Tag Archive for: spooks

Health hackers evolve, AI cyberattacks, NK spooks drills

/in


Cyber Security Headlines: Week in Review (August 21 - 25, 2023) with guest Gerald Auger Ph.D., chief content creator, Simply Cyber

This week’s Cyber Security Headlines – Week in Review, is hosted by Rich Stroffolino with guest Gerald Auger Ph.D., Chief Content Creator, Simply Cyber

Here are the stories we plan to cover TODAY, time permitting. Please join us live at 12:30pm PT/3:30pm ET by registering for the open discussion on YouTube Live.

Cyber Health Report: Hacker entry point shifts from email to network

We have been covering a growing number of stories on breaches and attacks on hospitals and healthcare systems on Cyber Security Headlines, and yesterday, Critical Insight released its H1 2023 Healthcare Data Cyber Breach Report. Chief among its findings is that “the first six months of the year saw an encouraging decrease in the overall number of data breaches impacting healthcare organizations, it was overshadowed by large-scale breaches resulting in a significant increase in the number of individuals affected, which reached record levels.” The report predicts that 2023 is “on pace to break the record for individuals affected by breaches.” Hacking/IT incidents were the primary cause of breaches, with network server breaches accounting for 97% of records affected, with only 2% due to email breaches. The full report is available at Critical Insight, and a link is available in the show notes to this episode.

(Critical Insight)

Deep Instinct study finds significant increase in Generative AI fueled cyber attacks

Cybersecurity company Deep Instinct today releases its fourth edition of its Voice of SecOps Report, based on research conducted by Sapio Research which surveyed over 650 senior security operations professionals in the US, including CISOs and CIOs. Chief among its findings: “70% of security professionals say generative AI is positively impacting employee productivity and collaboration, with 63% stating the technology has also improved employee morale. However, 75% of security professionals witnessed an increase in attacks over the past 12 months, with 85% attributing this rise to bad actors using generative AI. Nearly half (46%) agree that ransomware is the greatest threat to their organization’s data security and 62% admit that ransomware…

Source…

Chinese-made drone app in Google Play spooks security researchers – Ars Technica

/in
  1. Chinese-made drone app in Google Play spooks security researchers  Ars Technica
  2. Popular Chinese-Made Drone Is Found to Have Security Weakness  The New York Times
  3. Chinese-made drone app may be spying on Americans  SC Magazine
  4. DJI Drone App Riddled With Privacy Issues, Researchers Allege  Threatpost
  5. View Full Coverage on read more

“android security news” – read more

Chinese-made drone app in Google Play spooks security researchers

/in
A DJI Phantom 4 quadcopter drone.

Enlarge / A DJI Phantom 4 quadcopter drone. (credit: Andri Koolme)

The Android version of DJI Go 4—an app that lets users control drones—has until recently been covertly collecting sensitive user data and can download and execute code of the developers’ choice, researchers said in two reports that question the security and trustworthiness of a program with more than 1 million Google Play downloads.

The app is used to control and collect near real-time video and flight data from drones made by China-based DJI, the world’s biggest maker of commercial drones. The Play Store shows that it has more than 1 million downloads, but because of the way Google discloses numbers, the true number could be as high as 5 million. The app has a rating of three-and-a-half stars out of a possible total of five from more than 52,000 users.

Wide array of sensitive user data

Two weeks ago, security firm Synacktiv reverse-engineered the app. On Thursday, fellow security firm Grimm published the results of its own independent analysis. At a minimum, both found that the app skirted Google terms and that, until recently, the app covertly collected a wide array of sensitive user data and sent it to servers located in mainland China. A worst-case scenario is that developers are abusing hard-to-identify features to spy on users.

Read 15 remaining paragraphs | Comments

Biz & IT – Ars Technica

Penten smooths mobile security for spooks – Computerworld Australia

/in

Penten smooths mobile security for spooks
Computerworld Australia
Australia is not renowned for producing homegrown security hardware, but Canberra-based company Penten is bringing to market a tiny device that promises big benefits, and significant cost savings, when it comes to secure wireless access to classified

mobile security – read more