Cyber attacks occur in the blink of an eye. A single point of infection can spread like wildfire from endpoint to endpoint; location to location; and business to business. Traditional approaches to protection rely heavily on manual processes and preestablished policies to block attacks that fail to keep up with the ever-evolving nature of threats. Parsing through huge … [Read more...]
Why Government Vulnerability Disclosure Processes Need Private Sector Involvement
Most people are either staunchly for or against the practice of governments finding and concealing zero-day exploits for use in cyber warfare or information gathering campaigns. What’s often overlooked, though, are perspectives that this issue can be a lot more gray than it is black and white. Did you know that the US government actually has a process in place to assess both … [Read more...]
Bleedingbit Bleeds Bluetooth
A new Bluetooth vulnerability called Bleedingbit came out yesterday, affecting Bluetooth APs if they use a Texas Instruments chip. With many IoT devices using Bluetooth including TVs, cellphones, locks, and modern cars there are a lot of potential devices that could be exploited. Before we dive in, if you are a WatchGuard customer, you're probably wondering if you are … [Read more...]
How to Defeat Malicious Everything as-a-Service
In the sharing & collaborative economy we live in, we are witnessing two major trends at play. First, an increasing number of people are getting online. Recent statistics suggest that 4 billion people around the world are now using the internet (this is half of the world’s population): https://wearesocial.com/blog/2018/01/global-digital-report-2018 Second, the … [Read more...]
Meltdown and Spectre CPU Vulnerabilities
On 3 January 2018, security researchers at Google, Graz University of Technology, and several other education institutions disclosed multiple vulnerabilities found in most modern Intel, AMD and ARM processors. The more severe vulnerability, Meltdown (CVE-2017-5754), appears isolated to Intel processors developed in the last 10 years. Spectre (CVE-2017-5715 and CVE-2017-5753) on … [Read more...]
