It is not a secret that many people nowadays do not pay much attention when they surf the web at home or at work. There are new data breaches and exploits on a daily basis and still avoiding to take any precautions may result in a catastrophic consequences. Even the biggest corporations are paying millions of dollars so they can improve their cybersecurity and remain safe. However, if you still believe in some of the cybersecurity myths you may put your own computer or even your whole organization to a huge risk. We from CyberDB have decided to bust some of the top 5 cyber security myths and make it clear for you.

Continue reading

Baseball player getting to bat

According to 2017 reporting, Major League Baseball believed that the Boston Red Sox, at the time in first place in the American League East, used the Apple Watch to illicitly steal hand signals from opposing teams.  Allegedly, the Apple Watch was used to not only “steal” hand signals from opposing catchers in games using video recording equipment, but transmit the information likely to team trainers.  The theft of such information would help determine the type of pitch that was going to be thrown.  The recording of signals is strictly forbidden by league rules.

When it comes to targeting billion-dollar sports franchises, many would assume that cyber crime would be the foremost cyber actors behind the scenes.  Based on a 2015 report that estimated the professional sports market in North America to have an expected worth of $73.5 billion by 2019, it’s easy to see why.  Indeed, there have been several incidents where cyber crime operations have focused on professional sports teams.  In April 2016, the National Basketball Association Milwaukee Bucks players had their financial documents (player addresses, Social Security Numbers, and compensation) accidentally leaked due to a team employee falling victim to an e-mail scam.  The employee released players’ 2015 IRS W-2 documents to an emailer impersonating the team’s president. Also in 2016, a crippling TeslaCrypt ransomware attack impacted a NASCAR racing team.  An estimated $2 million worth of information was potentially lost prompting payment of the ransom to the criminals.

Continue reading

Cybersecurity podcast

In the past couple of years podcast are gaining popularity and are one of the easiest and most convenient way to learn the latest news and information.

Cybersecurity podcasts didn’t have a particular influence on the boom of podcast popularity as a whole, but there are still plenty of good shows that deserve your attention. Many IT people from simple observes to some of the biggest experts in the field have used this method to provide useful advices to the audience. Even some of the major enterprises are looking for the best cybersecurity podcasts to listen and take care for their IT infrastructure.

On CyberDB we have created a fresh list with some of the best podcasts related to cyber and information security. Check it out next time when you have some free time or even when you are stuck in traffic and want to learn something useful. These shows cover everything from simple endpoint and data security matters to comprehensive security operations and incidents. You are about to find a great range of topics, different opinions and anything that suits your listening needs. With so many great podcasts out there it’s impossible to feature them all in our list. Feel free to contact us if you want to share with us your favorite cybersecurity podcasts and include them in our list.

Continue reading

Bay Area Cyber Security Meetups 2018

Meetups are an amazing way to get together with people who share common interests. Of course, there are many websites that do the same, but nobody except Meetup has done something to help its’ users to meet offline as well. This platform brings individuals together and helps to create communities while having fun at the same time in a non-working environment. As a result, even the simplest ideas may become powerful movements when people are ready to share knowledge and improve their communication skills in real life, but not behind the PC. Most noteworthy, the moto of Meetup is to provide a way to explore your city, build your career and get creative.

Key benefits of Cyber Security Meetups:

  • Meetup helps you finding cool groups and events based on your current location
  • You can follow the local community or even organize events with a few clicks
  • It is a great way to meet people offline
  • Easy to advertise on and reach potential customers by promoting an event on Meetup
  • The user can distinguish between an ordinary member and an event organizer profiles
  • Meetup is useful for both individuals and companies

Therefore, the website can be quite useful for people with similar backgrounds who want to create new contacts and expand their network. It is very important especially among professionals in Information Technology and especially the Cyber Security industry. Cyber Security Meetups are becoming a very popular way for such professionals that usually work and live in the Bay Area. If you are one of them or just have some interest in the Cyber Security here is the list.

Continue reading

Recently, the U.S. Federal Trade Commission (FTC) is investigating whether Facebook, Inc. used personal data by an analytics firm associated with the Trump campaign.  Specifically, the FTC is trying to determine if the company violated terms of an earlier consent decree when 50 million users’ data was transferred to  Cambridge Analytica, a data and media consultancy firm.  To date, Cambridge Analytica has been accused of misrepresenting the purpose of some of its data mining, which yielded something like 30 million Facebook profiles it could comb for data.  This calls into question how consumer information is shared with other entities, particularly when consent was not provided.

 

Social Media & GDPR

 

This revelation has called into question how social media sights harvest the personal information from their platforms.  As one article pointed out, “Some large-scale data harvesting and social manipulation is okay until the election. Some of it becomes not okay in retrospect.”  This is indeed troubling in a time when personal information is constantly used by malicious actors for monetization purposes or used in support of the conduct of other operations (e.g., social engineering, spam, phishing, credential theft, etc.).  A recent report by a content marketing agency revealed that Facebook logins can be sold for USD $5.20.  Such access provides a criminal to a compromised individual’s contact list to target other individuals.  According to the same report, an individual’s entire online identity – to include personal identifiable information and financial accounts – could be sold for USD $1,200.00.  After initially denying the claim, Facebook acknowledged the breach and promised to take action.

Continue reading

Tallinn 2.0 May Be More Useful Than Its Predecessor

In early February 2017, Tallinn Manual 2.0 was published by Cambridge University Press.  Led by the NATO Cooperative Cyber Defence Centre of Excellence, publication of the initial Tallinn Manual occurred in 2013 and focused on the applicability of international law to conventional state-authorized and operated cyber warfare.  Authored by a group of international law experts, the recent follow-up focuses on a full spectrum of international law as applicable to cyber operations conducted by and directed against nation states, ranging from peacetime legal regimes to the law of armed conflict.

Continue reading

The Cyber Coordinator: Let the Dog Bite

Former New York Mayor Rudy Giuliani has been tapped to be the President’s new “cyber security czar.”  The appointment has been met with trepidation among those in the information security business who point out Mr. Giuliani’s lack of expertise in anything cyber-related, despite being Chair of the Cybersecurity, Privacy and Crisis Management Practice at a Miami-based law firm and advising companies on information security since 2002.  In fact, critics cite recent reporting revealing that passwords used by Giuliani and 13 other top staff members have been leaked in mass breaches of websites like LinkedIn, MySpace, and others between 2012 and 2016.

Continue reading