- New OWASP Mobile Top Ten: Know What Changedby info@securityinnovation.com (Security Innovation) on March 20, 2024 at 12:00 pm
The OWASP Mobile Application Security Verification Standard (MASVS) version 2.1.0 was released in January 2024, containing new, updated, merged, and re-prioritized threat categories. The changes better reflect the current cyber threat landscape, giving mobile developers a stronger advantage in securing apps across platforms.
- Women in Cybersecurity: Rocking Code Ahead of Their Timeby info@securityinnovation.com (Security Innovation) on March 5, 2024 at 5:48 pm
March 1st kicks off Women’s History Month in the U.S., which was launched in 1987 as a celebration of women’s contributions to history, culture, and society. To celebrate, we’re highlighting women who were pioneers in the field of cybersecurity. Their contributions in the areas of coding, analysis, pattern matching, and computing laid the foundation for today’s cyber defenses. These ladies were rocking code before the internet was invented.
- CMD+CTRL Training: Q1 2024 Release in Reviewby jlazu@securityinnovation.com (Jose Lazu) on February 14, 2024 at 8:50 pm
Q1 CMD+CTRL UPDATE: 2 NEW COURSES AND 9 NEW LABS Security Innovation is proud to add two new courses and nine new labs to the CMD+CTRL training catalog for Q1 2024. Concentrating primarily on AI Privacy and Risk, .NET Programming, Secure Android Development, Secure Coding labs based on CWE Top 25 vulnerabilities, and Host Vulnerability Scanning. All new content will be available to learners on February 14, 2024.
- Preventing Initramfs Attacks in TPM-Based Disk Encryptionby Max Arnold on December 15, 2023 at 1:05 pm
This is a 2-part series where we’ll explore vulnerabilities in systems that use Trusted Platform Modules (TPMs) for disk encryption, exposing the risks of unverified initramfs images and bus sniffing attacks. In this article, we’ll look at how disk encryption uses the initramfs and you’ll see why using PCR 9 is so important for properly securing a system.
- Stopping Bus Sniffing with TPM Parameter Encryptionby Max Arnold on December 15, 2023 at 1:00 pm
In my previous post, I explained how TPM disk encryption works and how simply including PCR 9 fixes a relatively major security hole in many setups. This time I’m looking at a hardware attack, bus sniffing. This attack also works against Windows BitLocker, although the solution can’t be implemented on Windows unless you happen to work at Microsoft.
Application and Cybersecurity
Major cyber attacks could occur within the next two years and target major points of the country’s infrastructure according to Accenture.
Auscert Security Bulletins Latest published security bulletins.
Bing Blog - Japan Blogs website covering latest features on Bing in Japan.
Advanced Persistent Threats Latest News And Events
The cyber attack on Optus was apparently so unsophisticated, some analysts say a primary school student could have pulled it off.
U-M hospital and Mott Children’s Hospital in Ann Arbor's websites were down on Monday following a cyber-attack but tonight they are back up and running.
The City of Germantown, a community in Tennessee, reported on social media that their city government was experiencing a malicious cyber attack incident.
The Latest on Computer Hacking
Classes are cancelled for Des Moines Public Schools after their internet and network services were taken offline following an apparent cyber attack.
Hackers made off with $6 million that belonged to New Haven Public Schools following a cyber attack on the Chief Operating Officers emails.
Romance scams are affecting more and more Americans, one Arizonan who fell victim to such a scheme to defraud people of their money.
Dr. Christopher Mansour, a Cyber Security expert and Mercyhurst Professor discusses swatting and how serious it is.