Month: July 2017

Get Ready for the 2038 ‘Epocholypse’ (and Worse)!

Read full post A leading security researcher predicts a sea of technology changes that will rock our world, including the Internet of Things, cryptocurrency, SSL encryption and national security.

/ July 27, 2017

Virgin America says a hacker broke into its network, forced staff to change passwords

Read full post The attack happened days before the company was to be acquired by Alaska Air.

/ July 27, 2017

News in brief: US indicts Russian BTC-e ‘mastermind’; Blu still phoning home; bug bounty offers $250k

Read full post Your daily round-up of some of the other stories in the news

/ July 27, 2017

Don’t want your SMSs stolen? Don’t download these Android apps

Read full post We’ve found two apps in Google Play that use plugins to help themselves to your text messages

/ July 27, 2017

How to Build a Path Toward Diversity in Information Security

Read full post Hiring women and minorities only addresses half the issue for the IT security industry — the next step is retaining these workers.

/ July 27, 2017

The Right to Be Forgotten & the New Era of Personal Data Rights

Read full post Because of the European Union’s GDPR and other pending legislation, companies must become more transparent in how they protect their customers’ data.

/ July 27, 2017

Independent labs to probe medical devices for security flaws

Read full post Medical devices have been a focus of concern – but a network of independent labs will work with manufacturers and health providers to improve their security health

/ July 27, 2017

Wells Fargo apologizes for spilling trove of data on wealthy clients

Read full post The e-discovery process during litigation is a challenge to make sure that all the data is properly handled and disclosed, as Wells Fargo has learned

/ July 27, 2017

Can Your Risk Assessment Stand Up Under Scrutiny?

Read full post Weak risk assessments have gotten a pass up until now, but that may be changing.

/ July 27, 2017

Can Your Risk Assessment Stand Up Under Scrutiny?

Read full post Weak risk assessments have gotten a pass up until now, but that may be changing.

/ July 27, 2017

Homograph attacks: Don’t believe everything you see

Read full post A homograph attack is what happens when attackers register domains that are similar to the originals, with valid certificates. The post Homograph attacks: Don’t believe everything you see appeared first on WeLiveSecurity

/ July 27, 2017

Downtime from Ransomware More Lethal to Small Businesses Than the Ransom

Read full post New survey of small-to midsized businesses (SMBs) shows half of SMBs infected with malware suffer 25 hours or more of business disruption.

/ July 27, 2017

Start-up accused of undermining popular open-source tools

Read full post San Francisco company Kite ‘wants to do better’ after users object to its changes to Minimap for Atom

/ July 27, 2017

No More Ransom project helps thousands of ransomware victims

Read full post After only a year, the initiative has unlocked thousands of devices, but there is more work to do.

/ July 27, 2017

Russian Bitcoin exchange chief arrested in connection to Mt. Gox ‘hack’

Read full post The Mt. Gox hack which left thousands of investors out of pocket may have connections to Russia.

/ July 27, 2017

Wait, this email isn’t for me – what’s it doing in my inbox?

Read full post Emails can contain confidential information and are often sent to the wrong person, yet many businesses don’t even bother to verify addresses when you sign up with them. What can be done?

/ July 27, 2017

Black Hat 2017 industrial hacking – The song remains the same

Read full post If industry frameworks are to inform and secure the critical infrastructure writ large, here at Black Hat there a lot of people punching holes in them, and in simple ways. The post Black Hat 2017 industrial hacking...

/ July 27, 2017

Black Hat 2017 – Non-standard hacking platforms reign supreme

Read full post This year at Black Hat, tiny automated hacking platforms are everywhere, loaded with tasty purpose-built tools that can be used to break into your systems. The post Black Hat 2017 – Non-standard hacking platforms reign supreme appeared...

/ July 27, 2017

How Attackers Use Machine Learning to Predict BEC Success

Read full post Researchers show how scammers defeat other machines, increase their success rate, and get more money from their targets.

/ July 26, 2017

Adobe’s Move to Kill Flash Is Good for Security

Read full post In recent years, Flash became one of the buggiest widely used apps out there.

/ July 26, 2017

FBI Talks Avalanche Botnet Takedown

Read full post FBI unit chief Tom Grasso explains the takedown of Avalanche and how the agency approaches botnet infrastructures.

/ July 26, 2017

Hacking the Wind

Read full post A security researcher at Black Hat USA shows how wind turbine systems are susceptible to potentially damaging cyberattacks.

/ July 26, 2017

The Wild West of Security Post-Secondary Education

Read full post Black Hat researchers will show how inconsistent security schooling is at the university level.

/ July 26, 2017

Garbage in, garbage out: a cautionary tale about machine learning

Read full post Security based on machine learning is only as great as the data it feeds on, as Sophos data scientist Hillary Sanders explains at Black Hat 2017

/ July 26, 2017

Security flaw in 3G, 4G LTE networks lets hackers track phone locations

Read full post The researchers say “very little” can be done to prevent stingray-style surveillance attacks.

/ July 26, 2017

Facebook Offers $1 Million for New Security Defenses

Read full post The social media giant has increased the size of its Internet Defense Prize program in order to spur more research into ways to defend users against the more prevalent and common methods of attack.

/ July 26, 2017

Where are the holes in machine learning – and can we fix them?

Read full post Machine learning algorithms are increasingly a target for the bad guys – but the industry is working to stop them, explains Sophos chief data scientist Joshua Saxe

/ July 26, 2017

Philadelphia RaaS: our map of how it works (and how to prevent it)

Read full post At $400, the Philadelphia ransomware kit isn’t cheap – but crooks buying it will get a lot of bang for their buck, as we’ve discovered from digging in to how it works

/ July 26, 2017

Majority of Consumers Believe IoT Needs Security Built In

Read full post Respondents to a global survey say Internet of Things security is a shared responsibility between consumers and manufacturers.

/ July 26, 2017

10 Critical Steps to Create a Culture of Cybersecurity

Read full post Businesses are more vulnerable than they need to be. Here’s what you should do about it.

/ July 26, 2017

Privacy dust-up as Roomba maker mulls selling maps of users’ homes

Read full post Roomba maker iRobot is quick to reassure that it’ll all be opt-in, but it already sweeps up a lot of data

/ July 26, 2017

Is it safe to store corporate information on Google Drive (or similar services)?

Read full post When it comes to protecting corporate information, some doubt whether or not the cloud is the best option. We look at all the security services available. The post Is it safe to store corporate information on Google...

/ July 26, 2017

WikiLeaks drops another cache of ‘Vault7’ stolen tools

Read full post Latest dump is a trove of malware from Raytheon used for surveillance and data collection

/ July 26, 2017

Illegal Kodi plugins may compromise your personal security

Read full post Certain third-party add-ons used to find pirated material may no longer be trustworthy.

/ July 26, 2017

Chips with everything – are you ready to be bio-hacked?

Read full post News that a US company is ‘bio-hacking’ its employees with RFID chips is a publicity stunt – but it does raise issues of security and ethics

/ July 26, 2017

Black Hat: Hacking the physical world

Read full post Cameron Camp, in attendance at this year’s Black Hat in Las Vegas, takes a closer look at attacks against physical infrastructure. The post Black Hat: Hacking the physical world appeared first on WeLiveSecurity

/ July 26, 2017

Iranian Cyber Espionage Group CopyKittens Successful, But Not Skilled

Read full post Despite being only moderately skilled, CopyKittens has exfiltrated large volumes of data since at least 2013.

/ July 25, 2017

Iranian Cyber Espionage Group CopyKittens Are Successful, But Not Skilled

Read full post Despite being only moderately skilled, CopyKittens has exfiltrated large volumes of data since at least 2013.

/ July 25, 2017

How ‘Postcript’ Exploits Networked Printers

Read full post At Black Hat 2017, a university researcher will demo how attackers can drill into networked printers by way of the ubiquitous PostScript programming language.

/ July 25, 2017

Black Hat speaker denied entry to US in another needless hit to security research

Read full post One security researcher was set to give a Black Hat talk in Las Vegas.

/ July 25, 2017