Sign up for our weekly newsletter!
REGISTER NOW
Blogs
Latest Content
Page 1 / 2   >   >>
'Novidade' Exploit Changes DNS Settings in Home & Small Business Routers
Larry Loeb  
12/12/2018   Post a comment
Trend Micro has picked up on a new exploit dubbed 'Novidade,' which targets small business and home routers and changes their DNS settings to redirect the traffic as part of an attack.
ESET Researchers Find 12 New Linux Malware Families
Larry Loeb  
12/11/2018   Post a comment
A report from ESET finds 12 new Linux backdoor malware families in the wild that had previously been undocumented.
M2M Protocols Expose IoT Data, Trend Micro Finds
Jeffrey Burt  
12/11/2018   Post a comment
The MQTT and CoAP protocols that are crucial to IoT and IIoT operations have significant vulnerabilities that puts devices at risk, according to analysis from Trend Micro.
SD-WAN Security: Why Zero-Trust Authentication Is Key
Alan Zeichick  
12/10/2018   Post a comment
SD-WAN provides big benefits compared to traditional WAN connections between data centers and remote locations. However, authentication remains a concern. Here's why zero trust is a must.
APTs in 2018: A Mix of Old & New
Jeffrey Burt  
12/10/2018   Post a comment
Established threat groups and new players alike made for an active APTs scene this year, according to researchers with Kaspersky Lab.
Google Chrome 71: Bugs Squashed & News Ways to Block 'Abusive Experiences'
Larry Loeb  
12/7/2018   6 comments
The latest version of the Google Chrome browser squashes numerous bugs and adds in a feature to help block what the company calls 'abusive experiences.'
IT & OT Convergence: a Potential Security Nightmare
Alan Zeichick  
12/5/2018   1 comment
Industrial systems are rapidly connecting to the wider, public Internet. There are a host of security problems that comes with this convergence, however, and combing IT and OT is not the cure. Here's why.
Kubernetes Vulnerability Can Turn Containers Into Zombies
Larry Loeb  
12/4/2018   3 comments
For years, Kubernetes was considered secure. However, a newly published vulnerability can turn enterprise containers into zombies without proper patching.
Marriott's Due Diligence Failure Led to Massive Data Breach
Larry Loeb  
12/4/2018   5 comments
After acquiring Starwood, Marriott failed to conduct a proper review of the company's security issues. This lack of due diligence led directly to 500 million records being compromised in a data breach.
GDPR Fines: Some Bark, Little Bite
Joe Stanganelli  
12/3/2018   6 comments
As Security Now says 'Happy Halfiversary' to GDPR, we take a look at what few GDPR fines and other DPA orders and guidance have been made public over the past six months.
Cybercriminal Underground Will Continue to Consolidate in 2019
Jeffrey Burt  
12/3/2018   Post a comment
There will be fewer malware-as-a-service families, but they will be bigger, stronger and more sophisticated, according to a report from McAfee.
UPnProxy Still Infecting Thousands of Home & Small Business Routers
Larry Loeb  
11/30/2018   6 comments
An analysis by Akamai finds that UPnProxy is still out in the wild and still targeting routers mainly used in homes and by small businesses.
New Worm Helps Spread Fileless Version of Bladabindi RAT
Larry Loeb  
11/28/2018   10 comments
An updated version of the Bladabindi RAT is fileless and can now be spread through removable USB and other storage devices.
Rowhammer Vulnerability Can Bypass ECC Memory Chips
Larry Loeb  
11/27/2018   17 comments
New research finds that the Rowhammer vulnerability can be adjusted to bypass ECC memory chips, exposing processors to an attack.
12 Cloud Backup Tips to Protect Your Business's Back-End Servers
Alan Zeichick  
11/27/2018   23 comments
The cloud can offer cost-effective backups for enterprise web servers, file servers and other critical infrastructure. Here are a dozen tips on how to make cloud backups safe and efficient.
Carbon Black: Cyber Attacks Could Jump 60% During Holidays
Jeffrey Burt  
11/26/2018   20 comments
Spear-phishing campaigns are the most common form of attack as shoppers go to the stores and online and employees hit the road, according to a survey from Carbon Black.
GDPR Presents New Challenges in Backup & Disaster Recovery Management
Joe Stanganelli  
11/23/2018   3 comments
GDPR applies not only to primary systems, but also to backup and recovery systems. Cloud storage, combined with a modicum of common sense, may prove essential to helping with GDPR compliance for these systems.
Perceptual Ad Blockers Have Security Flaws, Too
Larry Loeb  
11/22/2018   15 comments
Blocking ads is more than stopping annoying pop-ups. There's a security component as well. However, a crop of perceptual ad blockers that use machine learning have their own flaws and shortcomings.
Geoblocking, Even at Low Levels, Restricts Internet Freedom – Study
Larry Loeb  
11/21/2018   Post a comment
A new research paper from the University of Michigan and Cloudflare finds that geoblocking or geofencing is not as extensive as some believe. However, even at low levels, this practice can restrict Internet freedom.
IoT Security Problems Can Cost Enterprises Millions
Jeffrey Burt  
11/20/2018   Post a comment
A survey by DigiCert finds that the IoT is a priority for most companies, but many enterprises struggle when it comes to security and privacy. This can translate into firms losing millions.
Employees Traveling This Holiday? Don't Forget Good Security Practices
Larry Loeb  
11/19/2018   Post a comment
A survey finds that employees are more likely to bypass good security practices when they travel during the holiday season, but still log onto the corporate network to work.
Security Concerns Increasing as BYOD Programs Continue to Grow
Jeffrey Burt  
11/19/2018   1 comment
Businesses are expanding their BYOD programs to include partners, customers and others, but most are behind in securing their mobile environments, according to a Bitglass survey.
New Spectre & Meltdown Attacks Show Limits of CPU Vulnerabilities
Larry Loeb  
11/16/2018   8 comments
A group of researchers from Belgium, Austria and the US have uncovered more Spectre and Meltdown flaws in CPU architectures, but their paper also shows the limits of these vulnerabilities in real-world attacks.
Google Data Center Traffic Rerouted to Nigeria, China & Russia
Larry Loeb  
11/14/2018   4 comments
For over an hour this week, some Internet traffic from Google's data centers was rerouted through a Nigerian ISP and possibly sent to Russia and China.
Metamorfo Trojan Revamped to Evade Antivirus Protections
Larry Loeb  
11/12/2018   1 comment
The Metamorfo Trojan, which has targeted banks and other financial institutions in Brazil, has been revamped by threat actors to better evade antivirus and other security protections.
DJI Drones Buzzed Over Security Flaw in Company's User Forum
Larry Loeb  
11/9/2018   3 comments
Check Point researchers found a flaw in the DJI's online user forum that could allow an attacker to access and steal information from one of the company's drones.
'Outlaw' IRC Bot Roughs Up Windows & Open Source Environments
Larry Loeb  
11/7/2018   Post a comment
Trend Micro is having a showdown with a IRC bot developed by a group dubbed 'Outlaw,' which is targeting Windows, Ubuntu and even Android environments.
'BLEEDINGBIT' Bluetooth Vulnerability Leaves Enterprises Exposed to Attacks
Larry Loeb  
11/5/2018   5 comments
Security firm Armis has found two, zero-day vulnerabilities in the BLE protocol of Texas Instrument chips that researchers call 'BLEEDINGBIT.'
On Eve of 2018 Midterm Elections, All Eyes Still on Cybersecurity
Jeffrey Burt  
11/5/2018   2 comments
Netscout and McAfee executives talk about the myriad challenges facing state and county election officials as voting for the 2018 midterm elections is about to get underway.
RDP Attacks Prompt New Slate of Security Warnings
Larry Loeb  
11/2/2018   3 comments
Following a warning by the FBI, Trend Micro has issued its own alert about an increase in RDP attacks that have targeted enterprises all around the world.
Let's Get Physical: Why Protecting Hardware Is Essential to Good Cybersecurity
Alan Zeichick  
11/1/2018   7 comments
Enterprises need to consider physical security as part of any comprehensive cybersecurity plan.
Google's reCAPTCHA Version 3 Offers Better Bot-Fighting Capabilities
Larry Loeb  
10/31/2018   17 comments
Google is rolling out the third version of reCAPTCHA software, which the company claims can better fight spam and bots with less user input.
Kaspersky: Most CISOs Say Cyber Attacks Are Inevitable
Jeffrey Burt  
10/30/2018   3 comments
The Kaspersky Lab report says that while the relationship between executives and CISOs is improving, there continues to be a disconnect around such issues as budgets and the risk of threats.
DemonBot Botnet Takes Advantage of Hadoop Flaw to Create DDoS Attacks
Larry Loeb  
10/29/2018   4 comments
Radware has found a new botnet called DemonBot that is taking advantage of a flaw in Hadoop servers to create large-scale DDoS attacks.
IoT Device Adoption Hampered by Consumer's Security Concerns
Larry Loeb  
10/26/2018   49 comments
For companies looking to jump on the IoT bandwagon, the adoption of these devices is being slowed by consumers' concerns over safety and security, a new report finds.
Managed Security Service Providers: Good Idea, but What's the Catch?
Alan Zeichick  
10/25/2018   16 comments
Managed security service providers are a good idea for businesses struggling with creating their own InfoSec division. However, there are some drawbacks to consider.
iPhones Increasingly Vulnerable to Coinhive Cryptomining Malware
Jeffrey Burt  
10/24/2018   Post a comment
In their most recent Global Threat Index, Check Point researchers found a 400% increase in Coinhive attacks against iPhones by bad actors using the popular cryptomining malware.
Industrial Systems Suffer From Poor Patching, Bad Password Practices – Study
Larry Loeb  
10/24/2018   Post a comment
Industrial control systems are riddled with outdated software that is in need of patching, while passwords are stored in plain text and endpoints are left open to attack, according to a report from CyberX.
Unpatched MikroTik Routers Vulnerable to Cryptomining Malware
Larry Loeb  
10/22/2018   1 comment
An alert from Avast Threat Labs finds that a vast majority of MikroTik routers don't have the last firmware update to block a cryptomining campaign.
MIT Researchers Have a DAWG in the Fight Against Spectre & Meltdown
Larry Loeb  
10/19/2018   7 comments
In the fight against Spectre and Metldown vulnerabilities, MIT is pitting its DAWG solution against Intel's CAT.
McAfee: Seasalt Malware Raises Its Head Again
Jeffrey Burt  
10/19/2018   Post a comment
Code from the Seasalt malware that was last seen in 2010 has been found in new campaigns in North Korea and North America, according to McAfee.
Your People Can't Secure Your Network? Try Tier 0 Automation
Alan Zeichick  
10/18/2018   Post a comment
Keeping up with modern security requirements requires a multi-prong approach. One way to ensure that threats are being met is to ignore the false alerts. This is where Tier 0 automation comes in.
Why Killing Off TLS 1.0 & 1.1 Is a Good Thing
Larry Loeb  
10/17/2018   Post a comment
All good things must come to an end. Apple, Microsoft, Mozilla and Google have decided that's the case for the 1.0 and 1.1 versions of TLS.
Living With Compromised Technology Supply Chains in a Post-Supermicro World
Joe Stanganelli  
10/15/2018   2 comments
In the wake of Bloomberg's jarring exposé on tainted motherboards from mega-manufacturer Supermicro, practical questions remain for enterprise organizations on how they can cope with the scary prospect of compromised hardware.
Gallmaker Attackers Living Off the Land, Symantec Finds
Jeffrey Burt  
10/15/2018   Post a comment
Gallmaker, a new state-sponsored threat group, eschews custom malware for legitimate hacking tools and techniques to run under the radar while attacking government and military organizations in eastern Europe and the Middle East, according to recent research from Symantec.
Intel's 9th Gen Processors Offer Protections Against Spectre & Meltdown
Larry Loeb  
10/12/2018   10 comments
While talking up its 9th Gen processors this week, Intel offer some subtle hints about plans to protect its CPUs against the Spectre and Meltdown vulnerabilities that have plague x86 processors.
DHS Raps Juniper Over the Knuckles for 40 Junos OS Vulnerabilities
Larry Loeb  
10/12/2018   3 comments
The Department of Homeland Security felt it necessary to take Juniper Networks to the woodshed for 40 vulnerabilities, many critical, that affected the company's Junos OS.
Gemalto: 4.5B Records Breached in First Half of 2018
Larry Loeb  
10/10/2018   1 comment
Gemalto's Breach Level Index showed a staggering 133% increase in data breaches between the first half of 2017 and the first six months of this year. However, most of this malicious activity is attributable to two incidents – one involving Facebook.
Rotten Fruit: 4 Insider Threats to Watch Out For
Alan Zeichick  
10/8/2018   4 comments
When it comes to insider threats, it's best not to trust anyone. However, different employees pose different types of threats to the network. Here are the four types of 'rotten fruit' to look out for in your business.
DanaBot Banking Trojan Is Now Finding Its Way to the US
Jeffrey Burt  
10/8/2018   Post a comment
The DanaBot Trojan first targeting organizations in Australia earlier this year has expanded into Europe and now is aiming at US, according to Proofpoint.
Page 1 / 2   >   >>




Latest Articles
Trend Micro has picked up on a new exploit dubbed 'Novidade,' which targets small business and home routers and changes their DNS settings to redirect the traffic as part of an attack.
A report from ESET finds 12 new Linux backdoor malware families in the wild that had previously been undocumented.
The MQTT and CoAP protocols that are crucial to IoT and IIoT operations have significant vulnerabilities that puts devices at risk, according to analysis from Trend Micro.
SD-WAN provides big benefits compared to traditional WAN connections between data centers and remote locations. However, authentication remains a concern. Here's why zero trust is a must.
Established threat groups and new players alike made for an active APTs scene this year, according to researchers with Kaspersky Lab.
Flash Poll
Video
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
Facebook has introduced new measures that will enable users to secure access to their accounts using a physical 'key' application.
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
Radio Shows
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2018 Light Reading - an Informa business, trading within KNect365 US, Inc. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with