Month: December 2017

‘Starwars’ Debuts on List of Worst Passwords of 2017

Read full post Many of the old standbys made this year’s list of the 25 stolen – and weakest – passwords found dumped online.

/ December 19, 2017

Why we should fight for Net Neutrality

Read full post Granting ISPs the right to shape traffic, allowing for some traffic to be prioritized due to a commercial agreement, may have a negative effect on the outcome of using the service for both the consumer and the...

/ December 19, 2017

Microsoft Word slams the door on DDEAUTO malware attacks

Read full post Remember how Microsoft said that DDEAUTO was a “feature”, not a vulnerability? Well, it just changed its mind – for Word, at least.

/ December 18, 2017

Telegram RAT Escapes Detection via Cloud Apps

Read full post Netskope discovers a new RAT using Dropbox for its payload host and Telegram Messenger for command and control.

/ December 18, 2017

Kaspersky Lab Files Lawsuit Over DHS Ban of its Products

Read full post Security firm petitions US District Court to rescind decision to prohibit its products on US federal government systems.

/ December 18, 2017

Businesses Fail in Risk Modeling and Management: Report

Read full post Businesses struggle to quantify and manage risk, leading to wasted resources and oversight of major problems.

/ December 18, 2017

Cryptocoins robbed at gunpoint

Read full post As if volatility, hacked exchanges and currency freezes weren’t enough

/ December 18, 2017

US Government Pays $10,650 Bug Bounty in ‘Hack the Air Force’ Event

Read full post The bounty, split between two researchers, is the largest single reward by any government bug bounty program to date.

/ December 18, 2017

Top 8 Cybersecurity Skills IT Pros Need in 2018

Read full post Cloud security architecture skills to customer-service savvy are among the key IT security skills needed next year as CIOs ramp up hiring.

/ December 18, 2017

DOJ confirms Uber is under criminal investigation

Read full post The plot of the Waymo vs Uber fight over stolen self-driving technology is getting thicker and thicker

/ December 18, 2017

Adventures in cybersecurity research: risk, cultural theory, and the white male effect

Read full post Again and again we have seen security breaches occur because people did not heed advice that we and other people with expertise in security have been disseminating for years, advice about secure system design, secure system operation,...

/ December 18, 2017

Watch out – fake support scams are alive and well this Christmas

Read full post Fake support scams – where the crooks help you “remove” malware you don’t have – are still a real problem. Take care over the holidays!

/ December 18, 2017

News agencies demand Facebook and Google pay for their stories

Read full post Internet giants are being called out for making billions off news, while the news agencies that produce it are withering on the vine

/ December 18, 2017

Advanced Deception: How It Works & Why Attackers Hate It

Read full post While cyberattacks continue to grow, deception-based technology is providing accurate and scalable detection and response to in-network threats.

/ December 18, 2017

Monday review – the hot 23 stories of the week

Read full post From Mailsploit to the end of net neutrality, get up to date with everything we’ve written in the last seven days

/ December 18, 2017

UK firms ‘stockpile’ Bitcoin to pay off ransomware hackers

Read full post Ransomware attacks can cripple a business, leading to a rather sad trend in the industry.

/ December 18, 2017

19 M California Voter Records Held for Ransom in MongoDB Attack

Read full post The records were first exposed in an unsecured MongoDB database, continuing a cyber-extortion trend.

/ December 15, 2017

Lazarus Group Targets Bitcoin Company

Read full post The cybercrime group blamed for attacks on the SWIFT financial network launches a spearphishing campaign to steal employee credentials at a London cryptocurrency company.

/ December 15, 2017

Simple research tool detects 19 unknown data breaches

Read full post A security insight so simple you wonder why nobody has noticed it before.

/ December 15, 2017

How MP Nadine Dorries could have shared her passwords securely

Read full post Remember, it isn’t a secret if you tell somebody else.

/ December 15, 2017

Mobile Device Makers Increasingly Embrace Bug Bounty Programs

Read full post Samsung is the latest to join a small group of smartphone makers to cast their net wide on catching vulnerabilities in their devices.

/ December 15, 2017

Is Your Security Workflow Backwards?

Read full post The pace at which information security evolves means organizations must work smarter, not harder. Here’s how to stay ahead of the threats.

/ December 15, 2017

Business Email Compromise scammer sentenced to 41 months in prison

Read full post A US judge has sentenced a Nigerian man to three years and five months in a federal prison after he pleaded guilty to taking part in a business email compromise scam that targeted organisations around the world....

/ December 15, 2017

FCC repeals net neutrality

Read full post What will this mean for the future of the internet?

/ December 15, 2017

To avoid phishing hooks don’t swim with the shoal

Read full post A study found that national culture is the strongest predictor of an individual’s ability to spot deceitful emails.

/ December 15, 2017

UK banks urged to do more to tackle rampant online fraud

Read full post Banks are being urged to step up to the plate and to “work together to tackle this problem head on”, as their response has been found to be disproportionate to the scale of the problem. The post...

/ December 15, 2017

Hackers use Triton malware to shut down plant, industrial systems

Read full post The malware has been designed to target industrial systems and critical infrastructure.

/ December 15, 2017

Cyber News Rundown: Edition 12/15/17

Read full post The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any questions? Just...

/ December 15, 2017

TRITON Attacker Disrupts ICS Operations, While Botching Attempt to Cause Physical Damage

Read full post TRITON malware is discovered after an attack on a safety monitoring system accidentally triggered the shutdown of an industrial process at an undisclosed organization.

/ December 14, 2017

BlueBorne Attack Highlights Flaws in Linux, IoT Security

Read full post Bluetooth vulnerabilities let attackers control devices running Linux or any OS derived from it, putting much of the Internet of Things at risk, including popular consumer products.

/ December 14, 2017

What’s in your Android’s December security update?

Read full post Android has released two security bulletins for December containing mitigations and fixes for 47 vulnerabilities for all devices.

/ December 14, 2017

Starbucks Wi-Fi hijacked customers’ laptops to mine cryptocoins

Read full post A 10-second delay when customers connected to the “free” Wi-Fi was harnessed for secret cryptocoin mining

/ December 14, 2017

Mr. Robot season 3 finale: shutdown -r

Read full post This season’s final instalment of the Mr. Robot security review.

/ December 14, 2017

Why Hackers Are in Such High Demand, and How They’re Affecting Business Culture

Read full post White hat hackers bring value to organizations and help them defend against today’s advanced threats.

/ December 14, 2017

Mirai botnet authors plead guilty

Read full post The authors of the infamous Mirai botnet – used to launch record-breaking Distributed Denial of Service (DDoS) attacks last year that knocked major segments of the internet offline – have pleaded guilty to federal cybercrime charges.

/ December 14, 2017

Is a Good Offense the Best Defense Against Hackers?

Read full post A proposed new law could make it legal for companies to hack back against attacker. But will it work?

/ December 14, 2017

Cybersecurity Trends 2018: The costs of connection

Read full post To help the reader navigate through the maze of such threats, ESET’s thought leaders have zeroed in on several areas that top the priority list in our exercise in looking forward. The post Cybersecurity Trends 2018: The...

/ December 14, 2017

Bitfinex cryptocurrency exchange is back up after repeated DDoS

Read full post It’s been hit by two attacks in just over a week, as well as a third in November. Expect more as currency values continue to skyrocket.

/ December 14, 2017

Connected car security outfit Upstream Security snags $9m in funding

Read full post The company wants to use the cash to expand in the US and Europe.

/ December 14, 2017

2 Million Fake Net Neutrality Comments Stole American Identities

Read full post New York Attorney General Eric Schneiderman updates the investigation into fake content submitted during the net neutrality comment process.

/ December 13, 2017