Top

Tag: Security


Phishing

Account Takeover Attacks Become a Phishing Fave

September 21, 2018

Via: Dark Reading

More than three-quarters of ATOs resulted in a phishing email, a new report shows. Why spoof an email address for phishing messages when you can hijack an account and send them from the real one? That’s the theory behind account […]


Network security

Mitigate Risk From Malicious and Accidental Insiders

September 20, 2018

Via: Security Week

When we hear the term “insider trading” most people think of the illegal practice of trading a public company’s stock based on material, non‐public information. The image of Michael Milken, Ivan Boesky or Martha Stewart may come to mind. Yet […]


Cyber-crime, Network security

FBI Warns of Cyber-Thieves Targeting Payroll Accounts

September 20, 2018

Via: Security Week

Cybercriminals are targeting the online payroll accounts of employees in a variety of industries to divert funds, the Federal Bureau of Investigation (FBI) warns. According to an alert from the FBI’s Internet Complaint Center (IC3), numerous such attacks have been […]


Phishing, Vulnerabilities

Threats posed by using RATs in ICS

September 20, 2018

Via: Securelist

While conducting audits, penetration tests and incident investigations, we have often come across legitimate remote administration tools (RAT) for PCs installed on operational technology (OT) networks of industrial enterprises. In a number of incidents that we have investigated, threat actors […]


Network security, Privacy protection

Yahoo settles for $47 million in litigation following data breach of 3 billion accounts

September 19, 2018

Via: Hot for Security

Everyone remembers the Yahoo breach — it was simply historical and created mass hysteria at the time. The company ultimately confirmed in late 2017 that, following an alleged state-sponsored attack, all user accounts had been breached – that is 3 […]


Cloud security

The Security Costs of Cloud-Native Applications

September 19, 2018

Via: Dark Reading

More than 60% of organizations report the bulk of new applications are built in the cloud. What does this mean for security? Businesses are increasingly reliant on cloud-native applications despite the strong, broad perception that use of the cloud will […]


Mobile security

Sophisticated mobile spyware Pegasus found in the US and 44 other countries

September 19, 2018

Via: CSO Online

In a new report, Citizen Lab researchers warned that sophisticated mobile spyware, dubbed Pegasus — made and sold by the Israeli company NSO Group — has been found not only on Androids and iPhones in countries with questionable human rights […]


Email security, Phishing

State Department confirms breach of unclassified email system

September 19, 2018

Via: CSO Online

The U.S. State Department confirmed it suffered a data breach that exposed employee data; the breach affected the State Department’s unclassified email system. It’s not like the agency suddenly decided to tell the public about the breach, though. The incident […]


Vulnerabilities

Zero-Day Bug Allows Hackers to Access CCTV Surveillance Cameras

September 18, 2018

Via: Threat Post

Firmware used in up to 800,000 CCTV cameras open to attack thanks to buffer overflow zero-day bug. Between 180,000 and 800,000 IP-based closed-circuit television cameras are vulnerable to a zero-day vulnerability that allows hackers to access surveillance cameras, spy on […]


Network security

Symantec Launches Free Election Security Service

September 18, 2018

Via: Security Week

Symantec on Tuesday announced the launch of a new service that aims to make elections more secure by helping candidates and political organizations improve their security posture and detect fake websites. With midterm elections coming up in the United States, […]