From troyhunt.com
The greatest gift I can give my kids is a love of technology. I mean after all the usual Maslow’s hierarchy of needs stuff, of course, the thing that I (and many of my readers) can instil in our kids is a deep passion for this life-altering and possibly career-defining thing that increasingly defines our everyday being. And without doubt, the best educational technology thing I’ve ever brought home is my Prusa 3D printer. Here’s where it all started:
From helpnetsecurity.com
The global 5G infrastructure market size is expected to reach $80.5 billion by 2028, according to a study by Grand View Research. It is expected to expand at a CAGR of 49.8% from 2021 to 2028.
From tripwire.com
Attacks targeting critical infrastructure have been on the rise in recent years. Back in 2019, for instance, 56% of utility professionals responsible for overseeing risk in their organizations’ operational technology (OT) assets told Siemens and the Ponemon Institute that they experience at least one shutdown or operational data loss event a year. That’s about the same proportion (54%) of survey respondents who said they expected to see an attack on critical infrastructure in the next 12 months, reported HSToday.
From thehackernews.com
Cybersecurity researchers on Wednesday disclosed 14 vulnerabilities affecting a commonly-used TCP/IP stack used in millions of Operational Technology (OT) devices manufactured by no fewer than 200 vendors and deployed in manufacturing plants, power generation, water treatment, and critical infrastructure sectors.
The shortcomings, collectively dubbed “INFRA:HALT,” target NicheStack, potentially enabling an attacker to achieve remote code execution, denial of service, information leak, TCP spoofing, and even DNS cache poisoning.
NicheStack (aka InterNiche stack) is a closed-source TCP/IP stack for embedded systems that is designed to provide internet connectivity industrial equipment, and is incorporated by major industrial automation vendors like Siemens, Emerson, Honeywell, Mitsubishi Electric, Rockwell Automation, and Schneider Electric in their programmable logic controllers (PLCs) and other products.
From helpnetsecurity.com
Supply chain attacks have been a concern for cybersecurity experts for many years because the chain reaction triggered by one attack on a single supplier can compromise a network of providers. Malware is the attack technique that attackers resort to in 62% of attacks.
From ehackingnews.com
The representatives of the company Positive Technologies reported that the hacker group APT31, known for its attacks on state structures of different countries, attacked Russian companies for the first time. A number of experts associate the APT31 group, which also appears under the names Hurricane Panda and Zirconium, with the Chinese special services.
The representative of Positive Technologies did not disclose the number of attacked companies and their names, as well as the damage caused. He explained it by the confidentiality policy.
According to Positive Technologies experts, since the spring of 2021, APT31 has begun to expand the geography of attacks and use a new method of hacking and infecting gadgets.
From helpnetsecurity.com
Here’s a transcript of the podcast for your convenience.
Hi, I’m Ben Herzberg, Chief Scientist at Satori. In case you don’t know Satori, what we do at Satori is streamline data access and security with DataSecOps. We’re simplifying and securing data access to data stores, such as Snowflake, Redshift, PostgreSQL, and others. That means for example, things like allowing easy self-service access to data sets, approval workflows, security policies on data access, and more.
Today we’re going to talk about DataSecOps, what is DataSecOps and why it matters. But before speaking about data, let’s have a fast recap of what happened with application security when the industry moved to CI/CD and DevOps.