Sign up for our weekly newsletter!
REGISTER NOW
Blogs
Content posted in February 2018
OMG: Mirai Botnet Finds New Life, Again
Larry Loeb  
2/28/2018   14 comments
The Mirai botnet refuses to die. This time, it has spawned a new bot called OMG, which Fortinet researchers have seen in the wild, and it's turning IoT devices into proxy servers.
GDPR: The New Price We Pay for Data Privacy
Simon Marshall  
2/28/2018   3 comments
When the EU's GDPR regulations come into effect in May, the rules around how companies and individuals regard data privacy will change forever. Even for those outside Europe, this could be an expensive journey to take.
4 Steps to Make Your Website GDPR Compliant
Dawn Kawamoto  
2/27/2018   16 comments
Three months remain to whip your website into shape before the May 25 GDPR compliance deadline. Here are several steps to help you get there.
Attackers Sell Growing Number of Legitimate SSL Certificates
Dawn Kawamoto  
2/27/2018   7 comments
Network security applications performing deep packet inspections are increasingly getting duped by these rogue legitimate certificates, according to a new report.
US Government Leads World in Data Breaches
Larry Loeb  
2/26/2018   9 comments
US government agencies are leading the world when it comes to data breaches, and the issue seems to be getting worse, according to a new report. However, a shift to cloud may help alleviate some problems.
GDPR Non-Compliance: Will Your Enterprise Get Busted?
Dawn Kawamoto  
2/26/2018   8 comments
GDPR enforcement begins May 25 and regulators are likely to focus on particular industries and types of companies, according to attorneys and analysts.
Equifax, Intel Help Spur SEC to Update Cybersecurity Regulations
Larry Loeb  
2/23/2018   18 comments
The Equifax data breach, along with problems at Intel, has spurred the Securities and Exchange Commission to update its rules about the disclosing of cybersecurity incidents that now puts greater responsibility on CEOs and other company officers.
GDPR Blackmail Looms as a Double-Dip Cyber Attack Plan
Dawn Kawamoto  
2/22/2018   4 comments
Cybercriminals' targeted attacks may also include extortion fees to keep their breaches quiet and out of the view of GDPR enforcers, researchers find.
Coldroot RAT Sends Mac Antivirus Down a Maze
Larry Loeb  
2/21/2018   5 comments
A new blog by a Digita Security researchers finds that Coldroot RAT, which specifically targets Mac and macOS users, is still eluding detection from different antivirus engines, even though it's available on GitHub.
Cryptocurrency Crime: The Internet's New Wild West
Simon Marshall  
2/20/2018   6 comments
The popularity of Bitcoin and other cryptocurrencies has opened the floodgates to different cybercrimes, scams and outright theft. A pair of reports from Cisco and Digital Shadows paints a portrait of this new Wild West of the Internet.
Microsoft Vulnerabilities More Than Doubled in 2017 – Report
Larry Loeb  
2/19/2018   17 comments
A comprehensive exam by security vendor Avecto found that the number of vulnerabilities in Microsoft's products increased from 234 to 685 between 2016 and 2017.
DDoS Today: No Safety Inside the Perimeter
Naim Falandino  
2/19/2018   1 comment
For years, protecting the perimeter was believed to be the safest way to guard against DDoS. However, the cloud, IoT and new botnets have changed that thinking. Here's how CISOs and security pros should respond.
DoubleDoor IoT Botnet Is a Harbinger of Exploits to Come
Larry Loeb  
2/16/2018   3 comments
NewSky researchers are looking into DoubleDoor, a new type of IoT botnet that combines two exploits together. It also shows what kind of security challenges lie ahead for the enterprise.
UK Accuses Russia of Launching NotPetya Attacks
Dawn Kawamoto  
2/16/2018   2 comments
The Kremlin and the Russian military used the NotPetya ransomware attack to target Ukrainian financial, energy and government centers, according to allegations the UK government made this week.
Kaspersky: Phishing Attack Attempts Soared 59% in 2017
Dawn Kawamoto  
2/15/2018   4 comments
There has been dramatic, year-over-year growth in phishing attacks, following only a slight increase in 2016 and a two-digit decline in 2015, according to a report released by Kaspersky Lab.
Mobile Malware Increases, While Hiding in Porn Sites
Simon Marshall  
2/15/2018   3 comments
Porn and other adult content sites are helping to disguise an increase in mobile malware, which is targeting users embarrassed by their online browsing habits, according to new information from Kaspersky Labs.
Mozilla Leads the Way to Safer Browser Development
Larry Loeb  
2/14/2018   Post a comment
Mozilla is looking to make web browsers safer by adding new developer features into Firefox that should make the HTTPS protocol a must-have way to transmit for websites.
Equifax Taps Former Home Depot Security Chief as New CISO
Dawn Kawamoto  
2/14/2018   Post a comment
Equifax, the embattled credit monitoring company is hoping the former Home Depot CISO can turn the beleaguered company's security around. After all, he's previously played cleanup man.
Windows 10 Bypassing Passwords With Fujitu's PalmSecure Biometrics
Larry Loeb  
2/12/2018   5 comments
Microsoft is looking to overcome the password dilemma by incorporating Fujitsu's PalmSecure biometric technology into Windows 10.
Forcepoint Finds New Malware Hiding in PoS Machines
Larry Loeb  
2/9/2018   Post a comment
The malware, which resembles a LogMeIn service pack, can capture data from credit cards and then reproduce the card or other information. However, Forcepoint believes this strain of malware is still under development.
Fidelis Researchers Demo Dangerous Covert Channel in Digital Certificates
Larry Loeb  
2/7/2018   2 comments
Researchers at Fidelis have found a way to exploit a flaw in the X.509 certificate protocol to create a covert data exchange channel.
Trend Micro Finds 89 Malicious Chrome Extensions Dispensing 'Malvertising'
Larry Loeb  
2/5/2018   6 comments
All 89 of these malicious Google Chrome Extensions come from one group calling itself Droidclub.
Can Machine Learning Overcome the Threat Intelligence Gap?
Simon Marshall  
2/5/2018   1 comment
Threat intelligence is a major concern for enterprises. Security firm Recorded Future believes machine learning can help overcome the gap between the haves and the have-nots.
Strava Data Leaks Show Limit of What We Can Protect
Larry Loeb  
2/2/2018   15 comments
When news spread this week that data leaking from Strava's fitness app could pinpoint where soldiers were training, it showed that sometimes even the best security practices have their limits.
Allure Seed Round Funds AI Security
Simon Marshall  
2/2/2018   3 comments
Flush with $5.3 million in funding, Allure Security is taking a novel approach to data security by using AI and machine learning. CTO Dr. Salvatore J. Stolfo sat down with Security Now to explain how it works.




Latest Articles
But to prepare for something usually means you have an idea about what you are preparing for, no?
An emerging and increasingly sophisticated threat campaign is employing obscure file formats.
Being able to effectively build a threat intelligence ecosystem or threat-hunting identification response requires both user and systems sophistication and capabilities. Security, orchestration, automation and response (SOAR) is a new technology designed to provide organizations a single comprehensive platform they can use to implement an intelligence driven security strategy.
Dan Reis chats to Cybera's Josh Flynn about how to achieve digital transformation without sacrificing security.
An IoT device carries with it the implicit threat of being used for nefarious purposes if it has not been created with security foremost in mind.
Flash Poll
Video
In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
Radio Shows
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2019 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with