The economics of cybersecurity for the undecided

Read full post How do you calculate the value at risk? Choosing between investing in antivirus software or doing nothing to prevent cybercrime is not black and white. We explore the grey areas of cybersecurity economics. The post The economics...

/ March 22, 2017

The economics of cybersecurity for the undecided

Read full post How do you calculate the value at risk? Choosing between investing in antivirus software or doing nothing to prevent cybercrime is not black and white. We explore the grey areas of cybersecurity economics. The post The economics...

/ March 22, 2017

Lithuanian con artist scams two US tech giants out of $100 million

Read full post That the phisher was able to dupe the companies, which work with social media, is perhaps the biggest surprise.

/ March 22, 2017

The True State of DevSecOps

Read full post Automation improving, but security needs to find ways to slide into DevOps workflow and toolchain.

/ March 21, 2017

Student Aid Tool Held Key for Tax Fraudsters

Read full post Citing concerns over criminal activity and fraud, the U.S. Internal Revenue Service (IRS) has disabled an automated tool on its Web site that was used to help students and their families apply for federal financial aid. The removal of...

/ March 21, 2017

You’re right. That ‘electronic Muslim ban’ makes no sense

Read full post Analysis: US officials have been less than forthcoming regarding a potential threat, which only hurts public trust and confidence.

/ March 21, 2017

Keep social engineering attacks from destroying your identity

Read full post Sometimes it takes a close call or bad experience to really hammer it home. The concept of identity theft is nothing new. To put it in perspective, my step-dad had his identity stolen, and didn’t even know...

/ March 21, 2017

Citing terror threat, US confirms electronics ban on some US-bound flights

Read full post Senior administration officials said terrorists are ‘aggressively pursuing’ ways to carry out new attacks, such as smuggling explosive devices in consumer items, but left key questions unanswered.

/ March 21, 2017

US government to ban most electronics from some US-bound flights

Read full post Homeland Security isn’t saying what the reason for the impending ban is, but that a change to the rules have been considered for several weeks.

/ March 20, 2017

ABTA experiences data breach

Read full post The Association of British Travel Agents discovered the data breach on March 1st, but failed to notify customers until March 16th. The post ABTA experiences data breach appeared first on WeLiveSecurity

/ March 20, 2017

ABTA experiences data breach

Read full post The Association of British Travel Agents discovered the data breach on March 1st, but failed to notify customers until March 16th. The post ABTA experiences data breach appeared first on WeLiveSecurity

/ March 20, 2017

Hundreds of Cisco switches vulnerable to flaw found in WikiLeaks files

Read full post The flaw was found by Cisco security researchers, despite WikiLeaks’ claiming that the CIA hacking unit disclosures did not contain working vulnerabilities.

/ March 20, 2017

GitHub awards researcher $18,000 for remote code execution flaw discovery

Read full post The severe bug impacted GitHub Enterprise and could have given attackers the opportunity to hijack the management console.

/ March 20, 2017

Feature or flaw? How to hijack a Windows account in less than a minute

Read full post By the researcher’s own admission, he’s not sure if it’s a newly-discovered security flaw — or a feature.

/ March 18, 2017

Govt. Cybersecurity Contractor Hit in W-2 Phishing Scam

Read full post Just a friendly reminder that phishing scams which spoof the boss and request W-2 tax data on employees are intensifying as tax time nears. The latest victim shows that even cybersecurity experts can fall prey to these...

/ March 17, 2017

Cyber News Rundown: Edition 3/17/17

Read full post The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions?...

/ March 17, 2017

Flashback Friday: Operation Windigo

Read full post In 2014, ESET delivered a comprehensive and detailed report on Operation Windigo. We take a look back at what was documented and what insight was gathered. The post Flashback Friday: Operation Windigo appeared first on WeLiveSecurity

/ March 17, 2017

Flashback Friday: Operation Windigo

Read full post In 2014, ESET delivered a comprehensive and detailed report on Operation Windigo. We take a look back at what was documented and what insight was gathered. The post Flashback Friday: Operation Windigo appeared first on WeLiveSecurity

/ March 17, 2017

Number of women in infosec industry ‘remains stagnant’

Read full post The number of women working within the infosec industry is “continues to remain low”, and could be exacerbating the skills gap within the industry. The post Number of women in infosec industry ‘remains stagnant’ appeared first on...

/ March 17, 2017

Number of women in infosec industry ‘remains stagnant’

Read full post The number of women working within the infosec industry is “continues to remain low”, and could be exacerbating the skills gap within the industry. The post Number of women in infosec industry ‘remains stagnant’ appeared first on...

/ March 17, 2017

Google Points to Another POS Vendor Breach

Read full post For the second time in the past nine months, Google has inadvertently but nonetheless correctly helped to identify the source of a large credit card breach — by assigning a “This site may be hacked” warning beneath...

/ March 16, 2017

This laptop-bricking USB stick just got even more dangerous

Read full post When plugged in, this weaponized USB stick can destroy laptops, kiosks, ATMs, cars, and more.

/ March 16, 2017

Automating security? Robots can’t replace humans in decision loop

Read full post While technology can be used for malicious purposes, such as hardware used for DDoS attacks, it’s the human that crafts the malware, determines the victim, and orchestrates the crime.

/ March 16, 2017

Intel, Microsoft launch new bug bounty programs

Read full post Intel has finally joined the bug bounty game with financial rewards on offer up to $30,000.

/ March 16, 2017

US charges Russian FSB officials in connection with massive Yahoo security breach

Read full post The United States has charged four men, including two officials of Russia’s FSB intelligence agency, in connection with a hacking attack against Yahoo that saw the details of 500 million users stolen and the use of forged...

/ March 16, 2017

US charges Russian FSB officials in connection with massive Yahoo security breach

Read full post The United States has charged four men, including two officials of Russia’s FSB intelligence agency, in connection with a hacking attack against Yahoo that saw the details of 500 million users stolen and the use of forged...

/ March 16, 2017

Four Men Charged With Hacking 500M Yahoo Accounts

Read full post “Between two evils, I always pick the one I never tried before.” -Karim Baratov (paraphrasing Mae West) The U.S. Justice Department today unsealed indictments against four men accused of hacking into a half-billion Yahoo email accounts. Two of...

/ March 15, 2017

Simple steps to help make you CyberSmart

Read full post The online threat landscape continues to evolve. Not only do we need to continue innovating and refining our protection techniques, but we also need to stay on top of our cybersecurity education in order to protect each...

/ March 15, 2017

Justice Dept. charges four Russia-backed hackers over Yahoo breach

Read full post The indictments include two members of Russian intelligence and two hackers hired by the Russian government.

/ March 15, 2017

Flaw in web versions of WhatsApp, Telegram put accounts at risk

Read full post Researchers say the vulnerability can expose data, contacts, and more.

/ March 15, 2017

Adobe fixes critical code execution bugs in Flash

Read full post The latest security update includes fixes for security flaws in Flash and Shockwave.

/ March 15, 2017

Millions of records leaked from huge US corporate database

Read full post Exclusive: The database contains more than 33 million records from government departments and large corporate clients which get sold onto marketers.

/ March 14, 2017

Adobe, Microsoft Push Critical Security Fixes

Read full post Adobe and Microsoft each pushed out security updates for their products today. Adobe plugged at least seven security holes in its Flash Player software. Microsoft, which delayed last month’s Patch Tuesday until today, issued an unusually large number of...

/ March 14, 2017

Significant cyberthreat to UK businesses continues to grow

Read full post Greater collaboration is needed in order to combat the significant threat of cybercrime to British businesses, according to the UK’s National Crime Agency and the National Cyber Security Centre. The post Significant cyberthreat to UK businesses continues...

/ March 14, 2017

Significant cyberthreat to UK businesses continues to grow

Read full post Greater collaboration is needed in order to combat the significant threat of cybercrime to British businesses, according to the UK’s National Crime Agency and the National Cyber Security Centre. The post Significant cyberthreat to UK businesses continues...

/ March 14, 2017

We-Vibe vibrator creator to pay damages after spying on user sex lives

Read full post Users that had their sexual activity monitored without consent are entitled to thousands of dollars in compensation.

/ March 14, 2017

FBI says it can’t release iPhone hacking tool because it might still be useful

Read full post The hacking tool was used by the FBI to break into the iPhone of one of the San Bernardino shooters last year, which led to a short but fierce legal case against Apple.

/ March 14, 2017

If Your iPhone is Stolen, These Guys May Try to iPhish You

Read full post KrebsOnSecurity recently featured the story of a Brazilian man who was peppered with phishing attacks trying to steal his Apple iCloud username and password after his wife’s phone was stolen in a brazen daylight mugging. Today, we’ll...

/ March 13, 2017

Challenges and implications of cybersecurity legislation

Read full post Cybersecurity legislation: organization, collaboration and diffusion across the globe, and working towards the populization of cybersecurity culture The post Challenges and implications of cybersecurity legislation appeared first on WeLiveSecurity

/ March 13, 2017

Challenges and implications of cybersecurity legislation

Read full post Cybersecurity legislation: organization, collaboration and diffusion across the globe, and working towards the populization of cybersecurity culture The post Challenges and implications of cybersecurity legislation appeared first on WeLiveSecurity

/ March 13, 2017