Old Security Standards, Verizon DBIR, Cybersecurity for Kids: May 17th-23rd, 2020

Your Weekly Cybersecurity News Roundup

PlexTrac is pleased to announce the launch of a new weekly series called Byte Sized News. This series aims to inform readers about the week’s biggest cybersecurity news, headlines, stories and developments. These stories will be presented to readers in one convenient, easy to digest blog post. There is a lot of new information about the cybersecurity industry every day, and it can be hard to “Track Signal Through The Noise“. The overarching purpose of the series isn’t to provide details on every story and topic, but rather to fill busy professionals in on the most compelling developments in the field.

Without further ado, let’s get to this week’s biggest cybersecurity news stories!

Our first story this week from Security Boulevard is focused on the outdated cybersecurity standards the United States currently has in place for many high-risk chemical facilities. The US Government Accountability Office (GAO) issued a report this week that claims that the cybersecurity guidance for the plants haven’t been updated in 10 years. This fact leaves the plants open to many threats and opportunities for technological advances on limited and outdated defenses.

(Read the full article from Security Boulevard here)

An Unpatched Bluetooth Security Bug Allows Attackers to Spoof Paired Devices

This story from Threat Post claims that academic researchers have uncovered a bug in many bluetooth chips that allows attackers to infiltrate devices paired via bluetooth and inject them with rogue devices. This specific bug allows for Bluetooth Impersonation Attacks (BIAS) on many different device types, such as phones and laptops. Bluetooth chips from Apple, Samsung, and Intel chips are among those susceptible to compromise.

(Read the full article from Threat Post)

A Major XSS Vulnerability is Uncovered in Google Voice Browser Extension

Our next story from The Daily Swig focuses on a DOM-based cross-site scripting (XSS) vulnerability found in the Google Voice browser extension.  The Google Voice extension is one that is used to send text messages and initiate calls through voice commands on the Chrome browser. However, the XSS vulnerability in the extension leaves Chrome users exposed to many JavaScript execution attempts, either through a malicious link or email.

(Read the full article from The Daily Swig)

Verizon's DBIR 2020 is Live!

This story comes directly to us from Verizon. The Verizon Data Breach Investigation Report (DBIR) 2020 is a free report released yearly by Verizon that aims to provide data and insightful analysis of security incidents and data breaches. The DBIR has been published every year since 2008, and the 2020 version continues the trend with a dissection of thousands of data breaches. The ultimate goal of the DBIR is to help you “protect your organization from cyberthreats”.

(You can learn more about the 2020 DBIR here) 

This Virtual Cybersecurity School Teaches Kids to Fix Security Issues

The final story we want to highlight this week is an awesome one from CNN Business. The story focuses on a program called the “Cybersecurity Discovery Program” which was started in the UK three years ago. This program, aimed at children, is one that features many games and lessons to teach kids how to identify and solve security flaws of all sorts. These activities teach skills like fixing webpage flaws, discovering trails left by cybercriminals, and decrypting codes used by hackers. The program has inspired many young kids to pursue a career in cybersecurity, which is amazing to hear.

(Read the full article from CNN Business)

Check Out Our Latest Posts