In light of Uber’s most recent breach news, that comes on the heels of several other notable breaches, some question whether the cybersecurity industry is able to keep up.
Brian Krebs engaged a wide audience on Twitter when he asked whether Uber’s choice to pay hackers to cover up a major breach was any different from paying a ransomware fee to have files decrypted. Optimists hope that the recent attacks will serve to raise the bar in cybersecurity policies and practices. Yet, here we are at the start of the holidays, bombarded with lists of ways to beware of cyber criminals who love the online shopping deals more than shoppers.
As we all digest the good food and cheer we enjoyed this Thanksgiving, heeding the caution of mounting security concerns, let’s take a few moments to look at other security news that matters.
- Security researcher Kevin Finisterre, who discovered a vulnerability in a DJI drone, never received his bug bounty payment. DJI said his assumed right to disclose his findings was a violation of their responsible disclosure agreement.
- A computer scientist at New York University, Justin Cappos, warns about the potential for hackers to compromise any car built as long ago as 2000.
- A vulnerability in a widely used Intel-chip has the U.S. government concerned for enterprise security. “These vulnerabilities affect essentially every business computer and server with an Intel processor released in the last two years,” said Jay Little, a security engineer with cyber consulting firm Trail of Bits.
- When majors news stories break, as Uber’s cover up did this week, experts in the security industry want to weigh in, so much so that Security Brief ran a two part series of the comments from global industry leaders.
- World Health Energy, Inc launched a new monitoring software, Keep Kids Secure, entering the cybersecurity market at $100 billion.
- Thanks to WannaCry and other large scale cyberattacks, security is becoming a high priority in board rooms — moving security out of IT and into a department all on its own.
- The gap that keeps SMBs at risk of cyberattacks is one of awareness. The solutions small businesses need to defend against cyber threats are available, but often SMBs don’t know or understand which security tools they need.