Oracle WebLogic Server Flaw Exploited to Deliver Crypto-Miners

Threat actors are exploiting a recently patched vulnerability in Oracle WebLogic Server to infect systems with crypto-currency mining malware, FireEye reports.  Identified as CVE-2017-10271, the vulnerability resides in the WebLogic...
Continue reading
0 Comments

U.S. Government Contractors Score Poorly on Cyber Risk Tests

Report Analyzes Cyber Risk of Federal Supply Chain  Attacks against the supply chain are not uncommon. It represents the soft underbelly of large organizations that are otherwise well defended. The...
Continue reading
0 Comments

U.S. Energy Department Announces Office for Cyber, Energy Security

U.S. Department of Energy launches Office of Cybersecurity, Energy Security, and Emergency Response
The U.S. Department of Energy announced this week that it’s creating a new Office of Cybersecurity, Energy Security, and Emergency Response (CESER). The new office will be led by an...
Continue reading
0 Comments

BGP Flaws Patched in Quagga Routing Software

Several vulnerabilities that could lead to denial-of-service (DoS), information disclosure, and remote code execution have been patched this week in the Quagga routing software suite. Quagga implements the Open Shortest...
Continue reading
0 Comments

How IoT Affects the CISO's Job

How IoT Affects the CISO's Job John Pescatore of SANS Institute on Keeping Devices Secure) • February 14, 2018     10 Minutes    As internet of things devices become increasingly...
Continue reading
0 Comments

Australia Launches Real-Time 'New Payments Platform'

Australia Launches Real-Time 'New Payments Platform'
image
image
image
Fraud , Fraud Management , Fraud Risk Management Payments Are Speedy But Irreversible; Will Fraud Rise?( jeremy_kirk ) • February 14, 2018    Australia's New Payments Platform lets consumers use...
Continue reading
0 Comments

Russia Will Meddle in US Midterm Elections, Spy Chief Warns

Russia Will Meddle in US Midterm Elections, Spy Chief Warns
image
Breach Response , Cybercrime , Cyberwarfare / Nation-state attacks White House Inaction Questioned by Some Lawmakers( euroinfosec ) • February 14, 2018    Director of National Intelligence Dan Coats testifying...
Continue reading
0 Comments

Cryptocurrency Miners: How to Shield Browsers From Bad Guys

Cryptocurrency Miners: How to Shield Browsers From Bad Guys
image
Anti-Malware , Data Breach , Technology Browsealoud Subversion Points to Larger Trust Issues With Third-Party Code( jeremy_kirk ) • February 15, 2018    Accessibility plug-in Browsealoud was recently hacked, making...
Continue reading
0 Comments

Criminals Hide 'Billions' in Cryptocurrency, Europol Warns

Criminals Hide 'Billions' in Cryptocurrency, Europol Warns
image
Cybercrime , Cybercrime as-a-service , Fraud Police Want More Help From Cryptocurrency Exchanges During Major Investigations( euroinfosec ) • February 15, 2018     The value of a bitcoin has...
Continue reading
0 Comments

U.S., Canada, Australia Attribute NotPetya Attack to Russia

The United States, Canada, Australia and New Zealand have joined the United Kingdom in officially blaming Russia for the destructive NotPetya attack launched last summer. Moscow has denied the accusations....
Continue reading
0 Comments

Russian Hackers Sent to U.S. Prison for Stealing 160 Million Bank Card Numbers

A United States Judge this week sent two Russian nationals to prison for their involvement in a hacking scheme that compromised roughly 160 million credit card numbers and incurred losses...
Continue reading
0 Comments

Dispel Launches Election Security Platform

Dispel, a U.S.-based company that specializes in secure communication and collaboration systems, on Thursday announced the launch of a new product designed to help protect elections against malicious cyber actors....
Continue reading
0 Comments

Financial Regulator's Algorithm Compliance Concerns Are Relevant to All Businesses

The UK's financial regulator, the Financial Conduct Authority (FCA), issued a report Monday warning financial companies that it would be looking closely at so-called 'algo trading': "Algorithmic Trading Compliance in...
Continue reading
0 Comments

'DoubleDoor' IoT Botnet Uses Two Backdoor Exploits

A newly discovered Internet of Things (IoT) botnet is using two exploits to ensure it can not only bypass authentication on targeted devices, but also render additional protections useless, NewSky...
Continue reading
0 Comments

The Starbucks Effect on IT Security

The Starbucks Effect is Pervasive in the IT Industry and Threat Intelligence is Also Affected by That Movement “I’d like a half caff, tall, soy, vanilla cappuccino, extra hot.” We’ve...
Continue reading
0 Comments

Over $100,000 Paid Out in 'Hack the Air Force 2.0'

Hack the Air Force 2.0
HackerOne on Thursday announced the results of a bug bounty challenge run by the U.S. Air Force on its platform. More than $100,000 were paid out for over 100 vulnerabilities...
Continue reading
0 Comments

To Get the Most from Your Multicloud Environment, Know Thyself

With the Right Team Working Together You Can Address the Security, Privacy, and Compliance Challenges of Multicloud  We can all remember a time, not that long ago, when the cloud...
Continue reading
0 Comments

Researchers Warn Against Knee-Jerk Attribution of 'Olympic Destroyer' Attack

Cyber Attack Attribution
Attribution has become a buzzword in malware analysis. It is very difficult to achieve -- but is necessary in a world that is effectively engaged in the early stages of...
Continue reading
0 Comments

Intel Offers $250,000 for Side-Channel Exploits

Intel Opens Bug Bounty Program to All Researchers, Offers up to $250,000 for Flaws Similar to Meltdown and Spectre Intel on Wednesday announced major changes to its bug bounty program,...
Continue reading
0 Comments

U.K. Officially Blames Russia for NotPetya Attack

The United Kingdom on Thursday officially accused the Russian government of launching the destructive NotPetya attack, which had a significant financial impact on several major companies. British Foreign Office Minister...
Continue reading
0 Comments