Home Podcasts Videos Guest Posts Q&A My Take Bio Contact

Guest Blog Post


GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

By Vance Hilderman

The threat of bad actors hacking into airplane systems mid-flight has become a major concern for airlines and operators worldwide.

Related: Pushing the fly-by-wire envelope

This is especially true because systems are more interconnected and use more complex commercial software than ever before, meaning a vulnerability in one system could lead to a malicious actor gaining access to more important systems.

Here’s what you should know about the risks, what aviation is doing to address those risks, and how to overcome them.

It is difficult to deny that cyberthreats are a risk to planes. Back in 2015, a security researcher decided to make that very point when he claimed to have hacked a plane, accessed the thrust system, and made it fly higher than intended.

Thankfully, the incident ended safely (or perhaps was unproven), but it clearly highlighted a need for stiffer security measures, particularly

GUEST ESSAY: Lessons to be learned from the waves of BofA phone number spoofing scams

By Richard Grant

Phone number spoofing involves manipulating caller ID displays to mimic legitimate phone numbers, giving scammers a deceptive veil of authenticity.

Related: The rise of ‘SMS toll fraud’

The Bank of America scam serves as a prime example of how criminals exploit this technique. These scammers impersonate Bank of America representatives, using the genuine bank’s phone number (+18004321000) to gain trust and deceive their targets.

Victims of the Bank of America scam have shared their experiences, shedding light on the deceptive tactics employed by these fraudsters. One common approach involves a caller with an Indian accent posing as a Bank of America representative. They may claim that a new credit card or checking account has been

GUEST ESSAY: A call to decentralize social identities — to curtail social media privacy abuses

By Chris Were

Social media giants have long held too much power over our digital identities.

Preserving privacy for a greater good

Today, no one is immune to these giants’ vicious cycle of collecting personal data, selling it to advertisers, and manipulating users with data metrics. By making people feel like mere products- this exploitative digital environment further encourages a bubble of distrust amongst social media users.

With numerous incidents to cite, tech behemoths have time and again proven their inadequacy to securely handle their user’s digital identity and data.

In recent years, Meta (previously Facebook) has faced a number of fines for violating user privacy. In 2019, the company was ordered to pay a record-breaking $5 billion penalty by the Federal Trade Commission (FTC) for violating consumers’ privacy rights.

The fine was the largest ever imposed on a social media company for privacy violations. Last month, again, Meta was penalized for more than €1.2bn (£1bn) and ordered to suspend data transfers to the US by an Irish regulator for its handling of user information. This hefty penalty set

GUEST ESSAY: Why any sudden influx of spam emails is an indicator of a likely security issue

By Zac Amos

We all get spam emails, and while it’s annoying, it’s not usually anything to worry about. However, getting a huge influx of spam at once is a warning sign. People suddenly getting a lot of spam emails may be the target of a sophisticated cyber-attack.

Related: How AI can relieve security pros

What causes spam emails? Someone leaking, stealing or selling account information can cause a sudden influx of spam emails. It may also be a part of a more targeted attack. There are four main causes of spam emails:

•Sold email: Websites sometimes sell email address information to third parties.

•Spam interaction: Previous interactions with spam are a signal to scammers. They send more messages when they know the account is active and possibly interested.

•Leaked email: Companies or third-party vendors put email address security at risk when they experience data breaches.

•Mailing list: Signing up for a mailing list may trigger spam. Even without hitting enter,

GUEST ESSAY: Here’s why shopping for an EV feels very much like shopping for a new laptop

By James Jeffs

Computer chips have been part of cars for a long time, but no one really cares about them until they stop working or they are late to the production line.

Related: Rasing the bar of cyber safety for autos

However, the research within IDTechEx’s “Semiconductors for Autonomous and Electric Vehicles 2023-2033” report shows that trends within the automotive industry mean consumers will soon be caring far more about what chips are in their cars. IDTechEx expects that purchasing a new vehicle will soon feel like shopping for a new laptop.

What are the main concerns when buying a laptop? For most people, it will be things like how long the battery will last, how nice the screens are, and what computer chip it comes with.

Evaluating a vehicle’s worth based on the number of cylinders, horsepower, and miles per gallon will soon be irrelevant. We already know that electric vehicles will be dominating the market soon, ticking off the choice of vehicle based on how long the battery lasts, but what about the other two criteria?

It has been hard to escape the screenification of car cabins over the past few years.

GUEST ESSAY: Why it’s high time for us to rely primarily on passwordless authentication

By Thierry Gagnon

Accessing vital information to complete day-to-day tasks at our jobs still requires using a password-based system at most companies.

Related: Satya Nadella calls for facial recognition regulations

Historically, this relationship has been effective from both the user experience and host perspectives; passwords unlocked a world of possibilities, acted as an effective security measure, and were simple to remember. That all changed rather quickly.

Today, bad actors are ruthlessly skilled at cracking passwords – whether through phishing attacks, social engineering, brute force, or buying them on the dark web. In fact, according to Verizon’s most recent data breach report, approximately 80 percent of all breaches are caused by phishing and stolen credentials. Not only are passwords vulnerable to brute force attacks, but they can also be easily forgotten and reused across multiple accounts.

They are simply not good enough. The sudden inadequacy of passwords has prompted broad changes to how companies must create, store, and manage them. The problem is these changes have made the user experience more convoluted and complicated.

GUEST ESSAY: Dialing in generative AI to truly relieve and assist cybersecurity professionals

By Zac Amos

As the threat of cybercrime grows with each passing year, cybersecurity must begin utilizing artificial intelligence tools to better combat digital threats.

Related: A call to regulate facial recognition

Although AI has become a powerful weapon, there’s concern it might be too effective compared to human cybersecurity professionals — leading to layoffs and replacements.

However, the truth is that automated AI tools work best in the hands of cybersecurity professionals instead of replacing them. Rather than trying to use AI to get rid of your security team, seek to use automated tools in conjunction with your existing professionals to ensure the strongest cybersecurity defense.

AI breakthrough

The newest breakthrough in artificial intelligence technology is machine learning and generative AI. Unlike traditional AI, machine learning can be taught to act on data sets and make accurate predictions instead of being limited to only analyzing.

Machine learning programs use highly complex algorithms to learn from data sets. In addition to analyzing data, they can use that data to observe patterns. Much like humans, they take what they have learned to “visualize” a model and take action based on it.

A program that can take data sets and act independently has enormous cybersecurity potential. Generative AI can look for patterns