article thumbnail

National Security Risks of Late-Stage Capitalism

Schneier on Security

The company outsourced much of its software engineering to cheaper programmers overseas, even though that typically increases the risk of security vulnerabilities. For a while, in 2019, the update server’s password for SolarWinds’s network management software was reported to be “solarwinds123.”

Risk 363
article thumbnail

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

The Last Watchdog

Here’s what you should know about the risks, what aviation is doing to address those risks, and how to overcome them. It is difficult to deny that cyberthreats are a risk to planes. Risks delineated Still, there have been many other incidents since. Fortunately, there are ways to address the risks.

Software 264
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Windows 7 End of Life Presents Hacking Risk, FBI Warns

Adam Levin

The FBI warned in a private industry notification published August 3 that companies and organizations still using Windows 7 are at risk. According to the FBI notification, continued use of the platform “creates the risk of criminal exploitation.”. Windows 7 users represented 98% of infected systems.

Risk 220
article thumbnail

Credit Reporting Companies Put Customer Data at Risk

Adam Levin

TransUnion, 2019: The credit reporting bureau reported the data compromise of 37,000 Canadians, however the nature and content of that compromise are not clear. . The post Credit Reporting Companies Put Customer Data at Risk appeared first on Adam Levin.

Risk 218
article thumbnail

U.S. CISA adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

CVE-2019-16278 – is a directory traversal issue in the function http_verify in nostromo nhttpd through 1.9.6 Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.” Versions up to 2.3.6 and unpatched 2.3.7 are affected, with active exploitation reported in October 2024 by PSAUX.

Firewall 123
article thumbnail

First American Financial Pays Farcical $500K Fine

Krebs on Security

In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. “The [employee] did not request a waiver or risk acceptance from the CISO.” ” Rasch said First American’s first problem was labeling the weakness as a medium risk. This week, the U.S.

Insurance 331
article thumbnail

NEW TECH: Juicing up SOAR — SIRP inserts risk-based analysis into network defense playbooks

The Last Watchdog

A new addition to the SOAR space is SIRP , a platform established in 2019 in the UK that combines security operations management with cybersecurity intelligence. Full automation is still some way off, but the data can be enriched based on certain automation and workflows, automating some 70 percent of the risk investigation.

Risk 191