Sign up for our weekly newsletter!
Latest Most Commented Content
<<   <   Page 2 / 2
Enterprise Attacks Increase 235%: Trojans & Ransomware Most Common
Larry Loeb  
4/26/2019   19 comments
The Malwarebytes Labs Cybercrime Tactics and Techniques Q1 2019 report found in just one year, threats aimed at corporate targets have increased by 235%. Trojans, such as Emotet, and ransomware were the most likely attacks.
New USB Type-C Standards Offer Cryptographic-Based Security
Larry Loeb  
1/4/2019   19 comments
The USB-IF has published new guidelines that looks to bring tougher security protocols, including cryptography, to USB Type-C devices to better protect against attacks.
Weak Human Link Still Main Enterprise Security Concern
Larry Loeb  
2/27/2019   19 comments
KnowBe4 study confirms what we pretty much knew already.
Digital Transformation With IoT: Assessing Risk Through Standards & Visibility
Joe Stanganelli  
2/27/2019   19 comments
IoT transformation is a gift and a curse that carries both business agility and business risk. As the world digitally transforms into something "smarter" than itself, IoT devices proliferate, demanding a lot of resources to keep up with them all – and, by extension, secure them all.
Digital Signatures Can Be Forged in PDF Docs
Larry Loeb  
3/1/2019   18 comments
Researchers in Germany have figured out three different ways to forge digital signatures in PDF documents.
Over 500 Million Chrome iOS Sessions Hijacked in Massive Malvertising Campaign
Larry Loeb  
4/22/2019   18 comments
Confiant has spotted the known threat actor eGobbler back in action.
Japanese Government to Use 'Credential Stuffing' to Survey Consumer IoT Devices
Larry Loeb  
1/30/2019   18 comments
The Japanese government is concerned about the security of IoT devices – but is a mass attempt to log into consumers' devices the right approach to the issue?
Microsoft Looks to Squash Bugs in its Azure DevOps Product
Larry Loeb  
1/21/2019   18 comments
Microsoft's latest bug-hunting program is targeting the company's Azure DevOps platform, which looks to make software development more secure.
Equifax, Intel Help Spur SEC to Update Cybersecurity Regulations
Larry Loeb  
2/23/2018   18 comments
The Equifax data breach, along with problems at Intel, has spurred the Securities and Exchange Commission to update its rules about the disclosing of cybersecurity incidents that now puts greater responsibility on CEOs and other company officers.
The Simplicity of a Wordpress Hack
Larry Loeb  
10/23/2017   18 comments
The latest Wordpress hack is serious, but it's not part of some grand conspiracy among hackers.
How to Panic Over IT Security
Larry Loeb  
8/9/2017   18 comments
Anyone can keep calm and carry on. To panic properly takes planning. Here's our tongue-in-cheek primer on doing it right.
Black Hat Keynote: A Call to Change
Curt Franklin  
7/27/2017   17 comments
Facebook's Alex Stamos stood before Black Hat 2017 and congratulated the community on all they've done. Then he told them that they must change.
Microsoft Vulnerabilities More Than Doubled in 2017 – Report
Larry Loeb  
2/19/2018   17 comments
A comprehensive exam by security vendor Avecto found that the number of vulnerabilities in Microsoft's products increased from 234 to 685 between 2016 and 2017.
Linus Torvalds: Intel's Spectre Patch Is 'Complete & Utter Garbage'
Larry Loeb  
1/24/2018   17 comments
In a scathing assessment of Intel's efforts to patch the Spectre flaw, Linux inventor Linus Torvalds offers no quarter for the chipmaker.
Google's reCAPTCHA Version 3 Offers Better Bot-Fighting Capabilities
Larry Loeb  
10/31/2018   17 comments
Google is rolling out the third version of reCAPTCHA software, which the company claims can better fight spam and bots with less user input.
Deloitte Hack Still Has More Questions Than Answers
Simon Marshall  
9/27/2017   17 comments
The huge hack of global accounting firm Deloitte is still presenting more questions than answers for security professionals.
Rowhammer Vulnerability Can Bypass ECC Memory Chips
Larry Loeb  
11/27/2018   17 comments
New research finds that the Rowhammer vulnerability can be adjusted to bypass ECC memory chips, exposing processors to an attack.
Mobile Malware Group Hits Google Play a Third Time
Jeffrey Burt  
6/29/2018   17 comments
McAfee researchers found that AsiaHitGroup earlier this year again targeted Android device users in Asia with a bulked-up Sonvpay campaign complete with silent push notifications.
Beware of 'TheMoon' – Evolving Botnets
Larry Loeb  
2/4/2019   16 comments
CenturyLink's labs have been tracking a shape-shifting IoT botnet that is a security professional's worst nightmare.
Worldwide Study Finds Limited Advances Against Evolving Threats
Larry Loeb  
3/28/2019   16 comments
Security vendor SonicWall has issued its SonicWall Cyber Threat Report based on its experiences in 2018.
YouTube Shooting Ignites Debate Over Merging Physical & IT Security
Dawn Kawamoto  
4/4/2018   16 comments
A woman shot and wounded three people at YouTube's headquarters on Tuesday, a tragic event that shines a light on the industry's long-running debate over whether physical and IT security departments should be merged under one roof.
4 Steps to Make Your Website GDPR Compliant
Dawn Kawamoto  
2/27/2018   16 comments
Three months remain to whip your website into shape before the May 25 GDPR compliance deadline. Here are several steps to help you get there.
IoT Security Is a Matter of Life & Death
Simon Marshall  
12/20/2017   16 comments
When the IoT enters the hospital room, its security becomes a matter of literal life and death.
Black Hats Win: Results From the Latest Poll
Curt Franklin  
8/28/2017   16 comments
The hat you wear as a security researcher matters, say those who took the latest poll. And the most effective hat color is black.
Healthcare Industry Still in Ransomware Crosshairs
Jeffrey Burt  
12/27/2018   16 comments
A report by Kaspersky researchers has found that healthcare organizations in the US and Canada are still at heightened risk of ransomware attacks.
Spam at 40: Still a Robust Security Threat in Middle Age
Jeffrey Burt  
8/6/2018   15 comments
Four decades after the first such email was sent, attackers are still using spam to deliver their malware.
Automation Deserves Skepticism
Curt Franklin  
8/29/2017   15 comments
While automation might be the next great tech wave, let's take some time to consider it.
Welcome to 2018 in IT Security
Curt Franklin  
1/2/2018   15 comments
It's a new year filled with new threats in IT security. Rejoice!
FaceID Faces Security Headwind
Simon Marshall  
9/12/2017   15 comments
Apple brings facial recognition to the iPhone but some security experts aren't convinced the technology is ready.
Strava Data Leaks Show Limit of What We Can Protect
Larry Loeb  
2/2/2018   15 comments
When news spread this week that data leaking from Strava's fitness app could pinpoint where soldiers were training, it showed that sometimes even the best security practices have their limits.
New Intel Vulnerability Hits Almost Everyone
Curt Franklin  
1/3/2018   15 comments
A vulnerability in the way that Intel CPUs deal with memory could leave everyone using an Intel-based computer open to attack.
Perceptual Ad Blockers Have Security Flaws, Too
Larry Loeb  
11/22/2018   15 comments
Blocking ads is more than stopping annoying pop-ups. There's a security component as well. However, a crop of perceptual ad blockers that use machine learning have their own flaws and shortcomings.
Huawei Routers Vulnerable to Simplified Credential Stuffing Attack
Larry Loeb  
12/21/2018   14 comments
Security researchers at NewSky have found a vulnerability in Huawei's HG routers that leave these devices open to a brute force attack. The company has been notified, but it's not clear what, if any fix, has been applied.
All Your Intel L1 Cache Belongs to CacheOut
Larry Loeb  
1/30/2020   14 comments
Once again, a novel 'speculative execution side-channel' attack has been discovered by researchers.
OMG: Mirai Botnet Finds New Life, Again
Larry Loeb  
2/28/2018   14 comments
The Mirai botnet refuses to die. This time, it has spawned a new bot called OMG, which Fortinet researchers have seen in the wild, and it's turning IoT devices into proxy servers.
Microsoft: Tech Support Scams on the Rise
Larry Loeb  
4/25/2018   14 comments
A recent report from Microsoft shows that the number of scams using tech support as a cover is on the increase. However, many times it's up to consumers and companies to protect themselves.
Nasties Abound: Symantec's Q3 Threat Report
Larry Loeb  
12/27/2017   14 comments
Symantec's Threat Report from the 2017 Q3 shows that malware writers are busier than ever.
The Face of Enterprise Security
Larry Loeb  
11/20/2017   14 comments
Facial recognition is starting to grow as a technology on consumer devices; what does that mean for your enterprise security?
The Hard Work of Pointing Fingers
Larry Loeb  
12/21/2017   13 comments
Pointing the finger at a perpetrator is difficult. Pointing it at the right perpetrator is even harder. That doesn't stop many organizations from trying.
Major Apple Flaw Found, Fixed & Still Dangerous
Curt Franklin  
11/29/2017   13 comments
A vulnerability in MacOS High Sierra could leave Macs open and vulnerable in the world of the Internet.
Researchers Detail Self-Learning System That Secures IoT Devices
Larry Loeb  
4/27/2018   13 comments
Researchers from several universities have published a new paper describing what they believe is a better way to protect and secure IoT devices and sensors.
'Bad Bots' Invading Cellular Networks
Larry Loeb  
6/29/2018   13 comments
A new research paper from Distil Networks finds that 'bad bots' are roaming cellular networks and are using these gateways as part of numerous attacks.
More Data Breaches in Store for US Retail Industry
Larry Loeb  
7/20/2018   13 comments
A report from Thales eSecurity and 451 Research finds that the security systems of US retailers are getting breached more often than their global counterparts. As a result, IT is rethinking its security spending.
Here it Comes – Internet Privacy Regulation
Larry Loeb  
2/22/2019   13 comments
A new report by the US Government Accountability Office could be the catalyst for meaningful change on the Internet privacy front.
Is There a Silver Bullet for Zero-Day Attacks?
Larry Loeb  
2/25/2019   13 comments
Silicon Valley startup K2 Cyber Security says it has a product that will stop any zero-day attack. So where's the proof?
UPnProxy Still Infecting Thousands of Home & Small Business Routers
Larry Loeb  
11/30/2018   12 comments
An analysis by Akamai finds that UPnProxy is still out in the wild and still targeting routers mainly used in homes and by small businesses.
Investigation Into LockerGoga Ransomware Finds Flaws in the Code
Larry Loeb  
3/27/2019   12 comments
Preliminary analysis of LockerGoga shows it has, in its current forms, limited ability to spread in a network.
Symantec: Leafminer Group Is a Dangerous Group of Amateurs
Larry Loeb  
7/27/2018   12 comments
While the Leafminer group has been causing significant problems in the Middle East for well over a year, Symantec notes that the group is doing so using rather amateurish techniques.
Cybercriminals Using Kubernetes, Docker to Bitcoin Mine
Larry Loeb  
3/26/2018   12 comments
Supposedly safe and secure Docker containers and the Kubernetes orchestration system can actually be manipulated to mine Bitcoin and other cryptocurrencies, researchers have found.
Right & Wrong Lessons From the Equifax Breach
Curt Franklin  
9/22/2017   12 comments
There are lots of lessons to learn from the Equifax breach. Just make sure you're learning the right ones.
<<   <   Page 2 / 2

Latest Articles
Cisco's research has proven that beyond meeting compliance requirements, good privacy is good for business and individuals.
Once again, a novel 'speculative execution side-channel' attack has been discovered by researchers.
Security researchers have found that the implementation in Remote Desktop Gateway of string segmentation lays it open to memory corruption vulnerabilities.
In Q4 of 2019, the average ransom payment increased by 104% to $84,116, finds Coveware report.
DHS-CISA has issued a security advisory about GE Carescape medical instrumentation that enumerates many vulnerabilities present in them.
Information Resources
upcoming Webinars
Top Tips for Blocking pwned [email protected]$$wOrds in Your Organization
Tuesday, October 29, 2019
12 p.m. New York/ 4:00 p.m. London
Podcast: Infrastructure Hunting – Stopping Bad Actors in Their Tracks
Being able to effectively build a threat intelligence ecosystem or threat-hunting identification response requires both user and systems sophistication and capabilities. Security, orchestration, automation and response (SOAR) is a new technology designed to provide organizations a single comprehensive platform they can use to implement an intelligence driven security strategy.
Podcast: Digital Transformation, SD-WAN & Optimal Security
Dan Reis chats to Cybera's Josh Flynn about how to achieve digital transformation without sacrificing security.
Podcast archive
Flash Poll
In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2020 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with