Claroty Adds New Capabilities to Industrial Security Platform

Industrial cybersecurity firm Claroty on Tuesday announced significant enhancements to its threat detection product, along with technology integrations with several cybersecurity, network infrastructure and industrial automation providers. Claroty provides an...
Continue reading
0 Comments

Windows Zero-Day Exploited by New 'SandCat' Group

Experts believe that the Windows kernel zero-day vulnerability fixed this week by Microsoft with its Patch Tuesday updates has been exploited by several threat actors, including a new group. The...
Continue reading
0 Comments

Hertz, Clear Partner to Speed Rentals With Biometric Scans

Biometric screening is expanding to the rental car industry. Hertz said Tuesday it is teaming up with Clear, the maker of biometric screening kiosks found at many airports, in an...
Continue reading
0 Comments

Windows Kernel Vulnerability Exploited in Attacks

Microsoft’s Patch Tuesday updates for December 2018 address nearly 40 vulnerabilities, including a zero-day flaw affecting the Windows kernel. The actively exploited vulnerability, tracked as CVE-2018-8611, has been described by...
Continue reading
0 Comments

Adobe Patches 87 Vulnerabilities in Acrobat Software

The December 2018 Patch Tuesday updates released by Adobe address a total of 87 vulnerabilities affecting the company’s Acrobat software. The vulnerabilities impact the Windows and macOS versions of Acrobat...
Continue reading
0 Comments

New Exploit Kit Targets SOHO Routers

A newly identified exploit kit is targeting home and small office routers in an attempt to compromise the mobile devices or desktop computers connected to the routers, according to Trend...
Continue reading
0 Comments

House Releases Cybersecurity Strategies Report

The U.S. House of Representatives’ Committee on Energy and Commerce has released a report identifying strategies for the prevention and mitigation of cybersecurity incidents. Designed to summarize the work of...
Continue reading
0 Comments

Russian Critical Infrastructure Targeted by Profit-Driven Cybercriminals

Several critical infrastructure organizations in Russia have been targeted by hackers believed to be financially-motivated cybercriminals rather than state-sponsored cyberspies. An analysis of malicious Word documents led researchers at endpoint...
Continue reading
0 Comments

Italian Oil Services Company Saipem Hit by Cyberattack

Italian oil and gas company Saipem hit by cyberattack
Italian oil and gas services company Saipem reported on Monday that some of its servers were hit by a cyberattack. The company has shared few details about the attack –...
Continue reading
0 Comments

Secure Messaging Applications Prone to Session Hijacking

Secure messaging applications such as Telegram, Signal and WhatsApp can expose user messages through a session hijacking attack, Cisco’s Talos security researchers warn.  The three applications, all of which offer...
Continue reading
0 Comments

Google CEO Faces House Grilling on Breach, China Censorship

WASHINGTON (AP) — Google's CEO faces a grilling from U.S. lawmakers on how the web search giant handled an alarming data breach and whether it may bend to Chinese government...
Continue reading
0 Comments

Organizations Still Slow to Detect Breaches: CrowdStrike

Attack vectors
Organizations are getting better at detecting intrusions on their own, but it still takes them a long time to do it, according to a new report published on Tuesday by...
Continue reading
0 Comments

Researchers Find Thousands of Twitter Amplification Bots in Just One Day

7,000 Twitter Amplification Bots Found in One Day's Search Researchers have examined Twitter looking for what are known as amplification bots. These accounts serve no purpose other than to amplify...
Continue reading
0 Comments

Highly Active MuddyWater Hackers Hit 30 Organizations in 2 Months

The cyberespionage group referred to as MuddyWater has hit over 130 victims in 30 organizations from late September to mid-November, Symantec security researchers said in a report published Monday.  Highly...
Continue reading
0 Comments

New Bug Prompts Earlier End to Google+ Social Network

Google said Monday it will close the consumer version of its online social network sooner than originally planned due to the discovery of a new software bug. The Google+ social...
Continue reading
0 Comments

Tor Project Releases Financial Documents

Tor Project releases financial documents
The Tor Project, the organization behind the Tor anonymity network, has published financial documents for the past two years, and while they show that its revenue has increased significantly, it’s...
Continue reading
0 Comments

Researchers Find a Dozen Undocumented OpenSSH Backdoors

ESET security researchers have discovered 12 new OpenSSH backdoor families that haven’t been documented before. The Secure Shell (SSH) network protocol allows the remote connection of computers and devices. The...
Continue reading
0 Comments

New Mac Malware Combines Open-Source Backdoor and Crypto-Miner

A recently discovered piece of malware targeting Mac systems is a combination of two open-source programs, Malwarebytes security researchers warn.  Detected as DarthMiner, the threat is distributed through an application...
Continue reading
0 Comments

Getting ROI From a Security Advisory Board That Works: Part 2

Over the years, I have participated in many advisory boards. In every case, I have been a strong supporter of the business and wanted to contribute. However, in almost every...
Continue reading
0 Comments

Australia Anti-Encryption Law Rushed to Passage

A newly enacted law rushed through Australia's parliament will compel technology companies such as Apple, Facebook and Google to disable encryption protections so police can better pursue terrorists and other...
Continue reading
0 Comments