Content posted in January 2018
Ransomware Shows There's no Honor Among Cyberthieves
Larry Loeb  
1/31/2018   11 comments
Proofpoint has found that one group of cybercrooks is stealing from other gangs of cybercriminals by using a proxy Tor browser to steal Bitcoins used to pay off ransomware threats.
Cryptomining: Paying the Price for Cryptocurrency
Simon Marshall  
1/30/2018   25 comments
The growing popularity of Bitcoin and other cryptocurrency has led to cryptomining, with enterprises and individuals running the software unknowingly. Here's a look at the underside of this new business model.
OilRig's Use of RGDoor Shows Sophistication of Nation-State Attacks
Larry Loeb  
1/29/2018   2 comments
OilRig, a group linked to Iran, has been installing RGDoor, a secondary backdoor that can reopen a system even if it's been fixed. Its use shows how sophisticated nation-state attacks are becoming.
Security Spending Increasing, Along With Data Breaches
Larry Loeb  
1/29/2018   22 comments
In one of those good news/bad news reports on the state of security, the amount of money being spent on security is expected to increase this year, but the number of data breaches is also rising.
8 Personal & Professional Data Privacy Tips to Follow
Simon Marshall  
1/25/2018   6 comments
With International Data Privacy Day coming later this month, Security Now offers a checklist to help protect personal and professional data.
Linus Torvalds: Intel's Spectre Patch Is 'Complete & Utter Garbage'
Larry Loeb  
1/24/2018   17 comments
In a scathing assessment of Intel's efforts to patch the Spectre flaw, Linux inventor Linus Torvalds offers no quarter for the chipmaker.
SamSam Ransomware Continues Making Hospitals Sick
Larry Loeb  
1/22/2018   5 comments
SamSam or Samas continues to surface in hospitals and other healthcare facilities. The way the ransomware works shows how vulnerable healthcare is to these particular types of attacks.
Thycotic's Joseph Carson: Government & Encryption Issues Will Be Huge
Simon Marshall  
1/22/2018   Post a comment
In the second part of his Q&A with Security Now, Thycotic Chief Security Scientist Joseph Carson talks about encryption and the role that governments play in security.
Spectre Can Obfuscate Tracking Tools, Too
Larry Loeb  
1/19/2018   4 comments
As the security community learns more about the Spectre vulnerability, clever coders are already finding other exploits. Here's looking at the first of many.
Google Chrome Extensions Hide Malice
Larry Loeb  
1/17/2018   9 comments
Researchers from ICEBEG found malicious code hiding in four popular Google Chrome extensions. The search giant is working to fix the problem.
Thycotic's Joseph Carson: Hackers Will Soon Read Your Mind
Simon Marshall  
1/16/2018   Post a comment
In the first part of his Q&A with Security Now, Thycotic's Joseph Carson talks privacy in an interconnected world and how hackers will soon read minds.
After Spectre & Meltdown, Intel Faces an 'Evil Maid' Problem
Larry Loeb  
1/16/2018   2 comments
In a rough start to 2018, Intel is dealing with the Spectre and Meltdown vulnerabilities in its CPUs, and now the chip maker is confronting reports of a flaw that leaves chips open to an 'Evil Maid' attack.
Security Warning: Intel Inside
Larry Loeb  
1/12/2018   9 comments
At CES, Intel CEO Brian Krzanich looked to reassure the whole industry that the chip maker would ensure that its processors were secure following the Meltdown and Spectre disclosures.
Smaller Financial Firms Preparing for New Ransomware Threats
Simon Marshall  
1/10/2018   1 comment
Nearly a year after WannaCry and other ransomware attacks that targeted financial institutions, smaller firms are looking to prepare. Here's what the CISO of Texas-based Real Time Resolutions is doing to fight back.
WPA3 Standard Teased at CES Following KRACK Attack
Larry Loeb  
1/10/2018   Post a comment
A few months after the KRACK attack, the Wi-Fi Alliance unveiled a few details about the upcoming WPA3 standards, with an emphasis on security and encryption.
Dell EMC, VMware Race to Plug Virtual Appliance Security Hole
Larry Loeb  
1/9/2018   Post a comment
Dell EMC, along with VMware, are hard at work plugging a zero-day exploit that targets the companies' virtual appliance gear.
A Necessary Security Slowdown
Curt Franklin  
1/5/2018   4 comments
The key to being more secure might well lie in the ability to slow down just a bit.
Friday Haiku: Open Books
Curt Franklin  
1/5/2018   1 comment
The year opens with a huge vulnerability. Of course there's a haiku to explain it all.
Cybersecurity on the Attack: Security Now Poll Results
Curt Franklin  
1/4/2018   2 comments
The readers of Security Now have weighed in on the idea of cybersecurity teams going on the offense against hackers. Hackers might want to start worrying.
Countries, Coins & Cloud Will Test Enterprise Security in 2018
Simon Marshall  
1/4/2018   1 comment
According to expert researchers from Kaspersky Labs, 2018's security challenges will be bigger than those seen in 2017.
Meltdown & Spectre News Gets Worse – & Better
Larry Loeb  
1/4/2018   3 comments
Intel CPU vulnerabilities grow in scope but patches to address the problem are beginning to be deployed.
New Intel Vulnerability Hits Almost Everyone
Curt Franklin  
1/3/2018   15 comments
A vulnerability in the way that Intel CPUs deal with memory could leave everyone using an Intel-based computer open to attack.
Cyber Insurance Builds for Business
Simon Marshall  
1/3/2018   1 comment
Insurance for cyber issues is growing to take its place with property, casualty and business continuity insurance for the enterprise.
Autofill Brings Automatic Vulnerability
Larry Loeb  
1/2/2018   4 comments
A vulnerability in browser-based autofill may mean that your users are spilling the beans on much more than they know.
Welcome to 2018 in IT Security
Curt Franklin  
1/2/2018   15 comments
It's a new year filled with new threats in IT security. Rejoice!
Chain of Flaws Threatens Win 10
Larry Loeb  
1/1/2018   19 comments
Chaining multiple vulnerabilities can create attacks that threaten millions of Windows 10 computers.

Latest Articles
Cisco's research has proven that beyond meeting compliance requirements, good privacy is good for business and individuals.
Once again, a novel 'speculative execution side-channel' attack has been discovered by researchers.
Security researchers have found that the implementation in Remote Desktop Gateway of string segmentation lays it open to memory corruption vulnerabilities.
In Q4 of 2019, the average ransom payment increased by 104% to $84,116, finds Coveware report.
DHS-CISA has issued a security advisory about GE Carescape medical instrumentation that enumerates many vulnerabilities present in them.
Information Resources
upcoming Webinars
Top Tips for Blocking pwned [email protected]$$wOrds in Your Organization
Tuesday, October 29, 2019
12 p.m. New York/ 4:00 p.m. London
Podcast: Infrastructure Hunting – Stopping Bad Actors in Their Tracks
Being able to effectively build a threat intelligence ecosystem or threat-hunting identification response requires both user and systems sophistication and capabilities. Security, orchestration, automation and response (SOAR) is a new technology designed to provide organizations a single comprehensive platform they can use to implement an intelligence driven security strategy.
Podcast: Digital Transformation, SD-WAN & Optimal Security
Dan Reis chats to Cybera's Josh Flynn about how to achieve digital transformation without sacrificing security.
Podcast archive
Flash Poll
In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2020 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with