2018, Architecture and Technology - Cyber Security Informer

News Alert: Security Risk Advisors joins Microsoft Intelligent Security Association (MISA)

The Last Watchdog

JANUARY 7, 2025

Joining MISA represents a significant milestone, demonstrates the company’s ability to deliver impactful security solutions while increasing adoption of their SCALR XDR offering and helping clients maximize their investment in Microsoft Security technologies. Philadelphia, Pa.,

Risk

Risk Penetration Testing Marketing Technology

Crosspost: A Simple SOAR Adoption Maturity Model

Anton on Security

JUNE 17, 2022

For example, in my analyst days, I built a maturity model for a SOC (2018) , a SIEM deployment (2018) and vulnerability management (2017). Admittedly many organizations don’t have a SOAR or comparable technology, so they fall outside of this visual. Guess which one is missing? The one for SOAR! Now, why was it missing?

Architecture

Architecture Technology Phishing

Evaluating the NSA's Telephony Metadata Program

Schneier on Security

AUGUST 12, 2019

The second emerged in June 2018 when the NSA announced the purging of three years' worth of CDR records for "technical irregularities." Second, we show how the architecture of modern telephone communications might cause collection errors that fit the reported reasons for the 2018 purge.

Surveillance

Surveillance Architecture Encryption Technology

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

NEW TECH: Alcide introduces a “microservices firewall” as a dynamic ‘IaaS’ market takes shape

The Last Watchdog

APRIL 23, 2019

billion in 2018. Tech vendors and their enterprise customers want to leverage distributed architectures and multiple cloud platforms to the hilt. At the end of the day, Dev and DevOps, not IT, are the ones driving adoption of these new technologies,” Naor told me. billion in 2021 , up from $40.8

Marketing

Marketing Firewall Architecture Software

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

The Last Watchdog

JUNE 10, 2019

I recently had the chance to discuss this with John Loucaides, vice-president of engineering at Eclypsium, a Beaverton, OR-based security startup that is introducing technology to scan for firmware vulnerabilities. Loucaides One type of common firmware vulnerability isn’t so much a coding flaw as it is an architectural soft spot, if you will.

Firmware

Firmware Cybersecurity Technology Engineering

Beyond the Surface: the evolution and expansion of the SideWinder APT group

SecureList

OCTOBER 15, 2024

SideWinder, aka T-APT-04 or RattleSnake, is one of the most prolific APT groups that began its activities in 2012 and was first publicly mentioned by us in 2018. Some infection routines do not check the architecture. The payloads are selected at runtime according to the system architecture, and merged before injection.

Malware

Malware Encryption Architecture Phishing

The War in Technology: A Digital Iron Curtain Goes Up

SecureWorld News

MARCH 10, 2022

WaPost : Depriving rivals of American-made technology also threatens the future global prospects of an industry that has driven U.S. It makes sense for companies to cut off Russia. But there are potential long-term implications. economic growth for most of this century.

Technology

Technology Internet Internet Telecommunications

Muhstik botnet adds Oracle WebLogic and Drupal exploits

Security Affairs

NOVEMBER 11, 2020

Muhstik is a botnet that is known to use web application exploits to compromise IoT devices, it has been around for at least 2018. The bot includes exploits for Oracle WebLogic Server vulnerabilities CVE-2019-2725 and CVE-2017-10271 , and the Drupal RCE flaw tracked as CVE-2018-7600. y/pty2 hxxp://167.99.39.134/.x/pty3.

IoT

IoT Malware DDOS Architecture

Millions of computers powered by Intel chips are affected by MDS flaws

Security Affairs

MAY 14, 2019

. “MDS may allow a malicious user who can locally execute code on a system to infer the values of protected data otherwise protected by architectural mechanisms.” “Refer to the MDS table in Deep dive: CPUID Enumeration and Architectural MSRs for a list of processors that may be affected by MDS.

Architecture

Architecture Advertising Encryption Passwords

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

SecureList

APRIL 17, 2025

To us, this observed choice of victims wasn’t surprising, as back in 2018, we wrote that IronHusky, the actor related to this RAT, has a specific interest in targeting these two countries. It turned out that the implant has been actively used in cyberattacks all these years although not reported.

Malware

Malware Encryption Architecture Engineering

Czech cyber-security agency warns over Huawei, ZTE security threat

Security Affairs

DECEMBER 18, 2018

A Czech cyber-security agency is warning against using Huawei and ZTE technologies because they pose a threat to state security. In November 2018, the Wall Street Journal reported that the US Government was urging its allies, including Germany, to exclude Huawei from critical infrastructure and 5G architectures.

Manufacturing

Manufacturing Advertising Internet Internet

US officials claim Huawei Equipment has secret backdoor for spying

Security Affairs

FEBRUARY 13, 2020

officials say Huawei Technologies Co. In November 2018, the Wall Street Journal reported that the US Government was urging its allies to exclude Huawei from critical infrastructure and 5G architectures. This week The Wall Street Journal reported that U.S. “U.S. ” states The Wall Street Journal. officials said.

Manufacturing

Manufacturing Advertising Surveillance Architecture

Germany’ BSI chief says ‘No Evidence’ of Huawei spying

Security Affairs

DECEMBER 17, 2018

The head of Germany’s BSI admitted that since now there is no proof espionage activity conducted through Huawei technology. In November 2018, the Wall Street Journal reported that the US Government is urging its allies, including Germany, to exclude Huawei from critical infrastructure and 5G architectures.

Technology

Technology Advertising Internet Internet

US officials meet UK peers to remark the urgency to ban Huawei 5G tech

Security Affairs

JANUARY 13, 2020

officials responsible for national security and telecommunications were meeting their peers in Britain ahead of the final decision on Huawei 5G technology. Prime Minister Boris Johnson’s government to ban Huawei 5G technology from its networks. The security and resilience of the U.K.’s According to U.K.

Telecommunications

Telecommunications Government Advertising Architecture

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. IoT Attacks in 2018. Yet, the major attack of 2018 was definitely VPNFilter, hitting over half a million devices, mostly routers, from a wide range of known vendors.

IoT

IoT Manufacturing Internet Internet

Canadian intelligence agencies CSE and CSIS are divided on Huawei 5G ban

Security Affairs

NOVEMBER 14, 2019

The Canadian Security Intelligence Service (CSIS) and the Communications Security Establishment (CSE) are divided over the ban of Huawei 5G technology. The Canadian Security Intelligence Service (CSIS) and the Communications Security Establishment (CSE) agencies are divided over the ban of Huawei 5G technology.

Government

Government Telecommunications Wireless Security Intelligence

Digital Transformation starts with the Employees

Thales Cloud Protection & Licensing

FEBRUARY 6, 2018

This past month, CEOs, elected leaders and academics from around the globe gathered at the World Economic Forum (WEF) in Davos, Switzerland, to discuss the world’s most pressing problems including technological change, global trade, education, sustainability, and gender equality. The report states that the careers of 1.4

Digital transformation

Digital transformation Artificial Intelligence Technology IoT

US and UK link new Cyclops Blink malware to Russian state hackers?

Security Affairs

FEBRUARY 23, 2022

Sandworm (aka BlackEnergy and TeleBots) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017, causing billions worth of damage.

Malware

Malware Firmware Architecture Firewall

Serverless to the Max: Doing Big Things for Small Dollars with Cloudflare Workers and Azure Functions

Troy Hunt

SEPTEMBER 5, 2018

I keep finding new ways of optimising cost and the two most significant contributions to that since launching almost 5 years ago have come via serverless technology provided by 2 of my favourite tech companies: Cloudflare and Microsoft. pic.twitter.com/eZqgS9oJnJ — Matthew Prince (@eastdakota) July 22, 2018. on bandwidth.

Passwords

Passwords Architecture Data breaches Technology

Rapid7 InsightIDR Review: Features & Benefits

eSecurity Planet

SEPTEMBER 24, 2021

The list of tools and features included with InsightIDR include: User and entity behavior analytics (UEBA) Endpoint detection and response (EDR) Network traffic analysis (NDR) Centralized log management Automated policy capabilities Visual investigation timeline Deception technology File integrity monitoring (FIM). Rapid7: Company Background.

DNS

DNS Technology Cybersecurity Data collection

Czech public radio says Huawei Czech Unit secretly collected data

Security Affairs

JULY 22, 2019

In December 2018, the Czech National Cyber and Information Security Agency warned against using the equipment manufactured by Chinese firms Huawei and ZTE because they pose a threat to state security. The United States , Australia , New Zealand , and Japan announced the exclusion of Huawei technology for their 5G internet networks.

Manufacturing

Manufacturing Internet Internet Advertising

Pixel 6: Setting a new standard for mobile security

Google Security

OCTOBER 27, 2021

Google Tensor’s main processors are Arm-based and utilize TrustZone ™ technology. TrustZone is a key part of our security architecture for general secure processing, but the security improvements included in Google Tensor go beyond TrustZone. Beyond the Phone Defense-in-depth isn’t just a matter of hardware and software layers.

Mobile

Mobile Architecture Software Backups

Could this 'Unhackable' Chip Be a Security Moonshot?

SecureWorld News

APRIL 8, 2021

Undefined semantics are nooks and crannies of the computing architecture—for example the location, format, and content of program code. Talk of an unhackable technology reminds me of a fireside chat I saw at a SecureWorld conference a few years ago. It's perhaps the closest thing to a future-proof secure system.".

CISO

CISO Encryption Engineering Telecommunications

New England Biolabs leak sensitive data

Security Affairs

OCTOBER 24, 2023

In 2018, Uber had to pay a high price of $148 million for exposing the personal information of 57 million people worldwide – including driver’s license information – after trying to pay the ransom and keep things quiet. Keeping crucial.env files secure is essential, as they could be used to compromise services and applications.

Data breaches

Data breaches Social Engineering Phishing DDOS

New Cloud Security Alliance Survey Finds Uneven Adoption of Emerging Technologies

CyberSecurity Insiders

FEBRUARY 3, 2022

SEATTLE–( BUSINESS WIRE )–The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today released the findings of its latest survey, Cloud Security and Technology Maturity.

Technology

Technology Artificial Intelligence Digital transformation Government

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

Security Affairs

JUNE 15, 2020

Researchers at cybersecurity firm Positive Technologies Security have discovered several vulnerabilities in communication protocol GPRS Tunnelling Protocol ( GTP ), that is used by mobile network operators (MNOs). The second architectural flaw is related subscriber credentials that are checked on S-GW (SGSN) equipment by default.

Mobile

Mobile Internet Internet Advertising

New Linux FASTCash Variant: Threats to Banking Systems

Hacker's King

DECEMBER 17, 2024

First discovered in 2018, it has been used to carry out large-scale ATM cash-out operations. Adopt Zero Trust Architecture Zero Trust principles ensure that no user or device is trusted by default, minimizing the risk of unauthorized access to critical systems. Provide incentives for adopting advanced security technologies.

Banking

Banking Social Engineering Malware Cyber threats

New Bill prohibits intelligence sharing with countries using Huawei 5G equipment

Security Affairs

JANUARY 12, 2020

Since November 2018, the US Government has invited its allies to exclude Chinese equipment from critical infrastructure and 5G architectures over security concerns.

Telecommunications

Telecommunications Advertising Architecture Government

Securing the future of IoT devices

CyberSecurity Insiders

FEBRUARY 12, 2021

The worldwide number of IoT-connected devices is projected to increase to 43 billion by 2023 , an almost threefold increase from 2018 , demonstrating the pace at which the world is becoming more connected. T he Secredas Project : Advancing technolog ies for co nnected and automated vehicles .

IoT

IoT Architecture Authentication Technology

Top Secure Access Service Edge (SASE) Providers

eSecurity Planet

JUNE 6, 2022

Just what is SASE technology? Specific technologies found in SASE offerings often include SD-WAN and Cloud Access Security Brokers (CASB) , secure web gateways , ZTNA, firewalls as a service (FWaaS) , VPNs and microsegmentation. What is Secure Access Service Edge? ResearchAndMarkets sees the SASE market growing at a 36.4%

Firewall

Firewall Architecture Technology Encryption

How Website Localization Strengthens Cybersecurity in Global Markets

SecureWorld News

FEBRUARY 4, 2025

Technical components: Website architecture must be reconfigured to ensure that search engines see multiple language versions of your website properlyas different subsets, not as duplicates. Here are the key components to focus on when introducing your website to new audiences. EU, and China.

Marketing

Marketing Cybersecurity eCommerce Data breaches

NEW TECH: Will ‘Secure Access Service Edge’ — SASE — Be the Answer to Secure Connectivity?

The Last Watchdog

DECEMBER 8, 2020

The beauty of SASE is that it accomplishes this not by inventing anything new, but simply by meshing mature networking and security technologies together and delivering them as a single cloud service — with all of the attendant efficiency and scalability benefits.

Firewall

Firewall Digital transformation Internet Internet

Weak Cybersecurity? Here’s Something You Can Do About It

Adam Levin

NOVEMBER 15, 2019

Especially in North America, where the technology has been slow to catch on , the NordVPN breach may seem overblown, but it has raised a crucial question for small to medium sized businesses and large corporations alike: Are VPNs effective? A 2018 study regarding VPN use worldwide is worth considering. They blamed a vendor.

VPN

VPN Cybersecurity Firewall Data breaches

MY TAKE: Six-figure GDPR privacy fines reinforce business case for advanced SIEM, UEBA tools

The Last Watchdog

AUGUST 29, 2019

The EU slammed the UK airline with a $230 million fine , and then hammered the US hotel chain with a $125 million penalty – the first major fines under the EU’s toughened General Data Protection Regulation , which took effect May 25, 2018. Related: Will GDPR usher in new age of privacy? Forty-nine percent said they were not aligned at all.

Big data

Big data Data breaches Digital transformation Architecture

Foreshadow Attacks – experts found 3 new Intel CPU side-channel flaws

Security Affairs

AUGUST 15, 2018

The three Foreshadow vulnerabilities are: CVE-2018-3615 that affects the Intel’s Software Guard Extensions (SGX); CVE-2018-3620 that affects operating systems and System Management Mode (SMM); . CVE-2018-3646 that affects virtualization software and Virtual Machine Monitors (VMM). ” reads the post published by Intel.

Architecture

Architecture Software Advertising Technology

Winnti uses a new PipeMon backdoor in attacks aimed at the gaming industry

Security Affairs

MAY 22, 2020

The APT group targeted organizations in various industries, including the aviation, gaming, pharmaceuticals, technology, telecoms, and software development industries. Experts noticed that the PipeMon backdoor was signed with a certificate belonging to a video game company that was already hacked by Winnti in 2018.

Malware

Malware Hacking Advertising Architecture

Nine 2019 Cybersecurity Predictions

Security Affairs

JANUARY 8, 2019

The Internet of Things is a remarkable benchmark in human technological advancement. A few years ago, big box chain Target demonstrated the potential folly of using vendors and connected technologies that hadn’t been fully vetted yet. Everybody Will Have to Choose Their Partners and Equipment More Carefully.

Cybersecurity

Cybersecurity Small Business Internet Internet

Negative opinion of Italy security committee Copasir on Huawei, ZTE 5G solutions

Security Affairs

DECEMBER 20, 2019

In November 2018, US Government invited its allies to exclude Huawei equipment from critical infrastructure and 5G architectures. The Copasir commission submitted a document to parliament on December 12, its opinion is not binding for the government strategy of building the 5G national infrastructure.

Government

Government Advertising Architecture Technology

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

NOVEMBER 29, 2019

Compared to its predecessors, the sixth “Hi-Tech Crime Trends” report is the first to contain chapters devoted to the main industries attacked and covers the period from H2 2018 to H1 2019, as compared to the period from H2 2017 to H1 2018. As for 2019, it has become the year of covert military operations in cyberspace.

Banking

Banking Telecommunications Marketing Internet

ROUNDTABLE: Why T-Mobile’s latest huge data breach could fuel attacks directed at mobile devices

The Last Watchdog

AUGUST 19, 2021

Chris Clements, VP of Solutions Architecture, Cerberus Sentinel. For T-Mobile, this is the sixth major breach since 2018. Clearly, there was a failure somewhere, either human error or faulty technology or both. It’s incumbent upon us as consumers of technologies services to adopt a defense-in-depth posture.

Mobile

Mobile Data breaches Authentication Accountability

Securing industrial networks: What is ISA/IEC 62443?

Cisco Security

MARCH 12, 2021

Cyber attacks targeting industrial networks increased by 2000% from 2018 to 2019. Attacks on operational technology (OT) can interrupt production and revenue, expose proprietary information, or taint product quality. They can even put employees in harm’s way or damage the environment.

IoT

IoT Cyber Attacks Cybersecurity Architecture

MTE - The promising path forward for memory safety

Google Security

NOVEMBER 7, 2023

Posted by Andy Qin, Irene Ang, Kostya Serebryany, Evgenii Stepanov Since 2018, Google has partnered with ARM and collaborated with many ecosystem partners (SoCs vendors, mobile phone OEMs, etc.) to develop Memory Tagging Extension (MTE) technology. We are now happy to share the growing adoption in the ecosystem.

Software

Software Technology Architecture Mobile

Group-IB and CryptoIns introduce the world’s first insurance against cyber threats for cryptocurrency exchanges

Security Affairs

NOVEMBER 6, 2018

According to Group-IB’s annual “ 2018 H i-Tech Crime Trends ” report, the estimated damage caused by targeted attacks on cryptocurrency exchanges in 2017 and the first three quarters of 2018 amounted to $877 million. Going forward, the list of exchanges where users are eligible for insurance is expected to expand.

Insurance

Insurance Cryptocurrency Cyber threats Marketing

News Alert: Security Risk Advisors joins Microsoft Intelligent Security Association (MISA)

Crosspost: A Simple SOAR Adoption Maturity Model

Webinars

Trending Sources

Evaluating the NSA's Telephony Metadata Program

Webinars

NEW TECH: Alcide introduces a “microservices firewall” as a dynamic ‘IaaS’ market takes shape

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

Beyond the Surface: the evolution and expansion of the SideWinder APT group

The War in Technology: A Digital Iron Curtain Goes Up

Muhstik botnet adds Oracle WebLogic and Drupal exploits

Millions of computers powered by Intel chips are affected by MDS flaws

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

Czech cyber-security agency warns over Huawei, ZTE security threat

US officials claim Huawei Equipment has secret backdoor for spying

Germany’ BSI chief says ‘No Evidence’ of Huawei spying

US officials meet UK peers to remark the urgency to ban Huawei 5G tech

5 IoT Security Predictions for 2019

Canadian intelligence agencies CSE and CSIS are divided on Huawei 5G ban

Digital Transformation starts with the Employees

US and UK link new Cyclops Blink malware to Russian state hackers?

Serverless to the Max: Doing Big Things for Small Dollars with Cloudflare Workers and Azure Functions

Rapid7 InsightIDR Review: Features & Benefits

Czech public radio says Huawei Czech Unit secretly collected data

Pixel 6: Setting a new standard for mobile security

Could this 'Unhackable' Chip Be a Security Moonshot?

New England Biolabs leak sensitive data

New Cloud Security Alliance Survey Finds Uneven Adoption of Emerging Technologies

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

New Linux FASTCash Variant: Threats to Banking Systems

New Bill prohibits intelligence sharing with countries using Huawei 5G equipment

Securing the future of IoT devices

Top Secure Access Service Edge (SASE) Providers

Top SD-WAN Solutions for Enterprise Security

How Website Localization Strengthens Cybersecurity in Global Markets

NEW TECH: Will ‘Secure Access Service Edge’ — SASE — Be the Answer to Secure Connectivity?

Weak Cybersecurity? Here’s Something You Can Do About It

MY TAKE: Six-figure GDPR privacy fines reinforce business case for advanced SIEM, UEBA tools

Foreshadow Attacks – experts found 3 new Intel CPU side-channel flaws

Winnti uses a new PipeMon backdoor in attacks aimed at the gaming industry

Nine 2019 Cybersecurity Predictions

Negative opinion of Italy security committee Copasir on Huawei, ZTE 5G solutions

Group-IB presents its annual report on global threats to stability in cyberspace

ROUNDTABLE: Why T-Mobile’s latest huge data breach could fuel attacks directed at mobile devices

Securing industrial networks: What is ISA/IEC 62443?

MTE - The promising path forward for memory safety

Group-IB and CryptoIns introduce the world’s first insurance against cyber threats for cryptocurrency exchanges

Stay Connected