Month: September 2017

Cybercrime Costs Each Business $11.7M Per Year

Read full post The most expensive attacks are malware infections, which cost global businesses $2.4 million per incident.

/ September 26, 2017

Chevron’s Jump to the Cloud is a Journey

Read full post Enterprises entertaining a move to the cloud should brace themselves for a challenging path of discovery.

/ September 26, 2017

How Security Metrics Fail Us & How We Fail Them

Read full post Joseph Carson of Thycotic discusses how infosec professionals buy security products they don’t need and make other bad decisions, because of poor use of metrics.

/ September 26, 2017

What’s at risk from nRansom? Your memories of Thomas the Tank Engine

Read full post You’ll never guess the code. OK, you will guess the code.

/ September 26, 2017

SEC Attackers Had Authentic Data Used in Business Tests: Reuters

Read full post Sources say the hackers behind last year’s SEC breach accessed financial data used by companies testing its EDGAR filing system.

/ September 26, 2017

Why Your Business Must Care about Privacy

Read full post It might not have something to hide, but it definitely has something to protect.

/ September 26, 2017

Equifax CEO Retires in Wake of Breach

Read full post After the company’s CIO and CSO resigned Sep. 14, Chairman and CEO Richard F. Smith follows them out the door.

/ September 26, 2017

FBI’s Freese Shares Risk Management Tips

Read full post Deputy Assistant Director Donald Freese advises enterprises to lead with a business case and not fear addressing the C-suite on risk management.

/ September 26, 2017

WordPress 4.8.2 is out, update your website now

Read full post The first rule of running WordPress is always use the latest version

/ September 26, 2017

Equifax chief executive steps down after massive data breach

Read full post The former chief executive made over $4 million in salary last year.

/ September 26, 2017

Mobile stock trading apps ignore critical flaw warnings

Read full post IOActive discovered vulnerabilities in today’s 21 most popular trading apps — but the vendors couldn’t care less.

/ September 26, 2017

Another thug learns that SWATting Brian Krebs is a bad idea

Read full post Things have not gone well for Krebs’ tormentors

/ September 26, 2017

Suspected mass-spoofing of ships’ GPS in the Black Sea

Read full post One ship’s navigation system reported that it was actually on land

/ September 26, 2017

Dirty Cow vulnerability discovered in Android malware campaign for the first time

Read full post The bug has been found in malware designed to root and install backdoors into Android handsets.

/ September 26, 2017

After DHS Notice, 21 States Reveal They Were Targeted During Election

Read full post Election officials in swing states Florida, Ohio, and Pennsylvania among those who report Russian state-sponsored attackers targeted their systems.

/ September 25, 2017

Microsoft Builds Automation into Windows Defender ATP

Read full post Automation can help manage and respond to alert overflow, but will come with its own specific set of challenges.

/ September 25, 2017

Breach at Deloitte Exposes Emails, Client Data

Read full post Intrusion may have resulted from company’s failure to properly secure a key administrator account.

/ September 25, 2017

Privacy Shield Framework Gains Popularity in EU, US: Report

Read full post The IAPP-EY Privacy Governance Survey shows marked interest in the Privacy Shield framework to transfer personal data.

/ September 25, 2017

The software flaw that could beam out passwords by DNS

Read full post iTerm2 was trying to be helpful.

/ September 25, 2017

News in brief: New IoT grief; Old patch lessons; Older voting tech

Read full post Your daily round-up of some of the other stories in the news

/ September 25, 2017

Ex-NSA hacker drops macOS High Sierra zero-day hours before launch

Read full post The vulnerability lets an attacker steal the contents of a Keychain — without needing a password.

/ September 25, 2017

Joomla 3.8 fixes serious LDAP authentication issue, update now

Read full post The bug allows the extraction of an affected site’s credentials “in seconds”

/ September 25, 2017

Deloitte confirms hack exposed email system

Read full post It’s said that a lack of two-factor authentication on an administrator’s account failed to keep attackers out.

/ September 25, 2017

Thoughts from Webroot’s new President & CEO, Mike Potts

Read full post I’m delighted to join the Webroot team officially today as CEO. We helped define the cybersecurity field in our first 20 years, but I believe our best days are ahead. With this introductory post, I thought I’d...

/ September 25, 2017

PassGAN: Password Cracking Using Machine Learning

Read full post Researchers demo how deep neural networks can be trained to generate passwords better than the best password-cracking tools.

/ September 25, 2017

Bankbot trojan returns to Google Play with new tricks

Read full post The Android banking trojan that we first informed about in the beginning of this year has found its way to Google Play again and contains new tricks designed to get access to the private banking information of...

/ September 25, 2017

No, Facebook spies aren’t secretly “following me”, it’s a hoax

Read full post Typing “Facebook security” into your block list won’t reveal their names

/ September 25, 2017

Monday review – Adobe botches, Apache bleeds and Equifax blunders

Read full post From Apache bleeding to Equifax shooting itself in the foot. Again.

/ September 25, 2017

Security’s #1 Problem: Economic Incentives

Read full post The industry rewards cutting corners rather than making software safe. Case in point: the Equifax breach.

/ September 25, 2017

Security and privacy on the new iOS 11

Read full post These new security measures will undoubtedly not only impact the security of data stored on a phone that has been lost or stolen, but could also complicate the progress of criminal investigations requiring the forensic analysis of...

/ September 25, 2017

Adobe accidentally releases private PGP key

Read full post The firm’s security team failed in a spectacular fashion.

/ September 25, 2017

Spammed-out emails threaten websites with DDoS attack on September 30th

Read full post Websites are being told that they have until September 30th to pay extortionists $720 worth of Bitcoin, or else suffer a distributed denial-of-service (DDoS) attack. The post Spammed-out emails threaten websites with DDoS attack on September 30th...

/ September 25, 2017

Adobe security team posts public key – together with private key

Read full post If you generate an encryption keypair and you get a public key and a private key, which one do you think you should keep to yourself?

/ September 22, 2017

Tracking phones without a warrant ruled unconstitutional

Read full post ‘Stingray use without a warrant violates 4th Amendment’

/ September 22, 2017

Cryptomining or online ads – which one floats your boat? [VIDEO]

Read full post Is cryptomining in the background better than ads in the foreground as a way of earning money to “pay” for free sites?

/ September 22, 2017

News in brief: DDoS threat spam; Army logic bomber; Viacom leak

Read full post Your daily round-up of some of the other stories in the news

/ September 22, 2017

1.4 Million New Phishing Sites Launched Each Month

Read full post The number of phishing attacks reach a record rate in 2017, but the majority of the phishing sites remain active for just four- to eight hours.

/ September 22, 2017

New Verizon leak exposed confidential data on internal systems

Read full post Dozens of documents reveal detailed maps and configurations of internal Verizon servers.

/ September 22, 2017

Using infrared cameras to break out of air-gapped networks

Read full post Invisible data exfiltration from isolated networks

/ September 22, 2017

Americans Rank Criminal Hacking as Their Number One Threat

Read full post Global warming and artificial intelligence rate as less of a threat to human health, safety, and prosperity, than getting hacked, according to a survey released today.

/ September 22, 2017