BayPay Members Blogs

This additional resource is sponsored by The BayPay Forum.

Threat Actor Poisons OpenPGP Certificates

view counter
Poisoned certificates are in the OpenPGP SKS keyserver network after an unknown threat actor targeted the OpenPGP certificates of two high-profile community contributors. The attack happened in the last week of...
Continue reading
  0 Comments
0 Comments

Cyber Deception Company TrapX Raises $18 Million

view counter
TrapX Security, a Silicon Valley-based company that provides cyber defense solutions powered by deception technology, on Monday announced that it raised $18 million in a Series C funding round. The latest...
Continue reading
  0 Comments
0 Comments

'Good Chance' for More US Exports to Huawei: Trump Aide

view counter
As the United States and China pursue trade talks, there is a "good chance" that more US firms will be granted licenses to sell products to controversial Chinese telecoms giant Huawei,...
Continue reading
  0 Comments
0 Comments

Dridex Employs Polymorphism in Recent Campaign

view counter
A recent campaign featuring the Dridex banking Trojan has shown extensive use of randomly generated variables and URL directories, eSentire’s security researchers reveal. Around for more than half a decade, Dridex...
Continue reading
  0 Comments
0 Comments

Trump Hints at Softer Stance on China's Huawei

view counter
President Donald Trump said on Saturday that US companies could sell equipment to Chinese telecom giant Huawei, indicating a potentially softer position on a key sticking point in the US-China trade...
Continue reading
  0 Comments
0 Comments

Singapore Government Announces Third Bug Bounty Program

view counter
Singapore on Monday announced its third bug bounty program aimed at testing the security of public-facing government systems. The latest bug bounty program, similar to the previous two, will be hosted...
Continue reading
  0 Comments
0 Comments

Massachusetts City Bans Facial Recognition Technology

view counter
A Boston suburb has voted to ban the use of facial recognition technology by police and other city departments. The Somerville City Council on Thursday voted 11-0 to bar the technology...
Continue reading
  0 Comments
0 Comments

Some Medtronic Insulin Pumps Vulnerable to Hacker Attacks

Medtronic MiniMed insulin pump vulnerable to hacker attacks
view counter
Medtronic and the US government have warned that some Medtronic MiniMed insulin pumps are vulnerable to hacker attacks that can have serious consequences for their thousands of users. Advisories have been...
Continue reading
  0 Comments
0 Comments

Italy Fines Facebook Over Cambridge Analytica Case

view counter
Italy's data protection watchdog slammed Facebook Friday with a fine of one million euros ($1.1 million) for violating privacy laws over the Cambridge Analytica scandal. The penalty was for "illegal actions...
Continue reading
  0 Comments
0 Comments

"Silexbot" Malware Bricks IoT Devices

view counter
A new piece of malware is targeting improperly secured Internet of Things (IoT) devices with the purpose of bricking them, Akamai’s security researchers have discovered. Dubbed Silexbot, the bot is apparently...
Continue reading
  0 Comments
0 Comments

Provider of Data Integration Services for Fortune 100 Firms Exposed Sensitive Files

view counter
Attunity, a Qlik-owned data integration and big data management company whose solutions are used by over 2,000 enterprises and half of the Fortune 100 firms, exposed a significant amount of sensitive...
Continue reading
  0 Comments
0 Comments

New Spelevo Exploit Kit Spreads via B2B Website

view counter
A newly discovered exploit kit is being disseminated via a compromised business-to-business website, Cisco Talos security researchers report. Although the activity surrounding exploit kits (EKs) has diminished significantly following the demise...
Continue reading
  0 Comments
0 Comments

Industry Reactions to Nation-State Hacking of Global Telcos

Industry reactions to Norsk Hydro breach
view counter
On June 25, 2019, Cybereason reported that hackers, most likely China's state affiliated APT10 group, had comprehensively hacked numerous telecommunications companies around the world. The immediate purpose was to steal mobile...
Continue reading
  0 Comments
0 Comments

Baltimore Approves $10M in Funding for Cyber Attack Relief

view counter
Baltimore City officials approved using $10 million in excess revenue to cover the ongoing cost of the cyber attacks that immobilized some of the city’s systems almost two months ago. WBAL...
Continue reading
  0 Comments
0 Comments

Russian Tech Giant Yandex Targeted With 'Regin' Malware: Report

view counter
Hackers believed to be working for Western intelligence agencies breached the systems of Russian tech giant Yandex last year as part of an attack that involved a new variant of the...
Continue reading
  0 Comments
0 Comments

Former Equifax Executive Gets 4 Months for Insider Trading

view counter
A former Equifax executive who sold stock a week and a half before the company announced a massive data breach was sentenced Thursday to serve four months in federal prison for...
Continue reading
  0 Comments
0 Comments

US Cyber Attack on Iran: Search to Exploit Flaw

Iran vs US cyberwar
view counter
A cyber attack on Iranian missile systems , claimed by the US last week, would have had to exploit a flaw in the heavily-guarded network, experts say. Citing US official sources,...
Continue reading
  0 Comments
0 Comments

Many Potential Backdoors Found in Huawei Equipment: Study

Huawei comparison to other vendors
view counter
A report published this week by US-based firmware and IoT security solutions provider Finite State shows that Huawei equipment is affected by many vulnerabilities, including potential backdoors, and the company’s devices...
Continue reading
  0 Comments
0 Comments

Iranian Cyberspies Update Infrastructure Following Recent Report

view counter
The Iran-linked cyberespionage group APT33 has updated its infrastructure following a March 2019 report detailing its activities , according to researchers from Recorded Future. Also referred to as Elfin, APT33 has...
Continue reading
  0 Comments
0 Comments

ENISA Transforms to European Union Agency for Cybersecurity

view counter
A New ENISA to Develop New Harmonized European Security Certifications The EU Cybersecurity Act came into force on June 27, 2019. The temporary European Union Agency for Network and Information Security...
Continue reading
  0 Comments
0 Comments