BayPay Members Blogs

This additional resource is sponsored by The BayPay Forum.

Microsoft Finds Privilege Escalation, Code Execution Flaws in Huawei Tool

view counter
Microsoft researchers have identified potentially serious privilege escalation and arbitrary code execution vulnerabilities in a tool from Huawei. The vendor has released updates that should patch the flaws. The security bugs...
Continue reading
  0 Comments
0 Comments

Researchers Uncover Vulnerabilities in LTE Wireless Protocol

view counter
Researchers from the Korea Advanced Institute of Science and Technology Constitution (KAIST) say they have discovered 36 previously undisclosed vulnerabilities in the Long Term Evolution (LTE) protocol used by most mobile...
Continue reading
  0 Comments
0 Comments

Supply-Chain Attack Used to Install Backdoors on ASUS Computers

view counter
Hijacked Software Update Utility Could Have Impacted Over 1 Million ASUS Users Over 1 million ASUS users may have been impacted after attackers managed to inject a backdoor in the ASUS...
Continue reading
  0 Comments
0 Comments

Major U.S. Chemical Firms Hit by Cyberattack

LockerGoga ransom note
view counter
Operations at two major US-based chemical companies, Hexion and Momentive, were disrupted recently by a cyberattack reportedly involving LockerGoga, the ransomware that recently hit Norwegian aluminum giant Norsk Hydro. In press...
Continue reading
  0 Comments
0 Comments

DHS Warns of Vulnerabilities in Medtronic Defibrillators

view counter
The Department of Homeland Security (DHS) has issued an alert to warn of critical vulnerabilities impacting numerous Medtronic devices, which are exploitable with low skill level.  Residing in the Medtronic proprietary...
Continue reading
  0 Comments
0 Comments

Industrial Cybersecurity Firm CyberX Raises $18 Million

CyberX new funding round
view counter
Industrial cybersecurity firm CyberX on Monday announced that it raised another $18 million in a strategic funding round. The latest round was led by Qualcomm Ventures and Inven Capital, with participation...
Continue reading
  0 Comments
0 Comments

Second Critical Crypto Flaw Found in Swiss E-Voting System

More crypto vulnerabilities found in Swiss e-voting system
view counter
A second critical crypto vulnerability that can be exploited to hide vote manipulation has been discovered in the Swiss e-voting system, researchers revealed on Sunday. The Swiss government, specifically the Swiss...
Continue reading
  0 Comments
0 Comments

SWF Contributes to Group on Earth Observations

From March 21-22, Director of Space Applications Krystal Wilson represented SWF at the 13th GEO Programme Board meeting in Geneva, Switzerland. The group worked to review inputs to the 2020-2022 GEO...
Continue reading
  0 Comments
0 Comments

Watchdog: FEMA Wrongly Released Personal Data of Victims

view counter
The Federal Emergency Management Agency wrongly released to a contractor the personal information of 2.3 million survivors of devastating 2017 hurricanes and wildfires, potentially exposing the victims to identity fraud and...
Continue reading
  0 Comments
0 Comments

Cisco Patches High Severity Vulnerabilities in IP Phones

view counter
Cisco this week released security patches to address high severity vulnerabilities in its IP Phone 8800 Series and IP Phone 7800 Series.  A total of five vulnerabilities were addressed, all impacting...
Continue reading
  0 Comments
0 Comments

Pwn2Own 2019: Researchers Win Tesla After Hacking Its Browser

Researchers win Tesla Model 3 at Pwn2Own
view counter
A team of researchers has earned $35,000 and a Tesla Model 3 after hacking the vehicle’s web browser at the Pwn2Own 2019 competition that took place this week in Vancouver, Canada....
Continue reading
  0 Comments
0 Comments

UK Police Federation Hit by Ransomware

view counter
The UK Police Federation of England & Wales (PFEW) website was subject to a malware attack that it discovered on March 9, 2019. It appears that this was a ransomware attack;...
Continue reading
  0 Comments
0 Comments

Russian Hackers Target European Governments Ahead of Elections: FireEye

view counter
Hackers believed to be sponsored by the Russian government are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections, FireEye reports.  The targeting, the security firm says, is...
Continue reading
  0 Comments
0 Comments

Industry Reactions to Norsk Hydro Breach: Feedback Friday

Industry reactions to Norsk Hydro breach
view counter
Norwegian aluminum giant Norsk Hydro has been hit by a serious ransomware attack that caused disruptions at some of its plants and forced the company to turn to manual processes to...
Continue reading
  0 Comments
0 Comments

Microsoft Launches Defender ATP Endpoint Security for macOS

Microsoft Defender ATP Preview
view counter
Microsoft Brings Defender Advanced Threat Protection to macOS Microsoft this week announced the availability of its Microsoft 365 advanced endpoint security solution across platforms, courtesy of Mac support added to Microsoft...
Continue reading
  0 Comments
0 Comments

D.C. Attorney General Introduces New Data Security Bill

view counter
Karl A. Racine, the attorney general for the District of Columbia, on Thursday announced the introduction of a new bill that aims to expand data breach notification requirements and improve the...
Continue reading
  0 Comments
0 Comments

Observations From RSA Conference 2019

view counter
The RSA Conference is one of the premier events in the cybersecurity world. At times, it can be an overwhelming experience for vendors and attendees alike because of its massive scale...
Continue reading
  0 Comments
0 Comments

Researchers Earn $270,000 for Firefox, Edge Hacks at Pwn2Own 2019

Pwn2Own 2019
view counter
White hat hackers earned a total of $270,000 on the second day of the Pwn2Own hacking competition for demonstrating exploits against the Mozilla Firefox and Microsoft Edge web browsers. Amat Cama...
Continue reading
  0 Comments
0 Comments

Threat Hunting Tips to Improve Security Operations

view counter
From Ferdinand Magellan to Lewis and Clark to Neil Armstrong – humans have an innate desire to understand the unknown. In security operations, we see this phenomenon every day in several...
Continue reading
  0 Comments
0 Comments

Global Security Spend Set to Grow to $133.8 Billion by 2022: IDC

view counter
Global spending on security-related hardware software and services will grow at a compound annual growth rate (CAGR) of 9.2% between 2018 and 2022, to a total of $133.8 billion in 2022....
Continue reading
  0 Comments
0 Comments