechanism for implementation of the last remaining arms control agreement between the world’s two largest nuclear powers, will meet “in the near future.”

Russia in August suspended cooperation with inspections under the treaty, blaming travel restrictions imposed by Washington and its allies over Moscow’s February invasion of Ukraine, but said it was still committed to complying with the provisions of the treaty.

A major vulnerability in a networking technology widely used in critical infrastructures such as spacecraft, aircraft, energy generation systems and industrial control systems was exposed by researchers at the University of Michigan and NASA.

It goes after a network protocol and hardware system called time-triggered ethernet, or TTE, which greatly reduces costs in high-risk settings by allowing mission-critical devices (like flight controls and life support systems) and less important devices (like passenger WiFi or data collection) to coexist on the same network hardware. This blend of devices on a single network arose as part of a push by many industries to reduce network costs and boost efficiency.

Continue reading “Cyber vulnerability discovered in networks used by spacecraft, aircraft and energy generation systems” »