BayPay Members Blogs

This additional resource is sponsored by The BayPay Forum.

Botnet Pummels Retail Websites in Hunt for Gift Card Balances

view counterMalicious Bot Checked More Than 4 Million Gift Card Numbers Per Hour in Search of Active Cards With Balances A recently discovered Internet bot is conducting sustained attacks against retailers ......
Continue reading
0 Comments

Let's Encrypt Issues 15,000 Fraudulent "PayPal" Certificates Used for Cybercrime

view counterFree and open Certificate Authority (CA) Let’s Encrypt has issued nearly 15,000 certificates containing the term “PayPal” for phishing sites to date, a security researcher has discovered. According to encryption expert......
Continue reading
0 Comments

FBI Warns Healthcare Industry of FTP Attacks

view counterThe Cyber Division of the U.S. Federal Bureau of Investigation (FBI) has issued an alert to warn the healthcare industry that malicious actors are actively targeting File Transfer Protocol (FTP) ......
Continue reading
0 Comments

How Deep and Dark Web Intelligence Supports Executive Protection

Security Operations CenterMany organizations apply cyber threat intelligence (CTI) solely in limited ways that serve the functionality of its namesake -- that is, they appropriate all CTI-related operations solely to cybersecurity and I......
Continue reading
0 Comments

As Malware Gets Smarter, Bare Metal Analysis Can Keep You Secure

view counterThey say a rising tide lifts all boats; unfortunately, the proverb applies to cybercriminals, too. While the inexpensive availability of compute processing power and broadband connectivity has made technologies like ......
Continue reading
0 Comments

APT29 Cyberspies Use Domain Fronting to Evade Detection

view counterThe Russia-linked cyber espionage group known as APT29 has been using a technique called “domain fronting” in an effort to make it more difficult for targeted organizations to identify malicious traf......
Continue reading
0 Comments

Czech Leader Says Computer Hacked With Child Porn

view counterCzech President Milos Zeman has alleged that hackers based in the US state of Alabama put child pornography on one of his computers a year ago, his official website said ......
Continue reading
0 Comments

Apple Updates iTunes to Patch SQLite, Expat Flaws

view counterApple updated the Windows and Mac versions of iTunes last week to address more than a dozen vulnerabilities affecting the Expat and SQLite libraries. iTunes 12.6 for Windows and OS ......
Continue reading
0 Comments

JobLink Breach Affects Job Seekers in 10 States

view counterAmerica’s JobLink (AJL), a multi-state online service that connects job seekers with employers, informed users last week that a malicious hacker breached the company’s systems. The attacker exploited a vulnerability in t......
Continue reading
0 Comments

Could Killing of FCC Privacy Rules Lead to End of Net Neutrality?

Internet Privacy and ISP DataThe Senate on Thursday voted 50-48 to overturn new FCC rules that would prevent ISPs from monetizing customers' information without their consent. The rules, passed during the Obama administration in October 2016, we......
Continue reading
0 Comments

Report: DOJ Sees Bangladesh Heist Tie to North Korea

Report: DOJ Sees Bangladesh Heist Tie to North KoreaFraud Report: DOJ Sees Bangladesh Heist Tie to North Korea Security Experts Have Been Suggesting the Same Thing for Months Mathew J. Schwartz (euroinfosec) • March 24, 2017     The U.S. Justice Departme......
Continue reading
0 Comments

Why Continuous Vulnerability Assessment Is Essential

A continuous vulnerability assessment program should be baseline security requirement for all organizations, says Richard Bussiere, principal architect, APAC, at Tenable Network Security. "In order to understand how secure you are and get a comprehensive visualization, you need to have the ability to measure ......
Continue reading
0 Comments

Blockchain Seen as a Secure Cyberthreat Info Sharing Tool

A look at experts promoting blockchain as a secure way to share cyberthreat information leads the latest edition of the ISMG Security Report. In the Security Report, you'll also hear (click on player beneath image to listen): Witnesses testifying before a Senate p......
Continue reading
0 Comments

Extortion and Ransomware: What You Need to Know

×Close

Request to Republish Content

Continue reading
0 Comments

Apple Extortion Attempt by Hackers Likely a Bluff

Apple Extortion Attempt by Hackers Likely a BluffUnknown Group Claims to Have 627 Million iCloud Credentials Jeremy Kirk (jeremy_kirk) • March 23, 2017     An unknown hacking group is attempting to extract a $75,000 ransom from Apple, threatening to re......
Continue reading
0 Comments

Silicon Valley Firm Coupa Hit by W-2 Fraudsters

Silicon Valley Firm Coupa Hit by W-2 FraudstersBusiness Continuity/Disaster Recovery , Data Breach , Fraud Fraudsters Fake Out HR by Pretending to be the CEO as Related Attacks Continue Mathew J. Schwartz (euroinfosec) • March 23, 2017     Coupa employees pictu......
Continue reading
0 Comments

Apple Says Latest WikiLeaks CIA Attack Tool Dump No Threat

Apple Says Latest WikiLeaks CIA Attack Tool Dump No ThreatApplication Security , Cybersecurity , Risk Management Apple, Google, Microsoft Refuse to Negotiate with WikiLeaks Mathew J. Schwartz (euroinfosec) • March 24, 2017     WikiLeaks has released a batch of Apple-focused CIA attack tools, dubbed Dark M......
Continue reading
0 Comments

FCC's Pending ISP Privacy Regulation in Jeopardy

FCC's Pending ISP Privacy Regulation in JeopardyLegislation , Privacy Senate Votes to Void New Rule that Would Limit Selling of Consumer Data Eric Chabrow (GovInfoSecurity) • March 24, 2017     Sen. Jeff Flake is sponsor of a bill to quash an FCC rule on online privacy......
Continue reading
0 Comments

Third-Party App Store Slips Inside iOS App Store

view counterA third-party app store application managed to slip into the official iOS App Store by masquerading as a legitimate financial helper application, according to Trend Micro researchers. Dubbed “Household Accounts Ap......
Continue reading
0 Comments

Researcher Builds WMI-Based Hacking Tool in PowerShell

view counterResearcher Builds WMI-Based RAT in PowerShell Security researcher Christopher Truncer released a WMI-based agentless post-exploitation RAT that he developed in PowerShell. Last year, Truncer released a PowerShell script capable of ......
Continue reading
0 Comments
×
Sign up to our newsletter!

Subscribe