New Vulnerability Found By Rapid7 Sheds Light On Smart Home Safety

Deral Heiland, Research Lead at Rapid7, is disclosing a vulnerability that reveals how popular home lighting system, Osram Lightify leaves users vulnerable to attack. A link to the blog post with additional details can be found here. Specifically, a malicious actor can: Execute commands to change lighting, and also execute commands to reconfigure the devices Inject code which could […]

Who’s Watching The Watchmen?

In the healthcare industry, those practicing in the field must take the Hippocratic Oath and swear to uphold specific ethical standards. This standard helps promote the idea of “do no harm” and healthcare practitioners take this oath very seriously. But what about the Information Technology industry? How do we ensure that those we give ultimate […]

Shade Ransomware Taken Down

In response to the news that a joint operation by Europol, the Dutch National High Tech Crime Unit, Intel, and Kaspersky has seized the command and control servers for the Shade ransomware strain and published code that allows anyone hit by the malware to decrypt their files. Mark James, security specialist at ESET commented below. […]

2016 Olympics: No Matter Who Takes Home Gold, The Hackers Win

When each nation’s best athletes compete at the Olympic Games, one city seemingly becomes the center of the universe. And while the world looks on closely, threat actors do the same—only for much more nefarious reasons. Every four years, the Olympics’ host country pours an enormous amount of time and resources into building the physical […]

Government Tests Use Of Social Media Accounts For Verifying Online User Identity

Following the news that the Government Digital Service (GDS) is testing ways to use people’s social media accounts to help prove their identity when accessing online public services, Lee Munson, Security Researcher at Comparitech.com. Lee Munson, Security Researcher at Comparitech.com: “In theory, the government’s idea of using social media accounts as a means of authenticating a consumer’s identity […]

O2 Customer Data Sold On Dark Net – Experts Comments

According to BBC reports, O2, one of the biggest UK mobile networks, appears to have suffered a data breach. The data was almost certainly obtained by using usernames and passwords first stolen from gaming website XSplit three years ago to log onto O2 accounts. Security experts at MIRACL, Lieberman Software, Comparitech.com, ESET, Veracode and Intercede commented below. Brian Spector, CEO […]

Urgent Need For Regulatory Standards

In light of the news that Amazon has won the approval for UK delivery drone tests, Colin Bull, Principal Consultant Manufacturing and Product Development at SQS, highlights below the vital need for the implementation of regulation and the standardisation of radio frequencies on which drones can operate. Colin Bull, Principal Consultant Manufacturing and Product Development at SQS: […]

DNC Email, Email Encryption Comments/Background

Security experts from VASCO Data Security, STEALTHbits Technologies, Lastline and InfoArmor provide their insight on DNC email and email Encryption below. John Gunn, VP of Communications at VASCO Data Security: “Encryption is simple to use, inexpensive, and highly effective. It doesn’t guarantee the hackers could not have obtained the information, but it certainly would have made their […]

Product Endorsement Rules Of Engagement

When I started writing for Tripwire and some of the other information security websites that graciously publish my work, I had a few humble goals in mind: To raise awareness about security-related topics for the general public; To spark some thought and conversation about information security; To educate folks who are considering a career and […]

DNC Hack – Emails Posted On Wikileaks

The Democratic National Committee’s email has been hacked and confidential emails have been posted on Wikileaks. The emails outline thoughts on the Bernie Sanders campaign, donors and their backgrounds and entertainers who might be invited or not to the White House. Tim Erlin, Senior Director of IT Security and Risk Management of Tripwire commented below. […]