IBM, Nonprofits Team Up in New Free DNS Service

Read full post Quad9 blocks malicious sites used in phishing, other nefarious activity.

/ November 17, 2017

We’re Still Not Ready for GDPR? What is Wrong With Us?

Read full post The canary in the coalmine died 12 years ago, the law went into effect 19 months ago, but many organizations still won’t be ready for the new privacy regulations when enforcement begins in May.

/ November 17, 2017

Bug that deleted $300m could have been fixed months ago

Read full post The flaw was reported in August 2017 and mistaken for a “convenience enhancement”

/ November 17, 2017

KeePass – a password manager that’s cloud-less (but complex)

Read full post It does all the things you’d expect a password manager to do – without the cloud.

/ November 17, 2017

Bug bounty hunter reveals DJI SSL, firmware keys have been public for years

Read full post Opinion: The researcher has discarded $30,000 to ensure there is full public disclosure of the drone maker’s poor security and revealing how not every bug bounty hunt ends well.

/ November 17, 2017

One-third of internet pounded by DoS attacks

Read full post Simple DoS attacks, which are a one-on-one affair, have been all but supplanted by DDoS attacks. The latter involve concerted campaigns from armies of devices conscripted into botnets which, as if lined up and marching in lockstep,...

/ November 17, 2017

Cyber News Rundown: Edition 11/16/17

Read full post The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions?...

/ November 17, 2017

Mr. Robot eps3.5_kill-process.inc – the security review

Read full post We analyse the latest security goings on in the world of Mr. Robot…

/ November 16, 2017

Crooks Turn to Delivering Ransomware via RDP

Read full post In a new twist to an old attack, threats actors are increasingly using the remote access protocol to install ransomware, Sophos says

/ November 16, 2017

Ransomware via RDP – how to stay safe! [VIDEO]

Read full post Crooks love to get into your network and wander around as if they were on your IT team. Here’e one good reason why you want to stop them!

/ November 16, 2017

Terdot Banking Trojan Spies on Email, Social Media

Read full post Terdot Banking Trojan, inspired by Zeus, can eavesdrop and modify traffic on social media and email in addition to snatching data.

/ November 16, 2017

121 Pieces of Malware Flagged on NSA Employee’s Home Computer

Read full post Kaspersky Lab’s internal investigation found a backdoor Trojan and other malware on the personal computer of the NSA employee who took home agency hacking tools.

/ November 16, 2017

Optiv Acquires Decision Lab to Expand Big Data Services

Read full post Deal enhances Optiv’s big data, automation, and orchestration efforts.

/ November 16, 2017

Forget APTs: Let’s Talk about Advanced Persistent Infrastructure

Read full post Understanding how bad guys reuse infrastructure will show you the areas of your network to target when investigating new threats and reiteration of old malware.

/ November 16, 2017

Oracle pushes emergency patch for critical Tuxedo server vulnerabilities

Read full post Two of the vulnerabilities have achieved a rating of 10 and 9.9 in severity.

/ November 16, 2017

‘Reaper’: The Professional Bot Herder’s Thingbot

Read full post Is it malicious? So far it’s hard to tell. For now it’s a giant blinking red light in security researchers faces warning us that we’d better figure out how to secure the Internet of Things.

/ November 16, 2017

Death of the Tier 1 SOC Analyst

Read full post Say goodbye to the entry-level security operations center (SOC) analyst as we know it.

/ November 16, 2017

Think you deleted that embarrassing WhatsApp message you sent? Think again

Read full post If there’s one thing we should all have learnt from our years on the internet it should be this: once you say something somewhere, it’s very hard to take it back and pretend it never happened. The...

/ November 16, 2017

Tips for buying and sending gift cards

Read full post In a world where money is often represented as numbers moving from one place to another, the difference between types of payment cards may seem a bit nebulous. The post Tips for buying and sending gift cards...

/ November 16, 2017

Deleted WhatsApp sent messages might not be gone forever

Read full post The first 100 characters are in the registry, and you don’t even have to bother with that if you have a backup app. How very Snapchat!

/ November 16, 2017

Parity shakes up wallet audits, but funds remain frozen

Read full post After a user accidentally stole and froze funds in over 500 wallets, a solution is yet to be found.

/ November 16, 2017

Forever 21 informs customers of a potential data breach

Read full post The retailer doesn’t know much yet, beyond the fact that encryption wasn’t working in some devices, in some stores, for some amount of time.

/ November 16, 2017

Apple’s Face ID security fooled by simple face mask

Read full post A Vietnamese security company called Bkav claims it successfully bypassed Face ID authentication on Apple’s flagship iPhone X using – wait for it – a mask.

/ November 16, 2017

White House Releases New Charter for Using, Disclosing Security Vulnerabilities

Read full post Updated Vulnerability Equities Process provides transparency into how government will handle new vulnerabilities that it discovers in vendor products and services.

/ November 15, 2017

Fred Kwong: The Psychology of Being a CISO

Read full post Security Pro File: Fred Kwong learned people skills in the classroom and technical skills on the job. The former psychology major, now CISO at Delta Dental, shares his path to cybersecurity and how he applies his liberal...

/ November 15, 2017

McAfee’s own anti-hacking service exposed users to banking malware

Read full post The purportedly safe link pointed users to a malicious Word document, laden with Emotet banking malware.

/ November 15, 2017

Stealthy Android Malware Found in Google Play

Read full post Eight apps found infected with a new Trojan family that ups the ante in obfuscation with four payload stages.

/ November 15, 2017

US Vulnerability Equities Policy: transparency welcome, but serious questions remain

Read full post Commentary on government struggles to protect internet security while stockpiling cyber vulnerabilities in order to launch attacks and gain intelligence. The post US Vulnerability Equities Policy: transparency welcome, but serious questions remain appeared first on WeLiveSecurity

/ November 15, 2017

Who Am I? Best Practices for Next-Gen Authentication

Read full post By their very nature, antiquated, static identifiers like Social Security numbers and dates of birth are worse than passwords.

/ November 15, 2017

Forever 21 Informs Shoppers of Data Breach

Read full post Forever 21 learned an unauthorized actor may have accessed payment card data at certain retail stores.

/ November 15, 2017

NSA Veterans Land $1.5 Million in Funding for Startup

Read full post ReFirm Labs’ launches Centrifuge Platform, which aims to automatically detect security vulnerabilities in IoT firmware.

/ November 15, 2017

Insider Threats: Red Flags and Best Practices

Read full post Security pros list red flags indicating an insider attack and best practices to protect against accidental and malicious exposure.

/ November 15, 2017

Hackers mimicking little kids can fool voice recognition systems

Read full post Misuse of the technology is going to rise right along with the popularity of voice apps, says a recent study.

/ November 15, 2017

Trump administration releases rules on disclosing security flaws

Read full post The White House’s cybersecurity coordinator said the rules are “vital” to ensuring a balance between public disclosure and retaining flaws for intelligence operations.

/ November 15, 2017

Shadow Brokers cause ongoing headache for NSA

Read full post It’s not been a great few years for the NSA when it comes to breaches…

/ November 15, 2017

Ransomware-spreading hackers sneak in through RDP

Read full post Sophos has uncovered a new niche in the world of cybercrime: ransomware infections where the crooks run the ransomware themselves

/ November 15, 2017

DHS says it remotely hacked a Boeing 757 sitting on a runway

Read full post “We got the airplane on Sept. 19, 2016. Two days later, I was successful in accomplishing a remote, non-cooperative penetration.”

/ November 15, 2017

Fileless attacks surge in 2017, security solutions are not stopping them

Read full post By 2018, they are expected to account for 35 percent of all cyberattacks.

/ November 15, 2017

Deception Technology: Prevention Reimagined

Read full post How state-of-the-art tools make it practical and cost-effective to identify and engage attackers in early lateral movement stages to prevent them from reaching critical systems and data.

/ November 15, 2017

Multi-stage malware sneaks into Google Play

Read full post In all the cases we investigated, the final payload was a mobile banking trojan. Once installed, it behaves like a typical malicious app of this kind: it may present the user with fake login forms to steal...

/ November 15, 2017