September 7, 2017
Via: DataBreach TodayTwo Russian hackers, members of a group called “Shaltay-Boltai” – Humpty Dumpty in Russian – have been sentenced to serve three years in prison, according to the Russian Legal Information Agency, or RAPSI. Alexander Filinov, aka “Mad Hatter,” and Konstantin Teplyakov, […]
September 7, 2017
Via: Help Net SecurityThe Dragonfly hacking group is back – or should we say it probably never went away – and is still interested in penetrating the networks of European and US companies in the energy sector. Even worse, their efforts have been […]
September 5, 2017
Via: Naked SecurityShould central banks be worried about cryptocurrency – Bitcoin, Ethereum, Zcash, Monero and hundreds of others? Perhaps more important, should you – the average, privacy-conscious person or even the not-so-average Dark Web drug dealer – be worried? That depends in […]
September 1, 2017
Via: CSO OnlineThe alarming number of unfilled jobs in information security has many leaders in the industry wondering how to solve the manpower problem. Awareness is part of the problem — in that the pipelines aren’t getting filled fast because many young […]
August 31, 2017
Via: Threat PostA toolset belonging to the Russian-speaking Turla APT has been publicly disclosed, and along with it details on its capabilities and indicators of compromise. The tools, called WhiteBear, were used to attack defense organizations as recently as June, and diplomatic […]
August 31, 2017
Via: CIOAre you measuring the value and effectiveness of your cybersecurity efforts? Most companies around the world are failing to do so, according to a recent security measurement index benchmark survey. Without establishing the proper metrics, you’re flying blind. And even […]
August 28, 2017
Via: Threat PostAn obscure Apple kernel extension patched in July in iOS 10.3.3 was originally built without security measures in place, according to the researcher who privately disclosed the flaws. Today at the Hack in the Box security conference in Singapore, Zimperium […]
August 25, 2017
Via: Threat PostA deprecated Apple authorization API, invoked by third-party installers, is still developers’ preferred choice for updating apps and services on macOS. And that’s a problem because of a massive security issue that could be abused by a local attacker to […]
August 25, 2017
Via: Security WeekWikiLeaks has published another round of Vault 7 documents, this time describing a tool allegedly used by the U.S. Central Intelligence Agency (CIA) to secretly collect biometric data from the agency’s liaison services. The leaked documents, marked as “secret,” appear […]
August 25, 2017
Via: Security WeekSnapchat has awarded researchers a total of $20,000 for finding exposed Jenkins instances that allowed arbitrary code execution and provided access to sensitive data. Three months ago, Belgium-based researcher Preben Ver Eecke was analyzing Snapchat’s infrastructure when he discovered a […]
Malware, Mobile security, Virus & Malware
August 25, 2017
Via: Security WeekSeveral of the pieces of malware targeting Android devices in the second quarter of 2017 abused WAP billing to help cybercriminals make money, Kaspersky reported on Thursday. Wireless Application Protocol (WAP) billing provides a mechanism for users to acquire content […]
Cloud security, Vulnerabilities
August 24, 2017
Via: Threat PostFuze, a maker of popular enterprise-grade voice-over-IP handsets, earlier this year patched three vulnerabilities that exposed user account information and enabled unauthorized authentication. The issues were made public today by researchers at Rapid7 who privately disclosed the flaws on April […]
August 24, 2017
Via: Threat PostA business email compromise campaign emanating out of Western Africa is targeting companies in a wide swathe of industries, bucking a trend of these scams focusing on wire fraud and targeting CEOs. The criminals are using phishing emails with links […]
August 23, 2017
Via: Security IntelligenceImproving integration, visibility and analytics with a platform approach to security information and event management (SIEM) is the means to the business value of security, compliance and operational efficiency. Security teams are operating in an evolving macro environment, which presents […]
Application security, Vulnerabilities
August 23, 2017
Via: Security IntelligenceEmployees use open source applications in organizations of all sizes and across all industries, and this trend shows no signs of slowing down. It is both cost effective and efficient to incorporate source code into software during the development stage. […]
August 23, 2017
Via: Security IntelligenceAccording to a recent Forrester report, enterprise cloud computing adoption accelerated in 2016 and will do so again in 2017. Software-as-a-service (SaaS) remains the largest portion of the public cloud market, with global spending expected to reach $105 billion in […]
August 23, 2017
Via: Security IntelligenceEverywhere we look, we see some form of digital technology. People have access to computers, cellphones, televisions and even Wi-Fi-enabled smart appliances. Technology advances every day, giving way to exciting, innovative and life-changing experiences. Take cellphones, for example. Not too […]
August 22, 2017
Via: SecurelistAt the start of Q2 2017, we registered a wave of malicious mailings imitating notifications from well-known delivery services. Trojan downloaders were sent out in ZIP archives, and after being launched they downloaded other malware – Backdoor.Win32.Androm and Trojan.Win32.Kovter. The […]
August 22, 2017
Via: Security WeekElon Musk is leading demands for a global ban on killer robots, warning technological advances could revolutionise warfare and create new “weapons of terror” that target innocent people. The CEO of Tesla and SpaceX joined more than 100 robotics and […]
Cloud security, Network security
August 22, 2017
Via: Security WeekCisco announced on Monday that it has added some important security, compliance and analytics features to its Spark collaboration platform. Launched in March 2015, Cisco Spark provides cloud-based tools for team messaging, online meetings and whiteboarding. One year after its […]