Blogs
Most Commented Content posted in September 2018
Verizon Study Finds PCI DSS Compliance Falls Worldwide
Jeffrey Burt  
9/27/2018   8 comments
Verizon's report says that fewer businesses are complying with the PCI DSS payment standard despite the rising threat of security breaches and consumer data theft.
Adwind RAT Squeaks Past Linux, Windows, macOS Defenses
Larry Loeb  
9/26/2018   6 comments
A newer version of the Adwind 3.0 Trojan can elude the AV defenses of Linux, Windows and macOS systems, according to Talos and ReversingLabs.
Leaders & Employees Confess Cybersecurity Mistakes – Switchfast Report
Larry Loeb  
9/5/2018   6 comments
Leaders of small and midsized business are making common cybersecurity goofs and failing to model the right behaviors.
Data Breach Can Affect Company's Long-Term Stock Price
Larry Loeb  
9/19/2018   6 comments
A recent study by CompariTech finds that data breaches can have some long-term effects when it comes to a company's stock price, but most of the financial damage diminishes over time.
Fuji's Electric V-Server Susceptible to Numerous Vulnerabilities
Larry Loeb  
9/17/2018   5 comments
Another industrial control system is shown to have a series of serious flaws. This time, it's Fuji's Electric V-Server, according to warnings from ICS-CERT.
NordVPN & ProtonVPN Offerings Vulnerable to Code Execution Attack
Larry Loeb  
9/12/2018   4 comments
A report from Cisco Talos found that VPNs developed by NordVPN and ProtonVPN were each vulnerable to the same code execution attack.
US Is No. 1 in Malicious Web Addresses
Larry Loeb  
9/7/2018   4 comments
Palo Alto Network's Unit 42 has found that from April to June 2018 the US was numero uno in hosting malicious domains and exploit kits.
Magecart Group Likely Behind Increase in Formjacking Attacks
Larry Loeb  
9/28/2018   4 comments
A recent analysis by Symantec researchers has found a significant increase in formjacking attacks. The reason, according to some, is an increase in activity from the Magecart group.
Get Ready for Realistic Attacks on the Internet of Things
Alan Zeichick  
9/4/2018   4 comments
Good news: We haven't seen a widespread action against IoT devices. Bad news: IoT devices are shockingly vulnerable.
Android Spyware BusyGasper: Small With Unusual Capabilities
Jeffrey Burt  
9/5/2018   4 comments
Kaspersky researchers said the malware is not sophisticated, but it comes packed with a broad array of interesting features and capabilities.
Attackers Snoop on MikroTik Router Traffic
Larry Loeb  
9/6/2018   3 comments
Researchers at Qihoo 360 Netlab report that unknown attackers have eavesdropped on the traffic of thousands of MikroTik routers.
Cryptominers Rush to Exploit Apache Struts 2 Vulnerability
Larry Loeb  
9/10/2018   2 comments
The Apache Struts 2 vulnerability was revealed about two weeks ago. Now F5 Labs has found that it's being used in a Monero cryptomining exploit.
Malicious Bot-Enabled, Credential-Stuffing Jamming Networks
Larry Loeb  
9/24/2018   2 comments
A research report from Akamai finds the number of bot-enabled, credential-stuffing incidents has spiked in recent months, jamming networks with malicious traffic.
California Looks to Pass Rudimentary IoT Security Legislation
Joe Stanganelli  
9/19/2018   2 comments
A California bill specific to IoT cybersecurity measures sits on Gov. Jerry Brown's desk, ready for him to sign it into law. The wording and limits of the law, however, leaves questions as to just how big an effect it will have.
iOS 12: How Apple Keeps Getting Mobile Security Wrong
Joe Stanganelli  
9/25/2018   1 comment
Are iOS updates for suckers? Apple's iOS 12 may represent the latest in a series of flawed releases that could compound user mistrust – further training the company's users to delay updates and patches.
Ransomware Developers Embrace Politics, Targeting Obama, Trump & Merkel
Jeffrey Burt  
9/20/2018   1 comment
Recent malware campaigns have used names such as Barak Obama, Angela Merkel and Donald Trump to entice unsuspecting users to download the ransomware, McAfee researchers have found.




Latest Articles
Cisco's research has proven that beyond meeting compliance requirements, good privacy is good for business and individuals.
Once again, a novel 'speculative execution side-channel' attack has been discovered by researchers.
Security researchers have found that the implementation in Remote Desktop Gateway of string segmentation lays it open to memory corruption vulnerabilities.
In Q4 of 2019, the average ransom payment increased by 104% to $84,116, finds Coveware report.
DHS-CISA has issued a security advisory about GE Carescape medical instrumentation that enumerates many vulnerabilities present in them.
Information Resources
upcoming Webinars
ARCHIVED
Top Tips for Blocking pwned [email protected]$$wOrds in Your Organization
Tuesday, October 29, 2019
12 p.m. New York/ 4:00 p.m. London
Podcasts
Podcast: Infrastructure Hunting – Stopping Bad Actors in Their Tracks
Being able to effectively build a threat intelligence ecosystem or threat-hunting identification response requires both user and systems sophistication and capabilities. Security, orchestration, automation and response (SOAR) is a new technology designed to provide organizations a single comprehensive platform they can use to implement an intelligence driven security strategy.
Podcast: Digital Transformation, SD-WAN & Optimal Security
Dan Reis chats to Cybera's Josh Flynn about how to achieve digital transformation without sacrificing security.
Podcast archive
Flash Poll
Video
In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2020 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with