Security Week

US Agencies Share Guidance to Help Secure OT/ICS Critical Infrastructure

The joint advisory describes the five typical steps involved in planning and executing such an attack. The agencies believe that understanding threat actors’ TTPs can be useful for implementing protections and countering adversaries.

European Spyware Investigators Criticize Israel and Poland

The committee is investigating the use by governments of Israel’s Pegasus spyware and other invasive surveillance tools, viewing such technology as a threat to democracy in the 27-nation bloc.

Update: Cyberattackers Steal Passenger Data From Portuguese Airline

Portugal’s national airline TAP Air Portugal says hackers obtained the personal data of some of its customers and have published the information on the dark web. No payment data was taken in the cyberattack, the flag carrier said in a statement.

EU Court Rules Against German Data Collection Law

Firms Telekom Deutschland and SpaceNet took action in the German courts challenging the law that obliged telecom companies to retain customers' traffic and location data for several weeks.

Quantifying ROI in Cybersecurity Spend

When it comes to cybersecurity, there are too many variables on both the attack and defense sides to easily calculate the return on investment (ROI) for specific expenditures.

Vulnerability Management Fatigue Fueled by Non-Exploitable Bugs

Companies are faced with a backlog of 100,000 vulnerabilities within their systems. Not all are exploitable – in fact, 85% cannot or cannot really be exploited. Nevertheless, 15,000 remaining vulnerabilities is a frightening number.

Eyeglass Reflections Can Leak Information During Video Calls

A group of academic researchers have devised a new method of reconstructing text exposed via participants’ eyeglasses and other reflective objects during video conferences.

Managed SOC Services Provider Cyrebro Raises $40 Million

The new funding round was led by Koch Disruptive Technologies (KDT) and Elaia, with additional investment from existing investors Bank Mizrachi, InCapital Group, Mangrove Capital Partners, and Prytek.

Water Tank Management System Used Worldwide Has Unpatched Security Hole

A water tank management system used by organizations worldwide is affected by a critical vulnerability that can be exploited remotely and the vendor does not appear to want to patch it.

Starbucks Singapore Says Customer Database Breached

The customer database was breached online, with local media reporting that 200,000 people's information was stolen. However, the company said that no credit card details were taken as it does not store them.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags