A big red 'X'
I was recently forwarded a link to a BBC video which demonstrates how a user on a wireless network can attack another user and break into their system.
In the video, the attacker uses Nessus and Metasploit to identify some security issues in the remote computer, and then break into it. My favorite line is when the analyst points to the "big red X" in the Nessus report and says that "here is a problem". If only it were this simple when managing 1000s of computers or more in a large enterprise.
I would have rather seen them speak about how monitoring an unsecured wireless network can passively reveal passwords, user information, vulnerabilities and so on. Overall, this sort of news isn't really news to the readers of this blog or users of Nessus. I am thrilled that this BBC coverage will raise awareness to European technical business managers who aren't exposed to vulnerability scanners, penetration testers and IT security issues on a regular basis.
Related Articles
Cybersecurity Snapshot: Many Employees Overshare Work Info with AI Tools, Report Finds, as ‘Cybersecurity Awareness Month’ Kicks Off
October 4, 2024Check out the best practices cyber agencies are promoting during Cybersecurity Awareness Month, as a report warns that staffers are feeding confidential info to AI tools. Meanwhile, a study highlights how business decisions can derail OT security. Plus, get the latest on Active Directory security, CISO salary trends and ransomware attacks!
How to Unlock Advanced IoT Visibility for Cyber-Physical Systems
October 1, 2024As the number of IoT devices deployed globally continues to rise, cyber-physical systems and business operations are exposed to greater risk. Improving asset visibility, monitoring and risk management are critical steps to preventing breaches.
Cybersecurity Snapshot: NIST Program Probes AI Cyber and Privacy Risks, as U.S. Gov’t Tackles Automotive IoT Threat from Russia, China
September 27, 2024A new NIST program will revise security frameworks like NIST’s CSF as AI risks intensify. Plus, the U.S. may ban cars with Russian and Chinese IoT components. Meanwhile, the CSA adds AI insights to its zero trust guide. And get the latest on cybersecurity budgets, SBOMs and the Ghost cybercrime platform!