Category: Uncategorized

Russian-Speaking APT Engaged in G20 Themed Attack

Read full post A newly discovered dropper for the KopiLuwak backdoor suggests that the Turla group is back at it again, Proofpoint says.

/ August 18, 2017

50% of Ex-Employees Can Still Access Corporate Apps

Read full post Businesses drive the risk for data breaches when they fail to terminate employees’ access to corporate apps after they leave.

/ August 18, 2017

News in brief: few girls studying computing; new Galaxy Note battery issue; fine over parking data breach

Read full post Your daily round-up of some of the other stories in the news

/ August 18, 2017

ShieldFS Hits ‘Rewind’ on Ransomware

Read full post Federico Maggi and Andrea Continella discuss a new tool to protect filesystems by disrupting and undoing ransomware’s encryption activities.

/ August 18, 2017

14 Social Media-Savvy CISOs to Follow on Twitter

Read full post A roundup of some of the more social media-engaged security leaders to follow for updates on industry news, trends, and events.

/ August 18, 2017

How likely is a ‘digital Pearl Harbor’ attack on critical infrastructure?

Read full post The metaphor might be hyperbole, but there’s real concern about the potential for attacks, warn two experts

/ August 18, 2017

Drone firm says it’s stepping up security after US army ban

Read full post DJI security patch should ease military fears – but throws up further issues for pilots

/ August 18, 2017

‘Pulse wave’ DDoS – another way of blasting sites offline

Read full post If there’s one thing we’ve learned, it’s that any new way of DDoSing will reveal that there are a huge number of undefended devices online

/ August 18, 2017

Curbing the Cybersecurity Workforce Shortage with AI

Read full post By using cognitive technologies, an organization can address the talent shortage by getting more productivity from current employees and improving processes.

/ August 18, 2017

Cybercrime update: Big trouble in dark markets?

Read full post Many of the components required to commit cybercrime can be bought and sold online if you know the right part of the internet in which to look. The post Cybercrime update: Big trouble in dark markets? appeared...

/ August 18, 2017

How Bad Teachers Ruin Good Machine Learning

Read full post Sophos data scientist Hillary Sanders explains how security suffers when good machine learning models are trained on bad testing data.

/ August 18, 2017

Phone location privacy – for armed robber – headed to Supreme Court

Read full post Defending a convicted armed robber’s right to privacy feels distasteful, but defending rights are important – as this case seeks to do

/ August 18, 2017

Rogers Cup ‘Tech and Tennis Day’ cybersecurity panel

Read full post While you might not think tennis and cybersecurity have much in common, both can be unpredictable and therefore require you to keep your eye on the ball. The post Rogers Cup ‘Tech and Tennis Day’ cybersecurity panel...

/ August 18, 2017

Drupal patches critical access bypass flaw in engine core

Read full post Drupal has released security fixes to smooth over a serious access bypass vulnerability, among other bugs.

/ August 18, 2017

Cyber News Rundown: Edition 8/18/17

Read full post The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions?...

/ August 17, 2017

Facebook Doles Out $100K Prize for Internet Defense Prize

Read full post Winners developed a new method of detecting spearphishing in corporate networks.

/ August 17, 2017

Facebook Doles Out $100K for Internet Defense Prize

Read full post Winners developed a new method of detecting spearphishing in corporate networks.

/ August 17, 2017

Microsoft Report: User Account Attacks Jumped 300% Since 2016

Read full post Most of these Microsoft user account compromises can be attributed to weak, guessable passwords and poor password management, researchers found.

/ August 17, 2017

Locky ransomware rises from the crypt with new Lukitus and Diablo variants

Read full post NOTE: This blog post discusses active research by Webroot into an emerging threat. This information should be considered preliminary and will be updated as more data comes in. New variants of Locky—Diablo and Lukitus—have surfaced from the...

/ August 17, 2017

Critical Infrastructure, Cybersecurity & the ‘Devil’s Rope’

Read full post How hackers today are engaging in a modern ‘Fence Cutter War’ against industrial control systems, and what security professionals need to do about it.

/ August 17, 2017

‘Pulse Wave’ DDoS Attacks Emerge As New Threat

Read full post DDoS botnets are launching short but successive bursts of attack traffic to pin down multiple targets, Imperva says.

/ August 17, 2017

The Shadow Brokers: How They Changed ‘Cyber Fear’

Read full post At Black Hat USA, Matt Suiche, founder of Comae Technologies, describes what we know about the Shadow Brokers and how they have changed the business of cyber fear.

/ August 17, 2017

News in brief: new Bitcoin fork; HBO hacked; China cracks down

Read full post Your daily round-up of some of the other stories in the news

/ August 17, 2017

Woman targeted with 120 images on public transport via AirDrop

Read full post Bluejacking is back, this time via Apple’s AirDrop technology, allowing strangers to bombard women with ‘dick pics’

/ August 17, 2017

70% of DevOps Pros Say They Didn’t Get Proper Security Training in College

Read full post Veracode survey shows majority of DevOps pros mostly learn on the job about security.

/ August 17, 2017

Kill Switches, Vaccines, & Everything in Between

Read full post The language can be a bit fuzzy at times, but there are real differences between the various ways of disabling malware.

/ August 17, 2017

Uber faces privacy audits every two years until 2037, rules FTC

Read full post Uber ‘failed consumers in two key ways’ says FTC after probe into catalogue of privacy concerns

/ August 17, 2017

How to Avoid the 6 Most Common Audit Failures

Read full post In a security audit, the burden is on you to provide the evidence that you’ve done the right things.

/ August 17, 2017

Behind the Briefings: How Black Hat Sessions Get Chosen

Read full post Daniel Cuthbert and Stefano Zanero explain what the Black Hat review board is looking for in an abstract submission for the Briefings.

/ August 17, 2017

Buying encryption? Five good questions to ask before you do

Read full post General Data Protection Regulation (GDPR) together with the growing number of data breaches are the most pressing reasons why small and medium businesses are implementing data protection technologies – including encryption. The post Buying encryption? Five good...

/ August 17, 2017

Got an iPhone? Here’s what we think about the security of iOS11

Read full post Will your iOS device be more or less secure when iOS11 is launched? We’ve had a look beyond the cosmetic tweaks to the security features

/ August 17, 2017

It’s baaaack: Locky ransomware is on the rise again

Read full post Locky had been quiet until new variants started appearing last week. Here’s what you need to know

/ August 17, 2017

[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem

Read full post Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization’s security plans and strategies compare to what others are doing? Here’s an in-depth look.

/ August 16, 2017

Following criticism, Cloudflare drops neo-Nazi site Daily Stormer

Read full post The Daily Stormer website has found hosting trouble after several companies pulled the plug on the site after breaking terms of service.

/ August 16, 2017

Cerber Fights Anti-Ransomware Tools

Read full post Deception technology is the popular ransomware’s latest target.

/ August 16, 2017

Claims resurface that Kaspersky helped Russian intelligence

Read full post Yes, Kaspersky Lab works with government law enforcement agencies, just like American ones do. The company denies any wrongdoing with its work with Russia’s government.

/ August 16, 2017

Old Flaws, New Tricks: CVE-2017-0199 and PowerPoint Abuse

Read full post Researchers discover attackers are using a patched Microsoft vulnerability to abuse PowerPoint files and distribute malware.

/ August 16, 2017

Websites Selling DDoS Services and Tools on the Rise in China

Read full post Researchers detect an increase in Chinese websites offering online DDoS services within the past six months.

/ August 16, 2017

Insider Threats Loom Large for Security Pros

Read full post Insider threats pose a greater challenge to security pros than external threats, according to a recent survey.

/ August 16, 2017

News in brief: micro robots heal mice; Scottish Parliament hacked; Google Allo on desktops

Read full post Your daily round-up of some of the other stories in the news

/ August 16, 2017