Month: March 2017

Cloud Security: New Research Says IT Pros Still Skittish

Read full post Respondents complain in two studies that traditional security tools don’t work in the cloud, and can’t deliver visibility across multiple cloud environments.

/ March 29, 2017

Lawmakers scathing over FBI’s facial recognition database

Read full post Around half of all Americans are in the FBI’s database, and most don’t have any criminal history at all

/ March 29, 2017

Russian hacker pleads guilty in global botnet case

Read full post The Russian man was one of the masterminds behind a get-rich-quick botnet scheme.

/ March 29, 2017

Should Trump Tackle Air-Gapped Critical Infrastructure?

Read full post MIT experts issue recommendations to the president, urging him to take elements of the electric grid and gas pipeline offline – but other security experts say that ship has sailed.

/ March 28, 2017

Macs and iPhones patched – including 23 kernel-level holes

Read full post Yes, we always say, “Patch early, patch often.” But this time, patch even earlier!

/ March 28, 2017

Congress just obliterated Obama-era rules preventing ISPs from selling your browsing history

Read full post The rules, which were set to go into effect but were blocked by a Republican-controlled FCC chairman, were ruled on in Congress, nuking them from ever going into effect.

/ March 28, 2017

Commercial IoT: Big Trouble in Small Devices

Read full post There are endless scenarios where hackers could wreak havoc on the industrial Internet of Things. There’s also a readily available solution called ‘HIP.’

/ March 28, 2017

News in brief: Hong Kong voters’ data lost; Rudd faces pushback; Google Home lands in Britain

Read full post Your daily round-up of some of the other stories in the news

/ March 28, 2017

1.4 Billion Data Records Exposed in 2016 Breaches

Read full post The number of data records breached soared in 2016 over the previous year, with the technology sector facing the brunt of the attacks.

/ March 28, 2017

Man loses appeal over Facebook threat to kill Obama

Read full post The lesson from this failed appeal is that threats on social media will be taken very seriously by the authorities – so be careful when blowing off steam

/ March 28, 2017

eBay to ‘downgrade’ verification by switching to SMS

Read full post If you’ve got a hardware fob for eBay verification, it will still work for now, but be prepared to switch to another method for 2FA

/ March 28, 2017

Exploit Kits: Winter 2017 Review

Read full post We take another look at the current EK scene by going over RIG, Sundown, Neutrino and Magnitude.

/ March 28, 2017

How Identity Deception Increases the Success of Ransomware

Read full post As scammers hone their skills, their handiwork looks more credible to intended victims, making a successful ransomware scam more likely.

/ March 28, 2017

MIT: US cyber insecurity a ‘disgrace’ that Trump needs to take seriously

Read full post MIT says that unless cybersecurity becomes a priority and more than just lip service, US core services will be at risk.

/ March 28, 2017

Ransomware: a Modern Threat to Public Safety

Read full post Ransomware authors are pivoting their attacks from individuals to government entities and health care institutions, causing a threat to public safety. Traditionally, crypto ransomware targeted individuals and encrypted their personal data and files as a form of...

/ March 28, 2017

Jail Time Set for Two More Members of Global Telecom Fraud Scheme

Read full post Ramon Batista and Farintong Calderon have been sentenced to 75 months and 36 months in prison, respectively.

/ March 28, 2017

‘Siri, please dial 999 and save Mummy’s life’

Read full post Four-year-old boy used his unconscious mother’s thumb to unlock her iPhone and call the emergency services

/ March 28, 2017

Two Israeli Youths May Be Charged for vDOS Operation

Read full post Israeli authorities prepare to accuse two 18-year-olds for the online attack service, which caused $1.65 million in losses.

/ March 28, 2017

India extends ‘Orwellian’ ID card scheme as critics warn of risks

Read full post ‘Voluntary’ ID scheme soon to be mandatory for a huge range of everyday activities, from buying a train ticket online to getting a new Sim card

/ March 28, 2017

Apple iCloud hack threat gets worse: Here’s what we’ve learned

Read full post Hackers are threatening to remotely wipe an unknown number of iPhones, iPads, and Macs unless Apple pays a ransom. The picture is becoming clearer. This is what you need to know.

/ March 28, 2017

Close to 1.4 billion data records compromised in 2016

Read full post Over a billion data records were compromised globally in 2016, according to Gemalto’s latest Breach Level Index. The post Close to 1.4 billion data records compromised in 2016 appeared first on WeLiveSecurity

/ March 28, 2017

Here’s why what the government wants with WhatsApp won’t work

Read full post After last week’s attack in London, the home secretary called on television for cryptographic regression – but that won’t deliver what she wants

/ March 28, 2017

Adware rewrites phone details for legitimate security software on Google search

Read full post You might not know you have it, but Crusader will manipulate your search results to push tech support scams.

/ March 28, 2017

Ransom scam exploits Apple iOS Safari flaw to target porn viewers

Read full post The scareware campaign duped victims into paying a ransom.

/ March 28, 2017

Hacking the Business Email Compromise

Read full post BEC attacks are on the rise, but plain-old spoofing of business executives’ email accounts remains more prevalent.

/ March 27, 2017

FBI: Attackers Targeting Anonymous FTP Servers in Healthcare

Read full post The FBI warns medical and dental organizations of cybercriminals targeting anonymous FTP servers to steal personal health data.

/ March 27, 2017

News in brief: Facebook rolls out location-sharing; Uber pulls tests after crash; NASA thanks schoolboy

Read full post Your daily round-up of some of the other stories in the news

/ March 27, 2017

Politicians call – again – for backdoors into encrypted messages

Read full post The internet depends on encryption – and Amber Rudd is unwittingly calling for a hole to be kicked in security itself

/ March 27, 2017

Symantec Seeks to Quell CA Customer Concerns over Google Warning

Read full post Exec at Symantec spells out what company will do if Google follows through on its proposed plans to degrade trust in Symantec certs.

/ March 27, 2017

This Week On Dark Reading: Event Calendar

Read full post Ransomware remediation and recovery this week, with clouds on the horizon.

/ March 27, 2017

US to make social media checks compulsory for some visas

Read full post Officials warn of a ‘labor-intensive’ extension will create logistical and administrative hurdles

/ March 27, 2017

Data Visualization: Keeping an Eye on Security

Read full post Visualization can be one of the most powerful approaches a security team can use to make sense of vast quantities of data. So why does it end up as an afterthought?

/ March 27, 2017

LastPass steps up quickly to fix vulnerabilities spotted by researchers

Read full post LastPass’s response to being alerted to security flaws in its products is an example of the right attitude to fixing problems

/ March 27, 2017

40% of Discarded Digital Devices Contain Personal Data

Read full post NAID study of 250 devices in resale markets found tablets contained the most recoverable personal information.

/ March 27, 2017

Man indicted for sending seizure-causing GIF as a ‘deadly weapon’

Read full post Journalist suffered eight-minute epileptic seizure after viewing a strobing GIF

/ March 27, 2017

How to configure WinDbg for kernel debugging

Read full post In this post, Matías Porolli looks at how to configure an environment with WinDbg and virtual machines in order to debug drivers or code running in Windows kernel space. The post How to configure WinDbg for kernel...

/ March 27, 2017

DoubleAgent ‘vulnerability’ – just how bad is it?

Read full post The saga of DoubleAgent is, among other things, a good reminder that ordinary users shouldn’t have admin privileges

/ March 27, 2017

Cybercriminals Exploit March Madness Frenzy

Read full post Users are clicking on dubious links to stream matches and exposing confidential data to hackers, says Zscaler.

/ March 27, 2017

Security awareness relies on balance of technical, human-behavior skill sets

Read full post On one side sits a technical security practitioner. On the other sits a person with advanced skills in changing behaviors and community engagement. Which creates successful security awareness?

/ March 27, 2017

Monday review – the hot 29 stories of the week

Read full post From Emma Watson in Celebgate 2.0 and how your Mac is not malware proof to the even deadlier USB Killer version 3, and much more!

/ March 27, 2017