One night this week, I came across one of my favorite movies Willy Wonka and the Chocolate Factory. The world had gone crazy after the reclusive Willy Wonka announces that he has hidden five golden tickets in chocolate Wonka Bars that promised a factory tour and a lifetime supply of chocolate. There’s a scene at…
Read More
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, the FBI reports a global BEC loss of over $12 billion in 2018. Also, a Blackgear cyberespionage campaign has reemerged, using social media and command-and-control (C&C) to…
Read More Earlier this week, I wrote a blog covering a couple of the statistics from the Zero Day Initiative’s (ZDI) first half of 2018. One of the stats that I didn’t cover is the increasing focus on enterprise applications. The team is seeing consistent growth in submissions of Microsoft and Apple vulnerabilities, but now they’re also…
Read More Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, Timehop, Macy’s, Bloomingdale’s, and Domain Factory announce a system-wide breach. Also, a new AI tool, Claudette, is holding tech companies accountable for GDPR compliance. Read on to learn…
Read More
At recent Industrial IoT security briefings, the Aurora vulnerability has come up repeatedly. Attendees ask, “Is our country’s power grid safe? How can we protect the grid? What is Aurora?” This post provides a look at Aurora, and the BlackEnergy attack that can exploit Aurora. In March 2007, the US Department of Energy demonstrated the…
Read More
Today’s highly automated and connected smart factories (Industry 4.0) were born out of yesterday’s steam engines that mechanized manufacturing (Industry 1.0); mass-production lines expanded with the advent of electricity (Industry 2.0); and then IT-enabled manufacturing plants ushered in the era of connected industrial control systems with programmable logic controllers (PLC). While enterprises struggle to enhance…
Read More
Trend Micro is excited to partner with SPC International in this 5-part Blog, Webinar and Online Training Series; focused on Building a Profitable Security Services Offering for MSP Partners. Through the series, SPC will teach you a selling process of leading with security, steps in growing your recurring managed security services revenue and provide you…
Read More
When the Zero Day Initiative (ZDI) was formed in 2005, the cyber threat landscape was a bit different from what we see today. Threats were a little less sophisticated, but there was one thing that we saw then that we still see now: the shortage of cybersecurity professionals and researchers. The team decided that with…
Read More The General Data Protection Regulation (GDPR) has been up and running for a couple of months now and your organization is compliant. It’s time to take a little break – well, not so fast! Late last week, the State of California passed a new data privacy law called the California Consumer Privacy Act of 2018….
Read More Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, California lawmakers passed a new online privacy bill guaranteeing more control over user data. Also, Typeform announced a breach involving the customer names, email addresses, Twitter credentials,…
Read More
