Millions of Exim Mail Servers Are Currently Being Attacked
Millions of mail servers running vulnerable Exim mail transfer agent (MTA) versions are currently under siege, with attackers gaining permanent root access via SSH to the exploited machines according to security researchers.
‘We need to get rid of passwords’: Meet the woman pushing cyber security to ‘grow up’
“Cyber security, in my opinion, needs to grow up a bit.” Ann Johnson, senior vice-president with Microsoft and lead for the company’s enterprise cyber security, is trying to change things from within. “I’m trying to use this platform to change the industry, not just to bring tech to market but to try to change it and make it grow up.”
My Voice Is My Ultimate Password – How Biometrics Can Keep Hackers At Bay
Citrix, a company which works with the likes of the FBI and US military, recently hit the headlines when it fell victim to hackers. The cyber criminals allegedly used a technique called password spraying, which exploits weak passwords. This is just one example of why the traditional username and password combination is no longer fit for purpose, in both our personal and business life.
JOBS
The Unemployment Rate for U.S. Tech Workers Just Hit the Lowest Number Ever Recorded
The last time the labor market for U.S. tech workers ran this hot was January, 2000 – the same month Pets.com splashed out $1.2 million on a Super Bowl ad (the Saint Louis Rams went on to win the game), investors were driving up shares of B2B e-commerce companies (remember Commerce One?), and America Online had just shocked the world with its $165 billion acquisition of Time Warner.
Bill to create cyber incident response teams at DHS passes House
A bill to give the Department of Homeland Security more firepower in protecting critical infrastructure from cyber attacks passed the house. Rep. Michael McCaul’s (R-Texas) bill, the DHS Cyber Incident Response Teams Act, would create groups of cyber-first responders in the event of an attack on the government or the private sector. The teams will be run by DHS’ Cybersecurity and Infrastructure Security Agency, and will consist of experts from both the public and private sectors. McCaul said the teams are critical to protecting digital networks and communication systems. (Rep. Michael McCaul)
Why Alphabet’s Cybersecurity Spin-Out Picked Chicago to Grow Its Engineering Team
A cybersecurity startup born out of Alphabet’s moonshot factory has picked Chicago to grow its engineering operations, and expects its Windy City outpost to be its largest office outside of Silicon Valley.
Chronicle announced last month that it’s opening a Chicago office inside Google’s Fulton Market building. The office is led by James Megquier, a Chicago native who has spent over a decade in various software engineering roles at Google. Will Robinson, the former head of Google Chicago, is Chronicle’s CTO.
EDUCATION
Spotsylvania students participate in Girls Go CyberStart national competition
The team from Spotsylvania High School was one of four Virginia teams invited to participate in the final round, which was held last week.
The other Virginia teams came from Langley High School in Fairfax County, Flint Hill—a private high school in Northern Virginia—and Bridging Communities, a Governor’s STEM Academy in New Kent County.
Only 120 schools nationwide were selected to compete in the final round—CyberStart Compete—said Kristi Rice, cybersecurity teacher at Spotsylvania High School and the team’s advisor. Spotsylvania ended up finishing 42nd in the nation.
(ISC)²’s Security Congress a Smart Career Investment
The clear and present danger of threats to our information technololgy (IT) infrastructure means that the world needs a substanstial increase in the supply of skilled cybersecurity professionals. Cybersecurity professional association (ISC)² is a leader in the recruitment and training of information age superheros, and a great way for interested individuals to kickstart or further their professional ambitions is to attend a professional conference.
The Structure of a Good Penetration Test
Penetration testing is fundamental to maintaining a strong security posture. It helps uncover weaknesses in your network security that you might otherwise have missed. It’s also required for regulatory compliance in many industries. But what exactly does a proper penetration test look like? How is it used for maximum effect?