Sign up for our weekly newsletter!
REGISTER NOW
News & Views
Latest Content
Page 1 / 2   >   >>
McAfee Finds More Malware on Google Play Targeting North Korea Dissidents
News Analysis  
5/18/2018   3 comments
McAfee researchers have found more malware hiding in the Google Play store that is targeting North Korean dissidents. It's the second instance of the so-called ‘Sun Team.’
Throwhammer & Nethhammer Show How Chips Are Vulnerable to Bit Flips
Larry Loeb  
5/18/2018   4 comments
In a pair of papers released over the last week, researchers have shown how two different types of attacks, Throwhammer and Nethhammer, can cause a bit flip in chips by sending packets across a standard network.
FBI Suspects Former CIA Worker of Vault 7 Leak – Report
News Analysis  
5/18/2018   1 comment
Federal prosecutors and the FBI believe that a former CIA developer gave the so-called Vault 7 tools to Wikileaks but have been unable to prove it or bring charges, according to a published report.
WannaCry: How the Notorious Worm Changed Ransomware
Jeffrey Burt  
5/17/2018   3 comments
This week marked the one-year anniversary of the WannaCry ransomware attacks and its impact can still be seen in the form of such encrypting malware as NotPetya, BadRabbit and Olympic Destroyer.
GDPR Is Driving Businesses to Revamp Privacy & Security Policies
News Analysis  
5/17/2018   2 comments
While enterprises have been slow to respond to the rigors of GDPR guidelines, companies are now using the May 25 deadline to improve their data privacy and security infrastructure, according to a survey from IBM.
Relax: PGP Is Still Secure
Larry Loeb  
5/16/2018   3 comments
Talk about overreacting. After researchers claimed to have found some flaws in PGP, the industry lost its collective mind. Here's what is really happening.
Next-Generation Firewalls: Poorly Named but Essential to the Enterprise Network
Alan Zeichick  
5/16/2018   Post a comment
They may be stupidly named but they are essential for protecting enterprise assets that span on-premises servers, IaaS and PaaS clouds, as well as virtual machines.
Trump Administration Eliminating Cyber Coordinator Role – Report
News Analysis  
5/16/2018   Post a comment
The Trump administration is eliminating the role of cyber coordinator on the National Security Council under the guise of streamlining the decision process. Security pros aren't impressed...
Chili's Investigating Data Breach After Malware Infects PoS Machines
News Analysis  
5/15/2018   2 comments
Chili's is investigating a data breach that started when the restaurant chain's point-of-sale machines were infected with malware. It's not clear what customer data was taken or how much.
UNC Researchers Pitch Framework to Fight Password Reuse
Jeffrey Burt  
5/15/2018   1 comment
The proposal from two security researchers at the University of North Carolina would entail creating a protocol that would enable websites and service providers to block attempts by individuals trying to use the same password for multiple sites.
Trump Tweets Lifeline to ZTE
News Analysis  
5/14/2018   3 comments
After running afoul of the US Commerce Department and raising security concerns, ZTE appears to get a lifeline from President Trump.
Radware: Nigelthorn Malware Hiding in Google Chrome Extensions
Larry Loeb  
5/14/2018   3 comments
A new type of malware called Nigelthorn is hiding in Google Chrome extensions and hijacking victims as part of an elaborate cryptomining scheme, Radware reports.
IBM's USB Ban Earns Some Praise, Some Skepticism
News Analysis  
5/14/2018   4 comments
In a bold move that has security experts talking, IBM is reportedly looking to ban USB drives, as well as other portable storage devices, for its employees.
ZooPark Malware Targets Android Users in Middle East, Kaspersky Finds
Jeffrey Burt  
5/11/2018   1 comment
The ZooPark malware that has infected Android phones has evolved rapidly over the past three years and can now steal data ranging from browser histories to photos, videos and keylogs as well as information from external apps.
Microsoft's JavaScript Update for Excel Is a Gift to Cryptominers
Larry Loeb  
5/11/2018   3 comments
At Build 2018, Microsoft revealed a new JavaScript features that is supposed to add new functionality into Excel. However, it's also a gift for those who want to indulge in cryptomining schemes.
Cisco: As Business Users Go Mobile, So Do Attackers
Jeffrey Burt  
5/10/2018   Post a comment
Cisco monitored the wireless traffic at the MWC show in February and found more than 32,000 security events and high use of encryption, though some applications used outdated protocols.
Microsoft, Apple & Others Rush OS Patches Following Debugging Debacle
News Analysis  
5/10/2018   2 comments
Microsoft, Apple, along with several open source operating systems providers, plus a few hypervisor vendors, rushed patches out this week following a x86 chip debugging mistake.
Equifax Filing Sheds Light on 2017 Data Breach Carnage
News Analysis  
5/9/2018   1 comment
In a new filing with Securities and Exchange Commission, Equifax executives are offering a greater level of detail of the 2017 data breach that affected more than 146 million customers.
FBI: Ransomware Contributed to $1.4B in Losses in 2017
News Analysis  
5/9/2018   2 comments
The FBI's Internet Crime Complaint Center is out with its annual report based on complaints from consumers in the US, as well as overseas. Overall, losses totaled $1.4 billion in 2017, with ransomware, business email compromise and tech support fraud as the main culprits.
Phishers Are Finding Ways Around Office 365's ATP Feature
Larry Loeb  
5/9/2018   8 comments
Security researchers at Avanan have seen phishers using a new method to circumvent Microsoft Office 365's ATP technology, which is allowing them to send malicious emails.
Romanian Hackers Extradited to US for $18M Bank Fraud Scheme
News Analysis  
5/8/2018   5 comments
The DOJ has charged three Romanian citizens with using automated phones calls and software to steal about $18 million from bank customers in the US.
Number of Data Breach Reports Fell More Than 50% in Q1 – Study
News Analysis  
5/8/2018   1 comment
The number of reported data breaches fell more than 50% in the first quarter of this year compared to the same time in 2017, as attackers focused more on cryptomining and cryptojacking schemes.
China's Cyberspies Are Changing Tactics, Techniques & Targets
Larry Loeb  
5/7/2018   2 comments
A new report from 401TRG about the Winnti Umbrella group finds that cyberspies in China are changing their techniques as they zero in on new targets.
Endpoint Security: A Never-Ending Battle to Keep Up
Simon Marshall  
5/7/2018   1 comment
Endpoint security has evolved over the last several years as the BYOD trend has slowed, but enterprises are still uploading more data to the cloud, which is accessible on more devices. Even the notion of what an endpoint is has changed. What can enterprise security do?
'Spectre NG' Flaws Reportedly Found in Intel Chips
News Analysis  
5/4/2018   1 comment
A German magazine is reporting that ’Spectre Next Generation’ vulnerabilities have been found in Intel's x86 processors, although full details are not being released yet.
ICS Network Managers: Time for a Wake-Up Call
Larry Loeb  
5/4/2018   Post a comment
A report from Positive Technologies shows that despite the best efforts to wall and secure Industrial Control Systems from the wider Internet, attackers are still able to target and exploit this equipment.
Pentagon, Citing Security, Will Stop Selling Huawei, ZTE Smartphones
News Analysis  
5/3/2018   9 comments
The Pentagon is following a ruling by the FCC and concern from other government agencies, and is now discontinuing sales of Huawei and ZTE smartphones to DoD personnel.
New Vulnerability Puts Industrial Systems at Risk
News Analysis  
5/3/2018   1 comment
Security research firm Tenable has found a new remote code execution vulnerability in software made by Schneider Electric that is used in power plants and other industrial systems.
Microsoft's 4-Step Plan for Eliminating Passwords
Jeffrey Burt  
5/3/2018   1 comment
Microsoft is on a campaign to replace passwords with other authentication methods and it points to its Windows Hello and Authenticator app as examples of viable alternatives.
RiskSense Platform Demonstration
Sponsored Video  
5/3/2018   Post a comment
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a vulnerability management and cyber risk platform, which helps companies manage their cyber risks through their vulnerabilities.
Ransomware Attacks Against Healthcare Increased in 2017
News Analysis  
5/2/2018   12 comments
A Cylance report looking at the threat landscape of 2017 found that the healthcare industry took the brunt of ransomware attacks.
Microsoft's TCPS Project Looks to Secure IIoT & ICS
Larry Loeb  
5/2/2018   4 comments
As industrial systems continue to grow and ICS and IIoT get more connected, Microsoft is looking for a new way to lock down data within these systems. At a recent show, Redmond detailed TCPS, which offers new ways to protect data through the cloud.
Janus' Approach to Enterprise Security: BIOS-Based Endpoint Security Solution
Sponsored Video  
5/2/2018   Post a comment
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice president of business development at Janus Technologies, discusses and gives us a demo of each of their new security releases.
AI: Not the Cure-All for IT Security Skill Shortage
Jeffrey Burt  
5/1/2018   3 comments
A new report by DomainTools and the Ponemon Institute finds that while automation will replace low-level security tasks, it will only increase the demand for highly skilled pros.
Cybercriminals Increasingly Targeting 'Crown Jewels' Both Inside & Out
News Analysis  
5/1/2018   6 comments
Protecting the 'crown jewels' of an enterprise and organization is always a top priority. However, cybercriminals are now trying to steal this privileged data from both inside, as well as outside, businesses of all kinds.
Insider Threats Cost Enterprises More Than $8M Every Year – Report
News Analysis  
4/30/2018   11 comments
Insider threats, whether it's an employee with malicious intent or a worker is simply careless, can cost enterprises more than $8 million over the course of 12 months to clean up, according to a new report.
Rubella Macro Builder Crimeware Kit Price Drops to $40
Larry Loeb  
4/30/2018   3 comments
Crime might not pay, but it also doesn't have to be expensive to try. Flashpoint researchers have found that the monthly fee for the Rubella Macro Builder crimeware kit dropped to $40 on the underground market.
North Korea-Linked 'Operation GhostSecret' Found in 17 Countries
News Analysis  
4/27/2018   5 comments
A new report out this week from McAfee has identified a new North Korea-linked cyber operation called 'GhostSecret,' which appears to be active in 17 different countries and targeting a number of different industries.
Researchers Detail Self-Learning System That Secures IoT Devices
Larry Loeb  
4/27/2018   13 comments
Researchers from several universities have published a new paper describing what they believe is a better way to protect and secure IoT devices and sensors.
Orangeworm Malware Burrows Into Healthcare Industry
Jeffrey Burt  
4/26/2018   2 comments
A group of cybercriminals, known collectively as Orangeworm, are using their own malware and a custom backdoor called Kwampirs in highly targeted attacks against healthcare organizations, according to Symantec.
Cryptocurrency Theft Uses Old Exploit to Highjack AWS Traffic
News Analysis  
4/26/2018   2 comments
Earlier this week, attackers stole about $150,000 worth of cryptocurrency by exploiting a flaw in Domain Name System servers that allowed the group to hijack AWS traffic for about two hours.
Microsoft: Tech Support Scams on the Rise
Larry Loeb  
4/25/2018   14 comments
A recent report from Microsoft shows that the number of scams using tech support as a cover is on the increase. However, many times it's up to consumers and companies to protect themselves.
5 New Network Attack Techniques That Will Keep You Awake at Night
Alan Zeichick  
4/25/2018   1 comment
You can't trust anything -- not the cloud, not hardware, not industrial control systems. Take nothing for granted, advise the experts, and trust nothing.
SEC Slaps Yahoo Successor With $35M Fine for 2014 Data Breach
News Analysis  
4/25/2018   5 comments
The SEC has hit Yahoo's successor, Altaba, with a $35 million fine related to the company's 2014 data breach.
Smartphones Remain the Most Vulnerable of Endpoints
Simon Marshall  
4/24/2018   4 comments
The nature of mobile devices, especially smartphones, continues to make them the most vulnerable of endpoint devices. Here's why enterprise security teams need to stay vigilante.
Atlanta's Ransomware Attack Cost Around $2.6M – Report
News Analysis  
4/24/2018   2 comments
A report indicates that Atlanta spent a little over $2.6 million to defend itself against the SamSam ransomware attack that crippled city services earlier this year.
SunTrust Investigation Shows Continuing Threats Posed by Insiders
News Analysis  
4/24/2018   3 comments
SunTrust Banks investigate a possible data theft by an employee that could have exposed the personal information of 1.5 million customers. The incident shows insider threats remain a significant security issue.
Cybercrime: More Like Facebook's Model Than Traditional Criminal Enterprise
Larry Loeb  
4/23/2018   7 comments
As the global economy has changed, so has cybercrime, which resembles something much closer to how Facebook works than a traditional criminal enterprise, according to a new report.
It's the People: 5 Reasons Why SOC Can't Scale
Alan Zeichick  
4/23/2018   2 comments
There are always more security alerts and threats to respond, but the answer isn't to simply throw more money at the SOC to hire additional Tier 1 and Tier 2 security analysts.
At-Risk Routers & Russian Hacking Plans Stir Talk at RSA
News Analysis  
4/23/2018   Post a comment
At last week's RSA conference, the recent US and UK disclosure that Russia-backed actors have been targeting unpatched and older routers stirred conversations among security experts.
Page 1 / 2   >   >>




Latest Articles
In a pair of papers released over the last week, researchers have shown how two different types of attacks, Throwhammer and Nethhammer, can cause a bit flip in chips by sending packets across a standard network.
This week marked the one-year anniversary of the WannaCry ransomware attacks and its impact can still be seen in the form of such encrypting malware as NotPetya, BadRabbit and Olympic Destroyer.
Talk about overreacting. After researchers claimed to have found some flaws in PGP, the industry lost its collective mind. Here's what is really happening.
They may be stupidly named but they are essential for protecting enterprise assets that span on-premises servers, IaaS and PaaS clouds, as well as virtual machines.
The proposal from two security researchers at the University of North Carolina would entail creating a protocol that would enable websites and service providers to block attempts by individuals trying to use the same password for multiple sites.
Information Resources
upcoming Webinars
Cloud Access Security Brokers in the Wild
Wednesday, May 30, 2018
1:00 p.m. EST / 10:00 a.m. PST
Flash Poll
Video
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
Facebook has introduced new measures that will enable users to secure access to their accounts using a physical 'key' application.
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
Radio Shows
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2018 Light Reading - an Informa business, trading within KNect365 US, Inc. All rights reserved. Privacy Policy | Terms of Use
in partnership with