BayPay Members Blogs

This additional resource is sponsored by The BayPay Forum.

The Active Cyber Defense Bill is Back on the Table

view counter
Rep. Tom Graves, R-Ga., is reintroducing his Active Cyber Defense Bill today. He first floated the idea in March 2017 , and published an updated version in May 2017. It was...
Continue reading
  0 Comments
0 Comments

Surveillance-Savvy Hong Kong Protesters Go Digitally Dark

view counter
Hong Kong's tech-savvy protesters are going digitally dark as they try to avoid surveillance and potential future prosecutions, disabling location tracking on their phones, buying train tickets with cash and purging...
Continue reading
  0 Comments
0 Comments

Converging on a Better Approach to Security

view counter
Security organizations are grappling with anywhere from five to 50+ different security vendors and solutions. These disparate products each generate their own set of alerts which quickly becomes overwhelming. Of the...
Continue reading
  0 Comments
0 Comments

Aircraft Parts Maker ASCO Severely Hit by Ransomware

view counter
Belgium-based aircraft parts maker ASCO Industries has been severely hit by a ransomware attack that started last week. Founded in 1954, ASCO has four manufacturing plants in Belgium, the US, Canada...
Continue reading
  0 Comments
0 Comments

Android’s Security Key Now Works with iOS Devices

view counter
Starting this week, Android phones can be used to verify sign-ins on Apple iPads and iPhones, Google announced.  The capability is enabled by the recently introduced 2-Step Verification (2SV) method that...
Continue reading
  0 Comments
0 Comments

Critical Vulnerabilities Found in WAGO Industrial Switches

WAGO industrial switch
view counter
A researcher at security services and consulting company SEC Consult discovered that some industrial managed switches made by WAGO are affected by several serious vulnerabilities. The flaws impact WAGO 852-303, 852-1305...
Continue reading
  0 Comments
0 Comments

XSS Vulnerability Exposed Google Employees to Attacks

XSS in Google invoice service
view counter
A researcher revealed on Wednesday that he discovered a blind cross-site scripting (XSS) vulnerability that could have been exploited to attack Google employees and possibly gain access to invoices and other...
Continue reading
  0 Comments
0 Comments

Blockchain Security Startup Fireblocks Emerges From Stealth With $16 Million in Funding

view counter
Fireblocks Emerges From Stealth Mode to Protect Digital Assets in Hot Wallets and Transit Fireblocks , a blockchain security provider, has emerged from stealth after closing a $16 million Series A...
Continue reading
  0 Comments
0 Comments

Majority of FTSE 250 Companies Expose Multiple Weaknesses to Internet: Analysis

DDoS Attack Report
view counter
Rapid7 has analyzed the visible cyber exposure of some of the UK's largest companies -- the FTSE 250 . It did this by using its proprietary internet-wide Project Sonar scanning platform,...
Continue reading
  0 Comments
0 Comments

Security First in the Cloud Wars

Cloud Security Benefits
view counter
“The Cloud Wars” may be dominating IT news headlines, but what does this phrase actually mean? And is it something that an enterprise needs to be concerned with?  Beyond the ongoing...
Continue reading
  0 Comments
0 Comments

Cloud Visibility Firm Orca Security Emerges From Stealth Mode

Orca Security
view counter
Israel-based cloud visibility solutions provider Orca Security on Wednesday emerged from stealth mode with $6.5 million in seed funding from YL Ventures. The Orca Cloud Visibility Platform leverages patent-pending technology named...
Continue reading
  0 Comments
0 Comments

Senators Question FBI on Russian Hack of Voting Firm

view counter
Two U.S. senators asked the FBI on Wednesday to explain what it has done to investigate the suspected hack by Russian intelligence of a Florida-based voting software company before the 2016...
Continue reading
  0 Comments
0 Comments

Telegram Hit by Cyber-attack, CEO Points to HK Protests, China

view counter
Encrypted messaging service Telegram suffered a major cyber-attack that appeared to originate from China, the company's CEO said Thursday, linking it to the ongoing political unrest in Hong Kong. Many protesters...
Continue reading
  0 Comments
0 Comments

Brian Weeden Quoted in Vice on Commercial Activities at the International Space Station

NASA officials announced last week that the agency will begin renting out the International Space Station (ISS) for commercial activities for the first time. The policy opens the door to for-profit...
Continue reading
  0 Comments
0 Comments

Microsoft Patches Critical Vulnerabilities in NTLM

view counter
Microsoft on Tuesday released security patches for nearly 90 vulnerabilities , including two Critical bugs impacting the proprietary authentication protocol NTLM.  Tracked as CVE-2019-1040 and CVE-2019-1019, the two security issues consist...
Continue reading
  0 Comments
0 Comments

How Insecurity Can Bolster Your Security Program

view counter
Insecurity Can Help Organizations Continually Learn and Make Changes It’s always better to deal with issues in an orderly and strategic manner, long before they become a crisis.  Unfortunately, many organizations...
Continue reading
  0 Comments
0 Comments

Email Security Firm Vade Secure Raises $80 Million

view counter
Email-focused cybersecurity firm Vade Secure has agreed to a €70 million (approximately US$79.3 million) investment by venture capital firm General Catalyst.  The company provides what it calls “predictive email defense” and...
Continue reading
  0 Comments
0 Comments

Awareness Training Firm CybeReady Opens U.S. Office With $5 Million Funding

view counter
Following four years of self-funded fine-tuning in Europe, start-up security awareness firm CybeReady has expanded into the U.S. market with an initial funding round of $5 million led by Baseline Ventures....
Continue reading
  0 Comments
0 Comments

Flaw in Evernote Extension Allows Hackers to Steal Data

view counter
A vulnerability identified by researchers in a popular Evernote extension for Chrome can be exploited by hackers to steal sensitive information from the websites accessed by a user. The research team...
Continue reading
  0 Comments
0 Comments

Microsoft Patches Privilege Escalation Flaws Disclosed by 'SandboxEscaper'

view counter
Microsoft’s Patch Tuesday updates for June 2019 resolve nearly 90 vulnerabilities, including the privilege escalation flaws disclosed recently by a researcher known as SandboxEscaper. Over the past year, SandboxEscaper has identified...
Continue reading
  0 Comments
0 Comments