Language Selection

English French German Italian Portuguese Spanish

Proprietary Leftovers (Mostly Microsoft)

Filed under
Microsoft
  • US Rolls Out New Cybersecurity Requirements for Rail, Air [iophk: Windows TCO]

    Homeland Security Secretary Alejandro Mayorkas announced the measures Tuesday at a virtual cybersecurity conference, warning that recent incidents such as the SolarWinds [crack] and the Colonial Pipeline ransomware attack showed that "what is at stake is not simply the way we communicate or the way we work, but the way we live."

    The new security directives target what the Department of Homeland Security and the Transportation Security Administration describe as "higher risk" rail companies, "critical" airport operators, and air passenger and air cargo companies.

  • Bill requiring companies report cyber incidents moves forward in the Senate [iophk: Windows TCO]

    The bill would require owners and operators of critical infrastructure groups to report cyber incidents to the Cybersecurity and Infrastructure Security Agency (CISA) within 72 hours. It would also require critical infrastructure groups, nonprofits and most medium to large businesses to report making ransomware attack payments within 24 hours.

  • TSA to issue regulations to secure rail, aviation groups against cyber threats [iophk: Windows TCO]

    According to Mayorkas, the directive will require these groups to “identify a cybersecurity point person” charged with reporting cybersecurity incidents to the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA), along with establishing “contingency and recovery plans” in the case of cyberattacks.

  • U.S. to tell critical rail, air companies to report [breaches], name cyber chiefs [iophk: Windows TCO]

    The upcoming changes will make it mandatory for “higher-risk” rail transit companies and “critical” U.S. airport and aircraft operators to do three things: name a chief cyber official, disclose [breaches] to the government and draft recovery plans for if an attack were to occur.

  • The Gates Foundation Avoids a Reckoning on Race and Power

    Over the last year, Doctors Without Borders has faced a major scandal, as more than 1,000 current and former employees signed on to a letter accusing the Nobel Peace Prize-winning humanitarian organization of institutional racism, citing a colonial mentality in how the group’s European managers view the developing world.1

    Such an allegation would be serious in any field, but it deserves another level of scrutiny in the context of global health and humanitarianism, two fields built on a paternalistic premise: rich white people from wealthy nations setting themselves up as saviors of poor people of color. The assumptions embedded in this model have provoked increasingly popular calls to “decolonize” the sector, and many organizations have responded by invoking social justice rhetoric, claiming, for instance, that their work intersects with the Black Lives Matter movement.2

  • Canopy Parental Control App Wide Open to Unpatched XSS Bugs

    The vulnerability arises because the system is failing to sanitize user inputs. The input field allows 50 characters, Young found, “which was plenty to source an external script.”

    He said there are multiple ways to exploit the issue.