Category: NEWS & INDUSTRY

Two Big OT Security Concerns Related to People: Human Error and Staff Shortages

A survey of 3,500 security experts from around the world shows that a lot of the cybersecurity problems related to operational technology (OT) involve people, specifically human error and a significant shortage of staff.

Organizations Warned of New Lilith, RedAlert, 0mega Ransomware

Security researchers with threat intelligence firm Cyble have warned organizations about three new ransomware families named Lilith, RedAlert and 0mega.

Investment in IIoT/OT Security Leads to Reduced Incident Impact: Study

A survey commissioned by cybersecurity firm Barracuda shows that while most organizations using operational technology (OT) or industrial IoT (IIoT) systems have experienced a security incident, impact was smaller for those that have invested more in security.

Microsoft: 10,000 Organizations Targeted in Large-Scale Phishing Campaign

Microsoft has warned users about a large-scale phishing campaign that has been targeting over 10,000 organizations to perform follow-on business email compromise (BEC).

Bishop Fox Lands $75 Million Series B Funding

Arizona-based Bishop Fox raised a massive funding round as venture capital investors continue to bet big on the continuous attack surface management category

CIA Coder Convicted of Massive Leak of US Hacking Tools

A former CIA programmer was found guilty in New York federal court Wednesday of the 2017 leak of the US spy agency’s most valuable hacking tools to WikiLeaks, two years after his initial prosecution ended in mistrial.

Lenovo Patches UEFI Code Execution Vulnerability Affecting Many Laptops

Lenovo has released a security advisory to inform customers that more than 70 of its laptops are affected by a UEFI/BIOS vulnerability that can lead to arbitrary code execution.

Retbleed: New Speculative Execution Attack Targets Intel, AMD Processors

Researchers at Swiss university ETH Zurich have devised a new speculative execution attack that can lead to information leaks and works against both Intel and AMD processors.

DLL Hijacking Flaw Fixed in Microsoft Azure Site Recovery

Microsoft’s massive Patch Tuesday rollout this month included fixes for multiple high-severity vulnerabilities impacting the Azure Site Recovery service.

Microsoft Releases Open Source Toolkit for Generating SBOMs

Software giant Microsoft has open-sourced its internal tool for generating SBOMs (software bill of materials) as part of a move to help organizations be more transparent about supply chain relationships between components used when building a software product.