Continuity Management and Technology Services – News Reblog

New Attack exploiting serious Bluetooth weakness can intercept sensitive data – Ars Technica

August 17, 2019

Dubbed Key Negotiation of Bluetooth—or KNOB for short—the attack forces two or more devices to choose an encryption key just a single byte in length before establishing a Bluetooth connection. Attackers within radio range can then use commodity hardware to quickly crack the key. From there, attackers can use the cracked key to decrypt data passing between the devices. The types of data susceptible could include keystrokes passing between a wireless keyboard and computer, address books uploaded from a phone to a car dashboard, or photographs exchanged between phones.

Link

Information Security

Rebalancing NIST: Why ‘Recovery’ Can’t Stand Alone

April 19, 2024

Information Security

Newly detailed ‘Tycoon 2FA’ phishing kit bypasses multifactor authentication – SiliconANGLE

March 27, 2024

Risk Management

Measles outbreak prompts health warning | NBC4 WCMH-TV

March 27, 2024

New Attack exploiting serious Bluetooth weakness can intercept sensitive data – Ars Technica

More Stories

Rebalancing NIST: Why ‘Recovery’ Can’t Stand Alone

Newly detailed ‘Tycoon 2FA’ phishing kit bypasses multifactor authentication – SiliconANGLE

Measles outbreak prompts health warning | NBC4 WCMH-TV

Continuity Management

“Unprecedented” Google Cloud event wipes out customer account and its backups | Ars Technica

It’s been a bad week for public cybersecurity | TechRadar

Cellphone outage hits AT&T customers nationwide; Verizon and T-Mobile users also affected | Fox Business

Overheating datacenter stopped 2.5 million bank transactions • The Register

Technology Management

Dell API abused to steal 49 million customer records in data breach

Rebalancing NIST: Why ‘Recovery’ Can’t Stand Alone

Newly detailed ‘Tycoon 2FA’ phishing kit bypasses multifactor authentication – SiliconANGLE

How the New NIST 2.0 Guidelines Help Detect SaaS Threats

Crisis Management

Johnson Controls says ransomware attack cost $27 million, data stolen

First American takes IT systems offline after cyberattack

Biggest global threat since 1930s looms and every CEO talking about it

Ace holed: Hardware store empire felled by cyberattack • The Register

Emergency Management

How to Align Your Incident Response Practices With the New SEC Disclosure Rules – SecurityWeek

Why the toxins from the Ohio train derailment could have posed deadly threats for residents nearby – ABC News

Train derails, goes up in flames in Ohio, causes half of town to evacuate – ABC News

Shrinking Mississippi River Puts American Farm Trade at Risks

Risk Management

Measles outbreak prompts health warning | NBC4 WCMH-TV

CISA hit by hackers, key systems taken offline

Insurance giant Fidelity hit by data breach — thousands of customers may have had data stolen | TechRadar

BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare – Krebs on Security

Compliance

Liberty University fined $14 million by Dept. of Education over failure to comply with campus safety standards | Fox News

Be Ready For The Brussels Effect — It’s Coming To Data And AI

Revisit Your Password Policies to Retain PCI Compliance

Payment card security remains lax, says Verizon Business report | ZDNet