What Happens When Security Companies Fail at Security?

view counter
image


Several recent cyber attacks have successfully targeted organizations that should be poster children for security hygiene. Why are even the most security-conscious organizations being compromised, and what does it mean...
Continue reading
0 Comments

Poland Eyes Cybersecurity in Skies

view counter
image


Poland on Wednesday agreed to test a cybersecurity pilot program for the aviation sector as Europe's EASA civil aviation authority tackles the potential threats posed by hackers to air traffic....
Continue reading
0 Comments

More Prison Time for Ex-Secret Service Agent Who Stole Bitcoins

view counter
image


A former U.S. Secret Service agent already convicted for stealing bitcoins from the now-defunct underground marketplace Silk Road has been handed another prison sentence for the theft of digital currency...
Continue reading
0 Comments

"Tick" Cyber Espionage Group Employs Steganography

view counter
image


The cyber espionage group known as "Tick" is using steganography to conceal their backdoor Trojan better, according to analysis from security firm Trend Micro. Also referred to as Bronze Butler...
Continue reading
0 Comments

Where DevOps Could Be Increasing The Attack Surface

view counter
image


Survey Finds That DevOps Often Improves IT Efficiency While Weakening IT Security The basic premise behind DevOps is that combining the development team and the operations team into a single...
Continue reading
0 Comments

Many Vulnerabilities Found in Linux USB Subsystem

view counter
image


A Google researcher has found a significant number of vulnerabilities in the Linux kernel USB subsystem using the Syzkaller fuzzer. The fuzzing tool developed by Google helped Andrey Konovalov find...
Continue reading
0 Comments

Russia-Linked Spies Deliver Malware via DDE Attack

view counter
image


The Russia-linked cyber espionage group tracked as APT28 and Fancy Bear has started delivering malware to targeted users by leveraging a recently disclosed technique involving Microsoft Office documents and a...
Continue reading
0 Comments

UK Cybersecurity Center Issues 'The Dark Overlord' Alert

UK Cybersecurity Center Issues 'The Dark Overlord' Alert
Cybersecurity , Endpoint Security , Technology UK Cybersecurity Center Issues 'The Dark Overlord' Alert Block Cyber-Extortion Bogeyman du Jour Using Long-Recommended Security Basics Mathew J. Schwartz ( euroinfosec ) •...
Continue reading
0 Comments

Healthcare Security Summit Features Leading CISOs

Healthcare Security Summit Features Leading CISOs
Compliance , Cybersecurity , Ransomware Healthcare Security Summit Features Leading CISOs Two-Day Event Will Address Ransomware, Medical Device Security, Other Key Issues Marianne Kolbasuk McGee ( HealthInfoSec ) • November...
Continue reading
0 Comments

Bargain Prices: Compromised Credentials for $3 a Pop

The ISMG Security Report leads with a conversation with DataBreachToday Executive Editor Mathew J. Schwartz about the sale of compromised remote desktop protocol credentials for as little as $3 on...
Continue reading
0 Comments

Equifax: Share-Selling Executives Didn't Know About Breach

Equifax: Share-Selling Executives Didn't Know About Breach
Breach Response , Data Breach , Governance Company Claims That Until 12 Days Post-Breach, None Knew Equifax Had Suffered Massive Hack Jeremy Kirk ( jeremy_kirk ) • November 6, 2017...
Continue reading
0 Comments

Report: Attackers Hacked Nepalese Bank's SWIFT Server

Report: Attackers Hacked Nepalese Bank's SWIFT Server
Breach Response , Data Breach , Fraud $4.4 Million Moved to Accounts in US, UK and Japan via Fraudulent SWIFT Messages Mathew J. Schwartz ( euroinfosec ) • November 6,...
Continue reading
0 Comments

OPM Contends 'Audit Fatigue' Hampers InfoSec Compliance

OPM Contends 'Audit Fatigue' Hampers InfoSec Compliance
Continuous Monitoring , Cybersecurity , Risk Management IG Identifies Significant Deficiencies in Agency's IT Management Structure Eric Chabrow ( GovInfoSecurity ) • November 7, 2017     The head of...
Continue reading
0 Comments

'Sowbug' Hackers Hit Diplomatic Targets Since 2015

view counter
image


A cyberespionage group that has been active since at least early-2015 has been targeting organizations in South America and Southeast Asia, while focusing mainly on foreign policy institutions and diplomatic...
Continue reading
0 Comments

Privileged Accounts Still Poorly Managed

view counter
image


Despite Continious Warnings, Organizations Fail to Protect Privileged Accounts Privileged accounts are a primary target for both cyber criminals and nation-state adversaries. If they are lost, the castle will fall....
Continue reading
0 Comments

U.S. Government Warns of Weakness in IEEE Encryption Standard

view counter
image


The United States Department of Homeland Security’s US-CERT has issued an alert to warn on cryptographic weaknesses impacting the IEEE P1735 standard, which describes methods for encrypting electronic-design intellectual property...
Continue reading
0 Comments

Estonia Arrests Alleged Russian Agent Plotting Cyber-Crime

view counter
image


Estonia said Tuesday it had arrested a suspected Russian spy allegedly plotting a cyber-crime, in the latest incident to strain relations between the small Baltic state and the Kremlin. The...
Continue reading
0 Comments

Google Patches Critical Bugs in Android

view counter
image


Google on Monday released its November 2017 set of security patches for Android to address 31 vulnerabilities, 9 of which are remote code execution issues rated Critical severity. A total...
Continue reading
0 Comments

Protecting Critical Infrastructure When a Dragonfly Beats its Wings

view counter
image


The Threat of Cyberattacks on Power Networks is Real, But We Have the Ability to Build Defenses That Minimize The Disruption to Services News that a sophisticated and long-established cyber...
Continue reading
0 Comments

Proofpoint to Acquire Messaging Security Firm Cloudmark for $110 Million

view counter
image


Cybersecurity firm Proofpoint on Tuesday announced that it has agreed to acquire messaging security firm Cloudmark for $110 million in cash. Best known for its spam blocking technology, Cloudmark provides spam...
Continue reading
0 Comments