Vorig jaar zijn er ruim 43.000 smartphones in Nederland gestolen, zo laat het ministerie van Veiligheid en Justitie vandaag weten. In 2013 ging het nog om bijna 70.000 toestellen.

Hoewel het aantal gestolen smartphones voor het derde jaar op rij is gedaald, zijn met name telefoons van jongeren niet goed tegen diefstal beveiligd, aldus het ministerie, dat zich op baseert op onderzoek van onderzoeksbureau SAMR (pdf).

Van de jongeren in de leeftijd van 16 tot 25 jaar die aan het onderzoek deelnamen zegt 36 procent dat de telefoon in het geval van diefstal of verlies op afstand is te traceren en 21 procent kan de smartphone op afstand blokkeren. De meeste jongeren (63 procent) hebben hun toestel wel beveiligd via een pincode of vingerafdruk.

The popular personal area network Bluetooth protocol used by almost every modern mobile device is full of security holes that can be exploited by attackers, researchers have found.

In their BlueBorne research paper [pdf], researchers Ben Seri and Gregory Vishnepolsky from security vendor Armis outline several zero-day vulnerabilities and other security flaws in recent Bluetooth implementations.

They outlined eight vulnerabilities that can be used to attack the Linux open source kernel and Google's Android operating system, as well as Microsoft Windows and Apple iOS.

Have the attackers responsible for the Equifax data breach exploited a vulnerability in Apache Struts, a popular open source framework for developing web applications, to compromise the company’s networks?

Equifax has yet to share more details about how the attack was pulled off, but a report by financial services firm Robert W. Baird & Co. says the company’s “understanding” is that it was an Apache Struts flaw that did the trick.

Quartz reported it was CVE-2017-9805, publicly revealed last week after it had been patched by the Apache Software Foundation. But, the publication later said it was possible that it was CVE-2017-5638, whose existence was disclosed in March 2017 and was, at the time, under active exploitation.

The characteristics of modern applications in the cloud are changing, requiring software and IT architects to shift priorities.

Businesses of all sizes are transforming in order to compete in the digital era, but are bogged down by legacy technologies and inefficient siloed processes and tools that are ill-equipped to handle today’s volume of data.

Today’s modern enterprise must harness this data and churn it into continuous intelligence in order to make critical business decisions. The second State of Modern Applications in the Cloud report from Sumo Logic continues to reflect the emerging trends and year-over-year shifts in how businesses are approaching their digital strategy, and the ways in which they build their modern applications across each tier of the application architecture.

Today, the Department of Energy (DOE) is announcing awards of up to $50 million to DOE’s National Laboratories to support early stage research and development of next-generation tools and technologies to further improve the resilience of the Nation’s critical energy infrastructure, including the electric grid and oil and natural gas infrastructure.

This investment builds on the Department’s ongoing efforts toward the rapid development and widespread adoption of tools and technologies that will help create a more resilient, secure, sustainable, and reliable electricity system that can meet the demands of the 21st century and beyond.

“A resilient, reliable, and secure power grid is essential to the Nation’s security, economy, and the vital services that Americans depend on every day,” said Secretary of Energy Rick Perry.

How defenders in a US national security agency capture-the-flag exercise used an endless stream of false data across the network to thwart attackers and contain damage.

We live in a reality of continually multiplying attack vectors. Hackers are using increasingly brazen methods to break past perimeter defenses, using stolen credentials and backdoors, phishing, spyware and malware, brute force, and more.

Once attackers have successfully breached a network, they typically have plenty of time to do significant damage. According to the Verizon 2016 Breach Investigations Report, only about 25% of compromises were discovered in "days or less," and the 2017 FireEye M-Trends report indicates that despite continuing improvement, the median number of days attackers dwell in victim networks before discovery is still 99 days — over 3 months — with 47% of breach notifications coming from external sources (such as when the FBI comes knocking).

America's National Transport Safety Bureau (NTSB) has decided that late Tesla-driver Joshua Brown was responsible for the crash he died in, but that Tesla's Autopilot contributed by (at the time) allowing him to ignore the road for too long.

As we reported in June, Brown's hands-off approach to driving was the big factor in his demise, but it didn't help that Autopilot missed a truck turning in front of his car.

The NTSB has now expanded on its findings, blaming the accident on a combination of “driver errors, over-reliance on automation” and a “lack of safeguards”.

We will be taking a long hard look at AI, ML and data analytics at MCubed next month, but there’s one other element we’ll be keeping in mind throughout: humans.

Yes, from October 9 to 10 we’ve got conference sessions that will get you on top of the key building blocks of ML and machine learning - from algorithms to frameworks, to architectures.

And we’ll have speakers who’ve applied all of the above to real organisations, full of real humans, or to solving problems that humans really care about - from how they shop to how they can prevent a roof from collapsing in heavy rain.