VPNFilter is a current malware designed to infect routers. As of 24 May 2018, it is estimated to infect approximately 500,000 to 1,000,000 routers worldwide. It can steal data, contains a "kill switch" designed to destroy the infected router on command, and is able to persist should the user reboot the router. The FBI [...]
By Dr. Ulrich Lang, CEO The press is full of coverage of Facebook's privacy breaches. The sad part of the story is that many security and privacy professionals (including myself) have been working for years to create awareness and educate about the issues that are (if you would believe the press coverage) just coming [...]
The Internet of Things (IoT) is the network of physical devices, vehicles, home appliances and other items embedded with electronics, software, sensors, actuators, and connectivity which enables these objects to connect and exchange data[i]. The IoT is going to be transformational – significantly impacting most industries and parts of society. Experts estimate that [...]
1. Increased adoption of risk-based and biometric authentication tools Anthem and Equifax breaches have raised some very serious questions on password-only authentication options. Service providers as well as consumers are now looking for alternatives that will reduce the risk of data breach. As risk-based authentication tools assess the background behavior and other data of [...]
COACH (an EU IST project 2002-2004) - developed a component based open source architecture for distributed telecom applications. COACH realises a flexible and complete Open Source component framework based on the CORBA Component Model (CCM) standard of the Object Management Group (OMG). COACH allows the rapid transformation of architecture and design level components to execution [...]
CRISIS (a multi-year EU FP6 R&D project 2010-2013) was conceived as a 3D immersive virtual world in which major incidents occur. Trainees are presented with a real-time evolving situation such as a train crash resulting in fires, explosions, increasing casualties and resources distributed around in a 3D virtual world. The trainee is required to [...]
What is wrong with CyberSecurity? According to an article in The Hill the new DHS breach illustrates perfectly what is wrong with today's cyber security practices. They say that "organizations should focus less on how a breach occurred (hacking, insider, fraud, etc.) and focus more on building up and preserving customer trust in their [...]
Firewalls come in many forms and often do not offer enough protection. In this blog post I describe a little project I've done to see how we can use a hardware firewall with Suricata based intrusion prevention in a somewhat portable way. Paranoid or necessary? I'd say necessary, considering the myriad of attacks that [...]
Walk virtually through your information flows. ObjectSecurity OpenPMF now supports virtual reality and 3D (beta version). OpenPMF 3D automatically creates a graph (nodes + edges) visualization of the imported information about your systems and applications alongside the "drag and drop" visualization that has been supported for several years. [...]
IIoT applications bring many ICS security risks to critical industries like manufacturing, energy, oil and gas, chemical, transportation. As a part of CEO Insights, Dr. Ulrich Lang, Co-founder and CEO of ObjectSecurity, explains what are the most critical cybersecurity risks, how to address them, and also what are the challenges and opportunities in this [...]