All posts by patrickdigitalmedia

Adobe security team posts public key – together with private key

Read full post If you generate an encryption keypair and you get a public key and a private key, which one do you think you should keep to yourself?

/ September 22, 2017

Tracking phones without a warrant ruled unconstitutional

Read full post ‘Stingray use without a warrant violates 4th Amendment’

/ September 22, 2017

Cryptomining or online ads – which one floats your boat? [VIDEO]

Read full post Is cryptomining in the background better than ads in the foreground as a way of earning money to “pay” for free sites?

/ September 22, 2017

News in brief: DDoS threat spam; Army logic bomber; Viacom leak

Read full post Your daily round-up of some of the other stories in the news

/ September 22, 2017

1.4 Million New Phishing Sites Launched Each Month

Read full post The number of phishing attacks reach a record rate in 2017, but the majority of the phishing sites remain active for just four- to eight hours.

/ September 22, 2017

New Verizon leak exposed confidential data on internal systems

Read full post Dozens of documents reveal detailed maps and configurations of internal Verizon servers.

/ September 22, 2017

Using infrared cameras to break out of air-gapped networks

Read full post Invisible data exfiltration from isolated networks

/ September 22, 2017

Americans Rank Criminal Hacking as Their Number One Threat

Read full post Global warming and artificial intelligence rate as less of a threat to human health, safety, and prosperity, than getting hacked, according to a survey released today.

/ September 22, 2017

10 Security Product Flaw Scares

Read full post CCleaner compromise puts the crown on several years’ worth of headlines about cybersecurity product weaknesses.

/ September 22, 2017

Health IT & Cybersecurity: 5 Hiring Misconceptions to Avoid

Read full post Why healthcare organizations need a good strategy to find talent, or get left behind.

/ September 22, 2017

Where Do Security Vulnerabilities Come From?

Read full post There are three major causes: code quality, complexity, and trusted data inputs.

/ September 22, 2017

This new app can detect wireless credit card skimmers at gas pumps

Read full post Credit card skimmers are getting more advanced – but that’s making them easier to detect.

/ September 22, 2017

Equifax has been sending customers to a fake phishing site for weeks

Read full post A series of blunders to add to the Equifax breach

/ September 22, 2017

ISP involvement suspected in latest FinFisher gov’t spyware campaign

Read full post ISPs in a number of countries are under suspicion for distributing the malware to government targets.

/ September 22, 2017

Cloud services: What to consider when migrating your infrastructure

Read full post Most companies have switched the majority of their services and information over to the cloud. There are many reasons for this, ranging from cost to practicalities. The post Cloud services: What to consider when migrating your infrastructure...

/ September 22, 2017

Joomla patches eight-year-old critical CMS bug

Read full post The flaw could be exploited to steal administrator account details and hijack websites.

/ September 22, 2017

SEC Says Intruders May Have Accessed Insider Data for Illegal Trading

Read full post 2016 breach of the Securities and Exchange Commission’s EDGAR database dents its reputation as a federal cybersecurity enforcer.

/ September 21, 2017

CCleaner Malware Targeted Tech Giants Cisco, Google, Microsoft

Read full post The backdoor discovered in Avast’s CCleaner targeted top tech companies including Google, Microsoft, Samsung, Sony, VMware, and Cisco.

/ September 21, 2017

Webroot Culture: Q&A with Systems Administrator Ann Roberts

Read full post Before chatting with Ann Roberts, systems administrator at Webroot, I had a pretty narrow view of what her role in the IT department required on a day-to-day basis. As it turns out, a systems administrator must wear...

/ September 21, 2017

How BitPaymer ransomware covers its tracks

Read full post This BitPaymer malware variant uses tricks that you don’t usually see in ransomware – but it still scrambles your files in the end.

/ September 21, 2017

News in brief: Experian PIN fail; SEC hacked; AI vs terror

Read full post Your daily round-up of some of the other stories in the news

/ September 21, 2017

Hackers holds entire school district to ransom

Read full post The hacking group stole personal information and sent explicit death threats against children to their parents.

/ September 21, 2017

Why Size Doesn’t Matter in DDoS Attacks

Read full post Companies both large and small are targets. Never think “I’m not big enough for a hacker’s attention.”

/ September 21, 2017

SMBs Paid $301 Million to Ransomware Attackers

Read full post But small- to midsized businesses are taking a tougher stand against ransomware attacks, according to a survey released today of the 2016-2017 period.

/ September 21, 2017

OPM Data Breach Lawsuit Tossed, Fed Plaintiffs will Appeal

Read full post A judge ruled federal employees cannot sue for damages from the 2015 Office of Personnel Management data breach.

/ September 21, 2017

CConsiderations on the CCleaner incident

Read full post Regardless of how Piriform was breached, for a tool as widely downloaded as CCleaner, with a userbase running into the hundreds of millions, there will be a large impact worldwide, even though only the 32-bit version was...

/ September 21, 2017

New FinFisher surveillance campaigns: Are internet providers involved?

Read full post FinFisher has extensive spying capabilities, such as live surveillance through webcams and microphones, keylogging, and exfiltration of files. What sets FinFisher apart from other surveillance tools, however, are the controversies around its deployments. The post New FinFisher...

/ September 21, 2017

“Admin from Hell” holds company to ransom with porn makeover

Read full post The IT admin demanded $10,000, when he didn’t get it things got X-rated

/ September 21, 2017

SEC admits data breach, suggests illicit trading was key

Read full post The commission says that “illicit gain through trading” may have been the key motivator.

/ September 21, 2017

Critical VMware vulnerability, patch and update now

Read full post The impact of this critical vulnerability has the potential to be great.

/ September 21, 2017

CCleaner malware operators targeted tech firms including Cisco, Microsoft, Samsung

Read full post It is believed the threat actor behind the campaign is after intellectual property.

/ September 21, 2017

Iranian Cyberspy Group Targets Aerospace, Energy Firms

Read full post APT33 focused on gathering information to bolster Iran’s aviation industry and military decision-making capability, FireEye says.

/ September 20, 2017

Cisco SMI Still Exposing Network Switches Online

Read full post The high number of exposed and vulnerable devices online has remained largely unchanged since researchers began exploring SMI in 2010.

/ September 20, 2017

Mobile Ransomware Hits Browsers with Old-School Techniques

Read full post Several types of malware sold on the dark Web advertise the ability to spy on Android smartphones, encrypt files, and demand payment.

/ September 20, 2017

Artificial Intelligence: Getting the Results You Want

Read full post Finding a vendor that doesn’t claim to do AI is hard these days. But getting the benefits you need and expect is even harder.

/ September 20, 2017

Human failings undermine security – but who’s failing who?

Read full post A Ponemon survey puts “negligent employees” on the hook

/ September 20, 2017

The Apache “Optionsbleed” security hole explained [VIDEO]

Read full post If you’re looking for a non-techie, plain English, verbal explanation of the Apache “Optionsbleed” security bug, watch this!

/ September 20, 2017

Software Assurance: Thinking Back, Looking Forward

Read full post Ten personal observations that aim to bolster state-of-the-art and state-of-practice in application security.

/ September 20, 2017

News in brief: Twitter stops terrorists; WhatsApp stops UK gov; Russia stops Dark Web drugs

Read full post Your daily round-up of some of the other stories in the news

/ September 20, 2017

Pirate Bay hits users’ CPUs with secret cryptocurrency mining

Read full post They should have asked. If they had, would it be better or worse than ads?

/ September 20, 2017