December 9, 2024 at 01:28PM Genetec Inc. released its “2025 State of the Physical Security Report,” highlighting trends in hybrid cloud adoption, IT department involvement, and AI integration in physical security. The report indicates 43% of end users favor hybrid solutions, while 77% of organizations have IT and physical security collaborating on systems. **Meeting Takeaways … Read more
September 29, 2024 at 12:45PM Alethe Denis, a senior security consultant at Bishop Fox, specializes in physical security assessments and social engineering attacks. Denis and her team break into buildings by impersonating employees or vendors to access corporate networks and steal data. Despite AI and deepfake advancements, human interactions remain the most effective tactic for … Read more
September 10, 2024 at 10:36AM Becky Bracken, Senior Editor at Dark Reading, hosted a podcast discussing the aftermath of the pen test arrest of cybersecurity professionals, Gary De Mercurio and Justin Wynn. They were arrested during an authorized pen test at a courthouse in Dallas County, Iowa. The incident highlighted the importance of physical penetration … Read more
August 23, 2024 at 05:51AM The Department of Justice’s Office of the Inspector General reports that the FBI fails to securely manage decommissioned electronic storage media, containing both sensitive law enforcement and national security information. The devices were not properly labeled, stored, tracked, or secured, posing a risk of loss or theft. The OIG recommends … Read more
June 12, 2024 at 05:21PM Numerous vulnerabilities in a widely used biometric terminal raise concerns about unauthorized access, data manipulation, and malware deployment. Though biometric security is growing in popularity, these vulnerabilities pose significant risks, particularly in critical environments. However, experts emphasize the unique security features of biometrics and suggest strategies to fortify biometric systems. … Read more
June 6, 2024 at 09:32AM The Boston Red Sox are making comprehensive cybersecurity efforts by adopting a software-as-a-service model and embracing IoT at Fenway Park. Despite limited resources, support from Major League Baseball helps the team punch above its weight in cyber defense. Their security apparatus is dynamic and constantly evolving to protect IP, ensure … Read more
June 3, 2024 at 05:01PM Russian state-aligned threat actors Storm-1679 and Storm-1099 have conducted a year-long online influence campaign against the upcoming Paris Olympic Games. Using fake news, doctored images, and AI-aided videos, their goal seems to undermine the International Olympic Committee’s reputation and stoke fears of violence at the Summer Games. Concerns about potential … Read more
April 2, 2024 at 10:03AM Pentagrid reported a vulnerability in self check-in kiosks at Ibis Budget hotels, potentially exposing keypad codes used to enter rooms. The vulnerability was found in Germany, but likely impacted other European hotels. Accor, the brand owner, promptly addressed the issue. The flaw could have allowed unauthorized room access, posing a … Read more
December 20, 2023 at 02:50PM Otorio researchers demonstrated at Black Hack Europe 2023 how attackers can exploit access control systems installed on secure facility doors to gain unauthorized building access and breach internal IP networks. They highlighted vulnerabilities in modern physical access control systems (PACSs), particularly those using the Open Supervised Device Protocol (OSDP), urging … Read more
October 20, 2023 at 05:32PM Employees experience a physical “escape room” to enhance security awareness. They role-play as criminal social engineers and identify vulnerabilities in a mock office space. The aim is for employees to understand the importance of physical security and remember practices like keeping whiteboards clean, locking laptops, and hiding or shredding documents. … Read more