Security Architecture - 001
MIS 5214 - Section 001 - David Lanter
January 23, 2020 by David Lanter 11 Comments
Akshay Shendarkar says
January 24, 2020 at 3:25 pm
Senators from multiple states are championing for the dedicated cyber security leader for each state and proposing a new bill to bolster the state and local governments’ cyber security posture.
Numneung Koedkietpong says
January 24, 2020 at 8:17 pm
The personal information (PII) including name, date of birth, email, and medical ID records for cannabis users was compromised via software THSuite which is located in Amazon Web Services (AWS) S3. The reason of this data breach was from misconfiguration in cloud without any authentication or security in place. This problem was detected on Dec 24, 2019 and already solved by Jan 14, 2020
Zeynep Sahin says
January 24, 2020 at 11:25 pm
The article entitled “We’re Going to Need a Better Plan” emphasis the necessity and importance of having security plan. The article draws attention about the growing number of cyber-attacks against SCADA based environments within manufacturing. Although, companies mostly spend their budget for defense, they cannot prevent increase of attacks because without uncovering potential vulnerabilities, even the strongest defense methods are useless. Some recommendation that the article expresses are security assessment, audit, attacker profiling, and continuous monitoring.
For details here is the article: https://www.infosecurity-magazine.com/opinions/need-better-plan/
Percy Jacob Rwandarugali says
January 25, 2020 at 12:41 pm
Facebook’s Sir Nick Clegg criticised over WhatsApp security:
Security researchers have criticised Facebook’s head of communications, Sir Nick Clegg, for his response to the hacking of Amazon chief Jeff Bezos.
Mr Bezos’ phone was hacked in May 2018 after he received a WhatsApp message loaded with malware. But in an interview with the BBC, Sir Nick said WhatsApp’s encrypted messages could “not be hacked into”. And he failed to acknowledge security flaws in the app that had let hackers compromise their target’s smartphones.
Natalie Dorely says
January 26, 2020 at 9:47 pm
There have been warnings circulating in the US in regards to flawed medical devices. These can be hacked by unauthorized users can cause the devices to be silent to alarms, create false alarms, or disable the device all together.
Joseph Nguyen says
January 26, 2020 at 11:55 pm
An expert at AI-based offers his look ahead at the year – focusing on AI, cybersecurity, and interoperability. He predicts that In 2020, AI will aid administrators and CISOs regarding internal company security.
Junjie Han says
January 27, 2020 at 6:56 pm
The Google and Firefox networks suspended the availability of paid Add-ons for the browser.While this is temporary, it can be deadly for suppliers.The increase in fraud has led Google and Firefox to re-audit the extensions.
Many of those marked for attention are thought to have been executing code from remote servers, installing malware, deliberately hiding code or eavesdropping on user searches.
Imran Jordan Kharabsheh says
January 28, 2020 at 3:52 am
This article, written by Tara Seals, discusses the recent disciplinary activities that both Mozilla and Google have taken against web browser extensions that actively or have the potential to be malicious. While browser extensions are easy to install and can simplify or enhance our browsing experience, they can also compromise users either intentionally or unintentionally by exploiters. Some of these compromising cases include users having their PII stolen or having remote code being executed on their computers.
Alexander Reichart-Anderson says
January 28, 2020 at 8:26 am
This week in the news I explored a flaw that allowed hackers to access zoom meetings by guessing a meeting ID. Since Zoom is the new group/class video client used by Temple, its students, and teachers — I thought this was a very relevant article. The bug was corrected by actually recoding the security client/software used by Zoom. Hackers were able to inject a code into the URL and gain access through that. However, by recoding the software, the meeting IDs are more secure leading to better video calls.
Christopher James Lukens says
January 28, 2020 at 11:06 am
Maryland bill will outlaw ransomware but impose difficulties on security researchers. The bill currently still in draft, has little no no exclusions for research and would make possessing ransomware illegal. The other difficulty is that the vast majority of ransomware stems from out side the united states and it would be quite difficult to extradite someone to the US because of a broken state law.
January 29, 2020 at 12:36 am
UK’s IoT Law Hopes to Drive Security-by-Design
The UK Government has introduced a new consumer IoT law designed to prohibit the sale of smart products that fail to meet three strict security requirements. This proposal would ensure all IoT kit sold in the UK allows users to set unique passwords and not revert them to any factory settings. This will help to reduce the scourge of Mirai-like malware, which finds exposed devices on the internet and cracks them open with a list of popular default password choices. It will also require manufacturers of IoT devices to provide a public point of contact so that anyone can report vulnerabilities and have them acted on “in a timely manner”. Also, the IoT Kit-makers would have to state the minimum length of time a device will receive security updates at point-of-sale, allowing consumers to decide whether they’re happy with vendor promises.
You must be logged in to post a comment.