• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
AskCyber Home » News » News » Cyber Security News 02 August 2019

Cyber Security News 02 August 2019

2019-08-02 by Michelle Dvorak

Cyber-Security News AUG 02 2019

Friday Cyber Security News 02 August 2019 – Department of Defense Buys IoT Tech from Chinese Companies With Government Ties – FTC Warns of Equifax Scam Sites DHS Cautions Aircraft Owners about IoT Airplanes

US DOD Warned About Risks of Buying Chinese Technology

The United States Inspector General issued a report detailing the findings of an audit of US Department of Defense (DoD) purchases. The audit found that DoD continues to purchase commercially available off-the-shelf (COTS) electronics that are considered cyber security risks. The questionable purchases are attributed to items that cost under $10,000 each and are bought from fixed price and delivery schedules on Government Procurement Cards. The report questions why DoD has not banned the purchase of products with associated with cyber security risks.

In the audit, the U.S. Inspector General discovered that “70 to 80% percent of the components that comprise DOD systems are COTS items.” The audit also found that $33 million of Procurement Card purchases buy equipment considered vulnerable to cyber attacks or from companies with connections to the Chinese government like Lenovo, Lexmark, GoPro, Hikvision, and Dahu.

Heimdel Malware Protection
Heimdel Malware Protection

Chinese surveillance equipment from Hikvision and Dahu was purchased until it was banned in August 2018 even though the Department of State had issued a warning about cyber security vulnerabilities in May 2017.

The Inspector General report calls out that DoD purchased thousands of lexmark printers in 2018 for Army and Air Force networks, “Lexmark is a company with connections to the Chinese military, nuclear, and cyber espionage programs,” the report said. Internet of Things devices can be used for cyberespionage or to execute malicious code on defense IT networks.

FTC Warns Consumers of Equifax Scams

The US Federal Trade Commission (FTC) tweeted a warning to Consumers to beware of fake Equifax settlement claim websites. Last week FTC announced that Equifax had reached a settlement to help pay damages from their massive 2017 data breach.

Beware of fake websites claiming to be the Equifax settlement claims website. To be sure you are going to the legitimate site, you can access it from the @ftc’s Equifax page: https://t.co/6Dz4lQYEf2pic.twitter.com/1qDV3xyYSn
— FTC (@FTC) July 29, 2019

Equifax was sued by all 50 US states and the FTC after 174 million consumers’ data was hacked after the company left servers unpatched and vulnerable to hackers. The settlement will pay consumers who file a claim anywhere from $125 to $20,000 depending on how much time is spent on resolving identity theft claims or damages suffered from the data breach. Not long after the settlement was announced by the FTC, spoof websites popped up on the Internet trying to scam US consumers. Websites set up by scammers and hackers are out to steal personal information from people who’ve already been financially harmed by the Equifax data breach.To be sure that you file a claim on the correct website, visit the official FTC website to learn about how to file a claim and what documents you will need. Also on the FTC website is a link to the official Equifax settlement website. Make sure that you are on the correct website to file an Equifax settlement claim and not a scammer website. If you have any doubts call the number listed by the FTC.

DHS Warns About Airplane Security Flaws

The US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) issued an alert about cyber security concerns regarding CAN bus networks used with small airplanes. The CISA alert is based on a report by Rapid7 cyber security research firm. A CAN bus is at the heart of connected car security and is a hardware-plus-software protocol.

The report warns that CAN bus networks are vulnerable to hackers. These are the same connections used in internet connected automobiles. To exploit a CAN bus connection, a hacker must have physical access to the aircraft.

Access to the connection would allow a hacker to inject malicious code into the plane’s avionics and cause false readings on instruments. Engine telemetry readings, compass headings, attitude data, altitude, airspeed, vertical airspeed, and angle of attack could all be hacked to send false readings to the pilot.

To mitigate cyber attacks on small airplanes, aircraft owners should lock equipment doors and restrict access to their planes. Manufacturers need to address CAN bus safety issues for connected planes.

Filed Under: News Tagged With: DHS, Equifax, FTC

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version