Profiting From the SEC Breach

Analyzing the impact of a breach of computers at the U.S. Securities and Exchange Commission leads the latest edition of the ISMG Security Report. Also in the report (click player...
Continue reading
0 Comments

Panel: What Got Us Here Won't Get Us There: The Core Elements of a Data Security Action Plan Moving Forward

In Development Receive Invite When Available Original link
Continue reading
0 Comments

Canada's Tough New Breach Reporting Regulations


Breach Notification , Data Breach Attorney Imran Ahmad Discusses Potential Impact Marianne Kolbasuk McGee ( HealthInfoSec ) • September 21, 2017     Imran Ahmad, business law partner, Miller Thomson...
Continue reading
0 Comments

Fighting Ransomware: Best Practices


Business Continuity/Disaster Recovery , Cloud Computing , Governance John Cloonan of Lastline on an Effective Backup Strategy Tracy Kitten ( FraudBlogger ) • September 21, 2017     John Cloonan,...
Continue reading
0 Comments

Hackers May Have Traded on Stolen SEC Data

Hackers May Have Traded on Stolen SEC Data
SEC Commissioner Faces Senate Questioning Over Newly Disclosed May 2016 Breach Jeremy Kirk ( jeremy_kirk ) • September 22, 2017     The chairman of the U.S. Securities and Exchange...
Continue reading
0 Comments

Trojanized Avast CCleaner Attack Targeted Major Tech Firms

Trojanized Avast CCleaner Attack Targeted Major Tech Firms
image
Anti-Malware , Endpoint Security , Technology Supply Chain Attack May Have Backdoored Hundreds of High-Profile Targets Mathew J. Schwartz ( euroinfosec ) • September 22, 2017     Avast's CCleaner...
Continue reading
0 Comments

Google Patches High Risk Flaws in Chrome

view counter
image


Google this week released an updated version of Chrome 61 to address two High severity vulnerabilities. Available for download as version 61.0.3163.100, the new Chrome iteration was pushed to all...
Continue reading
0 Comments

Massive Spam Runs Distribute Locky Ransomware

view counter
image


Locky ransomware, the infamous threat that dominated malware charts in 2016, is being aggressively distributed in a series of spam runs that have been ongoing for several weeks, security researchers...
Continue reading
0 Comments

CCleaner Infection Database Erased

view counter
image


A database that allowed hackers to monitor systems infected through a maliciously modified CCleaner installer was erased on September 12, Avast has discovered. The MariaDB (fork of MySQL) database had...
Continue reading
0 Comments

SecureAuth Acquired for $225 Million, to Merge With Core Security

view counter
image


Access control company SecureAuth announced this week that it will merge with Core Security, a firm focused on vulnerability discovery, identity governance, and threat management. Through the merger, the two...
Continue reading
0 Comments

Ransomware: Where It's Been and Where It's Going

About Ransomware Campaigns
view counter
image


Ransomware has become prevalent because it is an easy way for criminals to make a quick buck; and because in many ways defenders have forgotten the basics of cybersecurity. The...
Continue reading
0 Comments

NVIDIA Patches Several Flaws in GPU Display Drivers

NVIDIA patches vulnerabilities in GPU display drivers
view counter
image


NVIDIA has started releasing patches for several denial-of-service (DoS) and privilege escalation vulnerabilities affecting its GeForce, NVS, Quadro and Tesla graphics card drivers. A security advisory published by the company...
Continue reading
0 Comments

1.4 Million Phishing Sites Are Created Monthly: Report

view counter
image


According to a new report, an average of 1.385 million unique new phishing sites are created every month, peaking at 2.3 million in May 2017.  The majority of these are...
Continue reading
0 Comments

Private, But Not Secure: HTTPS is Hiding Cybercrime

Importance of SSL Inspection
view counter
view counter
image


Encrypted communications have boomed in popularity in the aftermath of the Snowden leaks in 2013 , which has ironically opened up a new pathway for cybercriminals. Since those fateful revelations...
Continue reading
0 Comments

D-Link Patches Recently Disclosed Router Vulnerabilities

D-Link patches DIR-850L vulnerabilities
view counter
image


D-Link has released firmware updates for its DIR-850L router to address a majority of the vulnerabilities disclosed recently by a security researcher. Earlier this month, researcher Pierre Kim disclosed the...
Continue reading
0 Comments

Germany on Guard Against Election Hacks, Fake News

view counter
image


As the clock ticks down to elections Sunday, Germany's cyber defense nervously hopes it'll be third time lucky after Russia was accused of meddling in the US and French votes....
Continue reading
0 Comments

Fuzzing Reveals Over 30 Web Browser Engine Flaws

view counter
image


Fuzzing tests conducted on the most popular web browser engines by Google Project Zero revealed the existence of more than 30 vulnerabilities, more than half of which in Apple’s Safari....
Continue reading
0 Comments

Judge Dismisses Part of FTC Case Against D-Link

view counter
image


A federal judge has dismissed three of the six counts in a complaint filed in January by the U.S. Federal Trade Commission (FTC) against D-Link. The FTC accused the Taiwan-based...
Continue reading
0 Comments

FormBook Infostealer Attacks Ramping Up

view counter
image


Attacks involving a rather unknown information stealing malware family dubbed "FormBook" have become increasingly frequent recently, fueled by the threat’s cheap price and the availability of a cracked builder, Arbor...
Continue reading
0 Comments

Internal Communications of Many Firms Exposed by Helpdesk Flaws

view counter
image


The way some companies have set up support systems can expose their internal communications to malicious actors, warned a researcher who used a newly discovered security hole to hack dozens...
Continue reading
0 Comments