Lessons From Uber: How NOT to Respond to a Cybersecurity Incident

After suffering a major data breach six years ago, you would think that a company like Uber would be ready for more cyberattacks, but here we are. How did we get here? [insert flashback music] It was late 2016. Cyberattackers quietly breached the security perimeter of Uber networks and accessed the personal data of 57 […]

featured Image

It’s Not Just About Your SSN — It’s About Protecting Your PII

TL;DR Tech giant Samsung suffered two major data breaches this year. It alerted those customers who were affected. Now there’s a class-action lawsuit against the company. On Sept. 6, 2022, a class-action lawsuit was filed against Samsung Electronics America, Inc. (hereinafter “Defendant” and/or “Samsung”). Plaintiff Shelby Harmer and thousands of individuals (hereinafter referred to as […]

featured Image

#HootHoot Meeting Owls Security Vulnerabilities Have Been Patched, Have Yours?

In January 2022, cybersecurity researchers at Modzero reported a handful of security vulnerabilities to Owl Labs regarding their 360-degree videoconferencing Meeting Owl, Meeting Owl Pro, Meeting Owl 3, and Whiteboard Owl. Owl Labs has since released patches for these vulnerabilities. (The below is the Meeting Owl 3, as shown at InfoComm 2022.) The security patches […]

featured Image

SecuringAV: The iPhone Spyware Vulnerability

What YOU Can Do To Prevent Hackers From Hijacking Your Smart Device’s Microphone   For each column in this series, rAVe writer Paul Konikowski takes a deeper dive into a recent security event or data breach, shedding light on supply chain vulnerabilities, infrastructure and cyber-physical security. OMG, did you watch the Apple “Unleashed” stream? No, not the […]

featured Image

SecuringAV: The Colonial Pipeline Ransomware Cyberattack — Part 2

What motivates a hacker or group of cyberattackers? The answer is typically money. For each column in this series, rAVe writer Paul Konikowski takes a deeper dive into a recent security event or data breach, shedding light on supply chain vulnerabilities, infrastructure and cyber-physical security. The Colonial Pipeline ransomware attack in May of 2021 caused […]

featured Image

SecuringAV: The Colonial Pipeline Ransomware Cyberattack — Part 1

Why did the pipeline get shut down if the hackers only attacked the business end?  For each column in this series, rAVe writer Paul Konikowski takes a deeper dive into a recent security event or data breach, shedding light on supply chain vulnerabilities, infrastructure and cyber-physical security. By now, most people heard about the Colonial […]

featured Image

SecuringAV: The Remote Desktop Attack on a Florida Water Treatment Plant

For each column in this series, rAVe writer Paul Konikowski takes a deeper dive into a recent security event or data breach, shedding light on supply chain vulnerabilities, infrastructure and cyber-physical security. In my last “SecuringAV” column about the Nashville Christmas morning bombing, I did my best to define what “infrastructure project” meant using the […]

featured Image

SecuringAV: The Christmas Morning Bombing in Nashville

For each column in this series, rAVe writer Paul Konikowski takes a deeper dive into a recent security event or data breach, shedding light on supply chain vulnerabilities, infrastructure, and cyber-physical security. In my last SecuringAV column about the SolarWinds hack attack, I asked rAVe readers an open-ended question: If extremists think that Big Tech is […]

featured Image

Securing AV: The SolarWinds Attack of 2020 (Actually 2019)

For each column in this series, rAVe writer Paul Konikowski takes a deeper dive into a recent security event or data breach, shedding light on supply chain vulnerabilities, infrastructure, and cyber-physical security. While most Americans are still processing the recent attack on the United States Capitol building, many cybersecurity researchers and professionals believe the real […]

featured Image

Are We Gonna Talk About Zoom ‘Being on Probation’ for 20 Years by the FTC, or Nah?

So…are we gonna talk about Zoom “being on probation” for 20 years by the FTC, or nah? — Erica Williams (@haircutfw) November 13, 2020 On Nov. 9, 2020, the United States Federal Trade Commission announced a pending settlement with Zoom Video Communications, Inc. According to FTC Matter/File Number: 192 3167, “Zoom Video Communications, Inc. will […]

featured Image

Updated: How Zoom’s Recent Success Has Put Them Square in the Security Spotlight

P.T. Barnum is credited for saying,”There’s no such thing as bad publicity.” You may have heard other variations of this old saying, such as “There’s no such thing as bad press.” Does this apply to recent headlines about Zoom? If you have lost track, I will do my best to summarize and put it all […]

featured Image