Sign up for our weekly newsletter!
REGISTER NOW
Blogs
Content posted in September 2018
Magecart Group Likely Behind Increase in Formjacking Attacks
Larry Loeb  
9/28/2018   4 comments
A recent analysis by Symantec researchers has found a significant increase in formjacking attacks. The reason, according to some, is an increase in activity from the Magecart group.
Verizon Study Finds PCI DSS Compliance Falls Worldwide
Jeffrey Burt  
9/27/2018   8 comments
Verizon's report says that fewer businesses are complying with the PCI DSS payment standard despite the rising threat of security breaches and consumer data theft.
Adwind RAT Squeaks Past Linux, Windows, macOS Defenses
Larry Loeb  
9/26/2018   6 comments
A newer version of the Adwind 3.0 Trojan can elude the AV defenses of Linux, Windows and macOS systems, according to Talos and ReversingLabs.
iOS 12: How Apple Keeps Getting Mobile Security Wrong
Joe Stanganelli  
9/25/2018   Post a comment
Are iOS updates for suckers? Apple's iOS 12 may represent the latest in a series of flawed releases that could compound user mistrust – further training the company's users to delay updates and patches.
Malicious Bot-Enabled, Credential-Stuffing Jamming Networks
Larry Loeb  
9/24/2018   2 comments
A research report from Akamai finds the number of bot-enabled, credential-stuffing incidents has spiked in recent months, jamming networks with malicious traffic.
Cloudflare Looks to Take the Pain Out of DNSSEC Protocol Adoption
Larry Loeb  
9/21/2018   Post a comment
Uptake of the newer DNSSEC protocol has been slow, but a new tool from Cloudflare looks to make it easier to ensure secure websites and more control over DNS.
Xbash Malware: Dangerous Mix of Threats
Jeffrey Burt  
9/21/2018   Post a comment
The Xbash malware includes ransomware and cryptomining functions as well as botnet and self-propagation capabilities and will delete Linux databases.
Ransomware Developers Embrace Politics, Targeting Obama, Trump & Merkel
Jeffrey Burt  
9/20/2018   1 comment
Recent malware campaigns have used names such as Barak Obama, Angela Merkel and Donald Trump to entice unsuspecting users to download the ransomware, McAfee researchers have found.
Data Breach Can Affect Company's Long-Term Stock Price
Larry Loeb  
9/19/2018   6 comments
A recent study by CompariTech finds that data breaches can have some long-term effects when it comes to a company's stock price, but most of the financial damage diminishes over time.
California Looks to Pass Rudimentary IoT Security Legislation
Joe Stanganelli  
9/19/2018   2 comments
A California bill specific to IoT cybersecurity measures sits on Gov. Jerry Brown's desk, ready for him to sign it into law. The wording and limits of the law, however, leaves questions as to just how big an effect it will have.
PyLocky Ransomware Can Get Around Machine Learning Solutions
Jeffrey Burt  
9/18/2018   Post a comment
The PyLocky ransomware, detected by Trend Micro, puts a focus on the ongoing machine learning race between cybersecurity experts and bad actors.
Fuji's Electric V-Server Susceptible to Numerous Vulnerabilities
Larry Loeb  
9/17/2018   5 comments
Another industrial control system is shown to have a series of serious flaws. This time, it's Fuji's Electric V-Server, according to warnings from ICS-CERT.
Why CISOs Need a Seat at the IoT Projects Table
Dawn Kawamoto  
9/17/2018   Post a comment
Only 38% of CISOs and IT security professionals are asked for their input when IoT projects are launched, despite frequent attacks against IoT devices, according to a recent Trend Micro report.
Iran Targeting ISIS Supporters, Kurds With Spyware
Jeffrey Burt  
9/14/2018   Post a comment
Check Point researchers found that victims of Iran's campaign were enticed to download mobile apps that were packed with spyware.
OpenSSL 1.1.1 Released With TLS 1.3 Support
Larry Loeb  
9/14/2018   Post a comment
The 1.1.1 version of OpenSSL, the popular cryptography library for encrypted communications, has been released with support for TLS 1.3, as well as other improvements.
Lock Up Your Laptops: Cold Boot Attacks Are Back
Joe Stanganelli  
9/14/2018   Post a comment
Researchers at F-Secure have developed a workaround to nullify the popular ten-year-old patch that was thought to have solved the problem of cold-boot attacks. Encryption keys and other sensitive data on millions of laptops could be affected.
Cobalt Group Returns With Downloader Malware
Jeffrey Burt  
9/13/2018   Post a comment
Proofpoint found new campaigns by the notorious cybercrime gang using its CobInt modular downloader.
NordVPN & ProtonVPN Offerings Vulnerable to Code Execution Attack
Larry Loeb  
9/12/2018   4 comments
A report from Cisco Talos found that VPNs developed by NordVPN and ProtonVPN were each vulnerable to the same code execution attack.
Will Charges Against WannaCry & Sony Cybercrimes Suspect Temper Future Attacks?
Dawn Kawamoto  
9/11/2018   Post a comment
The Justice Department has charged North Korean national Park Jin Hyok with conspiracy to commit wire fraud and computer-related fraud in several high-profile cases, including the WannaCry ransomware virus attack and Sony Pictures Entertainment hack. Will cases like this temper future cyber attacks?
Cryptominers Rush to Exploit Apache Struts 2 Vulnerability
Larry Loeb  
9/10/2018   2 comments
The Apache Struts 2 vulnerability was revealed about two weeks ago. Now F5 Labs has found that it's being used in a Monero cryptomining exploit.
US Is No. 1 in Malicious Web Addresses
Larry Loeb  
9/7/2018   4 comments
Palo Alto Network's Unit 42 has found that from April to June 2018 the US was numero uno in hosting malicious domains and exploit kits.
Trend Micro: Cryptomining, Data Breaches Highlight Busy 1H 2018
Jeffrey Burt  
9/7/2018   Post a comment
The rise of design flaws in processors from Intel and other chip-makers and the slowing down of ransomware were key trends in cybersecurity in the first six months of the year.
Attackers Snoop on MikroTik Router Traffic
Larry Loeb  
9/6/2018   3 comments
Researchers at Qihoo 360 Netlab report that unknown attackers have eavesdropped on the traffic of thousands of MikroTik routers.
Leaders & Employees Confess Cybersecurity Mistakes – Switchfast Report
Larry Loeb  
9/5/2018   6 comments
Leaders of small and midsized business are making common cybersecurity goofs and failing to model the right behaviors.
Android Spyware BusyGasper: Small With Unusual Capabilities
Jeffrey Burt  
9/5/2018   4 comments
Kaspersky researchers said the malware is not sophisticated, but it comes packed with a broad array of interesting features and capabilities.
Get Ready for Realistic Attacks on the Internet of Things
Alan Zeichick  
9/4/2018   4 comments
Good news: We haven't seen a widespread action against IoT devices. Bad news: IoT devices are shockingly vulnerable.




Latest Articles
But to prepare for something usually means you have an idea about what you are preparing for, no?
An emerging and increasingly sophisticated threat campaign is employing obscure file formats.
Being able to effectively build a threat intelligence ecosystem or threat-hunting identification response requires both user and systems sophistication and capabilities. Security, orchestration, automation and response (SOAR) is a new technology designed to provide organizations a single comprehensive platform they can use to implement an intelligence driven security strategy.
Dan Reis chats to Cybera's Josh Flynn about how to achieve digital transformation without sacrificing security.
An IoT device carries with it the implicit threat of being used for nefarious purposes if it has not been created with security foremost in mind.
Flash Poll
Video
In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
Radio Shows
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2019 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with