A report from the Government Accountability Office is highlighting systemic shortcomings in the Pentagon's efforts to prioritize cybersecurity at every level.

Living Security, a provider of security awareness software for enterprises, has closed on a $5 million Series A funding round led by Silverton Partners. Husband and wife Drew and Ashley Rose founded the company in June 2017 out of their home in Austin with the mission of making cybersecurity training more fun and engaging. Ashley Rose told Crunchbase News that having more employees working from home naturally leaves organizations and enterprises more vulnerable to cyber attacks. The premise behind Living Security is that because training is more fun, employees retain far more when training on cybersecurity. "We wanted to make cybersecurity more tangible for people by providing them with something fun to do while learning about it," Rose added. Deb Walter, AmerisourceBergen's manager of information security training, said that Living Security's use of gamification and "Small tidbits of information" has "Worked" for her organization when it came to training its associates.

Check out this quick read where cybersecurity experts Aaron Turner and Georgia Weidman discuss two-factor authentication and biometrics as means to securing one’s phone. Where they also go real briefly into dispelling some myths.

Here’s a little fun article on the marvel universe and the cyber security industry. Which company would you think would best fit each of the marvel characters we’ve come to love?

MarketWatch has picked Palo Alto as the Iron Man of the cyber security-marvel universe, as the “suit of armor around the world” - a belief appropriate in particular to this company as it is known for their firewalls.

What do you think?

People are one of the biggest security risks as we’re all prone to error. This article illustrates why its important to implement cyber security training in order to help minimize threats.

Emotet malware has found a new attack vector - utilizing already infected devices to identify new victims that are connected to nearby Wi-Fi networks. 

Nearly five years after the high-profile Ashley Madison data breach, hundreds of impacted websites users are being targeted by a new extortion attack this past week. Victims are receiving emails threatening to expose their Ashley Madison accounts, along with embarrassing data to family + friends on social media via emails, unless the Bitcoin ransom is paid.

For the second year in a row, malicious actors conducted more attacks against vehicle systems than security researchers and white-hat hackers, a trend that is unlikely to reverse, says Dan Sahar, vice president of products for Upstream Security.

Mobile malware attacks are expected to increase overall, they predict, after mobile banking malware jumped 50% in the first half of 2019 compared with 2018.

Maya Horowitz, director of threat intelligence and research states, “Surprisingly, mobile banking malware requres little technical knowledge to develop, and even less to operate.”

A researcher using Shodan - a search tool used to find vulnerable systems and servers, finds an open database on a July 4th search. The database appeared to be a catalog of all Honda internal computers, including computed used by the CEO and other execs.

r00tz Asylum aims to teach kids about the vulnerabilities that exist, especially in the election ecosystem - by exposing kids to these types of vulnerabilities, and educating them about white hat hacking. 

Would you allow for your children to join in? 

Here’s another fun data breach for you all - just a whopping 100M accounts compromised.

Unsuspecting owners may face a serious fire hazard, as researches have found a way to hack connected straighteners to turn on and increase the heating temp. to it’s max temp.

Facial recognition technology has become popular at airports, stadiums and many other sites - but with concerns about privacy, unveiling the facial recognition system will cease testing until further notice.

For students or those interested in cybersecurity - could you, or would you consider seeing yourself as a pen tester? This is just one of the many positions out there in the field of cybersecurity.

Disclaimer: Being a pen tester is NOT the same as being a hacker. 

Hackers favor weekdays for attacks

Researchers are finding that pre-compromise activity roughly is 3 times more likely to occur during the whole week. This is due to requiring a person to click on a phising email or perform another action. 

Source: https://threatpost.com/weekdays-attacks-share-resources/145685/

Gateway Infusion pump contains critical bug that puts critical lives at risk

There exists a critical bug in a connected medical device of which it can allow an attacker to remotely manipulate hospital pumps by either withholding meds or dispensing too much.

Source: https://threatpost.com/critical-bug-infusion-pump-lives-at-risk/145660/