Month: June 2017

RAT Vulnerabilities Turn Hackers into Victims

Read full post A small number of Remote Administration Tools have vulnerabilities which can enable attack targets to turn the tables on threat actors.

/ June 23, 2017

Talking Cyber-Risk with Executives

Read full post Explaining risk can be difficult since CISOs and execs don’t speak the same language. The key is to tailor your message for the audience.

/ June 23, 2017

Threat Intelligence Sharing: The New Normal?

Read full post The spirit of cooperation seems to be taking hold as demonstrated by the growing number of thriving services and organizations whose sole purpose is to analyze specific threats against specific communities.

/ June 23, 2017

Russia ‘targeted 21 states’ during US election campaign, says official

Read full post Homeland Security official declines to reveal more to Senate hearing as details emerge of hacking attempts in Illinois and Arizona

/ June 23, 2017

8 Hot Hacking Tools to Come out of Black Hat USA

Read full post High-impact tools for white hats that will be revealed and released next month at Black Hat USA in Las Vegas.

/ June 23, 2017

Millennials: Meet the next generation of cybersecurity

Read full post As baby boomers retire and the employment gap in cybersecurity is plugged by generation x, we look at how millennials are set to shape the industry. The post Millennials: Meet the next generation of cybersecurity appeared first...

/ June 23, 2017

Cyber News Rundown: Edition 6/23/17

Read full post The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions?...

/ June 23, 2017

Microsoft says ‘no known ransomware’ runs on Windows 10 S — so we tried to hack it

Read full post We enlisted a leading security researcher to test if Microsoft’s newest, locked down version of Windows 10 is protected against all “known” kinds of ransomware, as the company claims.

/ June 23, 2017

Ransomware revisited – is it really the worst sort of malware? [Security SOS Week]

Read full post Join us for the last webinar in our Security SOS Week – we take a look at ransomware… and all the other malware nasties that roam the net.

/ June 23, 2017

Dating app boss sees ‘no problem’ on face-matching without consent

Read full post ‘When you have a bunch of single guys in the office, it goes in that direction’, says Dating.AI founder as he dismisses concerns about scraping other dating apps for faces for users to match

/ June 23, 2017

Two British men arrested over Microsoft hacking plot

Read full post The duo has tried, time and time again, to break into Microsoft’s systems to steal customer data.

/ June 23, 2017

‘GhostHook’ Foils Windows 10 64-bit’s Kernel Protection

Read full post Microsoft says an attacker needs kernel-level access before they can use the ‘GhostHook’ technique to install a rootkit.

/ June 22, 2017

Nuclear Plants, Hospitals at Risk of Hacked Radiation Monitoring Devices

Read full post Security researcher discovers major security flaws that can’t be patched or fixed.

/ June 22, 2017

Two Arrested for Microsoft Network Intrusion

Read full post UK authorities arrest two men for allegedly breaking into Microsoft’s network with the intent to steal customer data from the software giant.

/ June 22, 2017

Most General Counsels Fret over Data Security

Read full post An overwhelming percentage of in-house attorneys say cyberattacks and the impact on their business keeps them up at night, a recent survey shows.

/ June 22, 2017

Cloud Security Lessons from the Voter Data Leak

Read full post A poorly configured Amazon S3 bucket that led to a massive data leak could easily happen to any organization not adopting proper cloud security measures.

/ June 22, 2017

Cloud Security Lessons from the RNC Leak

Read full post A poorly configured Amazon S3 bucket that led to a massive data leak could easily happen to any organization not adopting proper cloud security measures.

/ June 22, 2017

KPMG: Cybersecurity Has Reached a ‘Tipping Point’ from Tech to CEO Business Issue

Read full post Still, a majority of US-based chief execs say they will be maintaining and not investing in security technology over the next three years, a recent study shows.

/ June 22, 2017

News in brief: AI comes to Mars; WannaCry hits speed cameras; Edge bounty program extended

Read full post Your daily round-up of some of the other stories in the news

/ June 22, 2017

What does looking under the hood of your browser reveal about you?

Read full post Looking closely at the tracking that’s done while you browse can be very unnerving – but does that mean you should give up using the web?

/ June 22, 2017

Phishing campaign spoofs online auto brand, exposes stolen passwords

Read full post It’s bad enough to be caught by an SMS phishing scam – but when the bad guys expose your stolen account details to the world, that really rubs salt into the wound

/ June 22, 2017

WannaCry? You’re Not Alone: The 5 Stages of Security Grief

Read full post As breach after breach hits the news, security professionals cope with the classic experiences of denial, anger, bargaining, depression and acceptance.

/ June 22, 2017

Birthday Reminder looks benign but the devil’s in the details: Hooks DNS, serves dodgy ads

Read full post The strange behavior of a simple Windows application caught our attention and sparked the analysis by ESET of a previously undocumented malware. The post Birthday Reminder looks benign but the devil’s in the details: Hooks DNS, serves...

/ June 22, 2017

NSA’s use of ‘traffic shaping’ allows unrestrained spying on Americans

Read full post By using a “traffic shaping” technique, the National Security Agency sidestep legal restrictions imposed by lawmakers and the surveillance courts.

/ June 22, 2017

Microsoft claims Fireball malware enterprise threat ‘overblown’

Read full post Microsoft has cast doubt on Check Point’s claims that Fireball has a hold in one in five corporate networks.

/ June 22, 2017

Coming soon (maybe) to toyshops – AI doll that can read kids’ emotions

Read full post Researchers have built a doll with an AI chip and a camera that can interpret a child’s emotions. What could possibly go wrong?

/ June 22, 2017

Botnets – malware that makes you part of the problem [Security SOS Week]

Read full post Still time to register for today’s live Security SOS podcast featuring the not-to-be-missed Fraser Howard, one of the world’s top malware researchers.

/ June 22, 2017

Deep Root: what can we learn from the GOP’s data leak?

Read full post Nearly 200m voters’ personal details were exposed when a contractor failed to secure the GOP’s data in the cloud – and there are lessons for us all in this

/ June 22, 2017

OpenVPN taken to task after audit ignores remote code execution flaws

Read full post Serious security bugs have been exposed, some of which can lead to remote code execution.

/ June 22, 2017

Symantec patches Messaging Gateway remote code execution bugs

Read full post The three vulnerabilities allow attackers to disarm the platform and execute code.

/ June 22, 2017

‘Stack Clash’ Smashed Security Fix in Linux

Read full post Linux, OpenBSD, Free BSD, Solaris security updates available to thwart newly discovered attack by researchers.

/ June 21, 2017

WannaCry Forces Honda to Take Production Plant Offline

Read full post Work on over 1,000 vehicles affected at automaker’s Sayama plant in Japan while systems were restored.

/ June 21, 2017

News in brief: WannaCry knocks out Honda plant; Skype hit by global outage; NSA shares tools on GitHub

Read full post Your daily round-up of some of the other stories in the news

/ June 21, 2017

Russian Hackers Focused on Election Systems in 21 States

Read full post A Department of Homeland Security official testified today that hackers tied to the Russian government attempted to infiltrate election systems in nearly two dozen states.

/ June 21, 2017

Commercial spyware unleashed against Mexican political activists

Read full post The software company says it vets governments’ human rights records before selling its software that’s allegedly being used to spy on lawyers, journalists and activists

/ June 21, 2017

GDPR: how to avoid the data protection cowboys

Read full post As we keep reminding you, GDPR is now less than a year away. Here are our tips to help you pick the right person to help you get ready for it

/ June 21, 2017

Consumer Businesses Have False Confidence in their Security: Deloitte

Read full post Consumer business executives are confident in their ability to respond to cyberattacks but fail to document and test response plans.

/ June 21, 2017

Security experts warn lawmakers of election hacking risks

Read full post The hundred-plus security experts say many US states are “inadequately prepared” to deal with the rising cybersecurity risks of state and federal elections.

/ June 21, 2017

New malware uses old trick – and is a reminder to disable UPnP

Read full post Hijacking UPnP is rare, but it’s a straightforward trick that will be copied soon enough

/ June 21, 2017

The Folly of Vulnerability & Patch Management for ICS Networks

Read full post Yes, such efforts matter. But depending on them can give a false sense of security.

/ June 21, 2017