Sign up for our weekly newsletter!
REGISTER NOW
News & Views
Latest Content
Page 1 / 2   >   >>
Facebook Exposes Millions of Unencrypted User Passwords
Larry Loeb  
3/22/2019   3 comments
It's an internal matter – but it could affect millions of the social network's users.
FIN7 Resurfaces With New Malware Techniques
Larry Loeb  
3/22/2019   Post a comment
The FIN7 group of cyber criminals is still going strong.
Jackson County Still Recovering After Paying Ryuk Ransom
Joe Stanganelli  
3/21/2019   Post a comment
Radio silence after reports of a headline-snagging ransomware payment in Jackson County, Ga., presents a possible case study in the pros and cons of paying ransomware attackers.
Evidence Found of Malware Families Collaborating
Larry Loeb  
3/20/2019   3 comments
IBM's X-Force has found that intertwined relationships exist between the Trickbot, Gozi, Ramnit and IcedID malware families – and that spells trouble.
Cyber Attacks Grow by 55% in 2018 & Data Theft Dominates – Report
Larry Loeb  
3/19/2019   4 comments
The findings from Positive Technologies aren't that, erm, positive.
Is Your Supply Chain the Weakest Link?
Steve Durbin  
3/19/2019   2 comments
Despite organizations' best efforts to secure intellectual property and other sensitive information, limited progress has been made in effectively managing information risk in the supply chain.
Study Shows Massive Attacks Bypassing MFA
Larry Loeb  
3/18/2019   5 comments
Multi-factor authentication is no silver bullet for security problems.
New IoT Device Regulation Establishes Base Line for Security
Larry Loeb  
3/15/2019   2 comments
Legislation seeks to use the spending power of the government, which, if the bill goes through, will only be able to acquire those IoT devices that meet the bill's requirements.
North Korea Circumvents Sanctions Through Cybercrime, Says Report
Larry Loeb  
3/14/2019   Post a comment
The UN report believes the DPRK has snaffled up half a billion dollars so far through nefarious means.
Convergence: Real Problems When it Comes to Securing the IoT/IIoT
Alan Zeichick  
3/14/2019   Post a comment
Today, enterprises are dealing with a proliferation of connected devices that probably aren't dedicated to computing – think video cameras, inventory sensors, machine tools, thermostats and environmental monitors.
Enterprise Is the Target of 'Big Game Hunting'
Larry Loeb  
3/11/2019   Post a comment
GrandCrab has mutated, and enterprises should be worried.
Study Finds 77% of Mobile Users Compromised by Leak of PII Data
Larry Loeb  
3/8/2019   Post a comment
It doesn't help that 43% of companies have at least one mobile device with no lock screen active.
InfoSec Community Excited as NSA Releases Ghidra 9.0 to the Public
Larry Loeb  
3/7/2019   Post a comment
At the RSA Conference in San Francisco this week, the National Security Agency released to the public one of its internal tools, Ghidra 9.0, which is used for software reverse engineering. The NSA has been using it internally for a decade.
Qbot Mutation Poses Global Threat
Larry Loeb  
3/5/2019   Post a comment
Once again, we can see how malware change will defeat static signature analysis.
Boosted Rowhammer & Cache Attacks Spell Bad News for Intel
Larry Loeb  
3/5/2019   Post a comment
Researchers from Worcester Polytechnic Institute in Massachusetts and the University of Lübeck in Germany have published a paper that is really bad news for Intel.
Akamai's Stats Reveal Retail's Vulnerability
Larry Loeb  
3/4/2019   1 comment
A single AIO bot can target more than 120 retailers at once.
Digital Signatures Can Be Forged in PDF Docs
Larry Loeb  
3/1/2019   18 comments
Researchers in Germany have figured out three different ways to forge digital signatures in PDF documents.
Endpoint-Security Companies in High Demand for Buyouts, Partnerships
Joe Stanganelli  
2/28/2019   13 comments
Since last year, endpoint-protection firms have been among the biggest movers and shakers in the cybersecurity realm – with the endpoint-security market seeing more than a typical share of acquisitions and strategic partnerships. Joe Stanganelli takes a look at why this might be happening.
Attack Code 'MarioNet' Is Pulling Strings in Your Web Browser
Larry Loeb  
2/28/2019   21 comments
JavaScript APIs have stretched the boundaries of what is run in the browser to enable feature-rich web applications. But this comes at a price...
Digital Transformation With IoT: Assessing Risk Through Standards & Visibility
Joe Stanganelli  
2/27/2019   15 comments
IoT transformation is a gift and a curse that carries both business agility and business risk. As the world digitally transforms into something "smarter" than itself, IoT devices proliferate, demanding a lot of resources to keep up with them all – and, by extension, secure them all.
Weak Human Link Still Main Enterprise Security Concern
Larry Loeb  
2/27/2019   12 comments
KnowBe4 study confirms what we pretty much knew already.
ToRPEDO Attack Surfaces to Hit 5G
Larry Loeb  
2/26/2019   5 comments
GSMA had better start looking at ways around it, and fast.
Is There a Silver Bullet for Zero-Day Attacks?
Larry Loeb  
2/25/2019   13 comments
Silicon Valley startup K2 Cyber Security says it has a product that will stop any zero-day attack. So where's the proof?
Here it Comes – Internet Privacy Regulation
Larry Loeb  
2/22/2019   13 comments
A new report by the US Government Accountability Office could be the catalyst for meaningful change on the Internet privacy front.
Supply Chain Attacks Increase 78%
Larry Loeb  
2/21/2019   5 comments
The kinds of threats an organization encounters are changing as the defenses that are brought to bear upon them change.
Russia – Fastest State Threat in the World
Larry Loeb  
2/20/2019   3 comments
Russian threat actors were the most prolific last years – and were eight times faster at 'breaking out' than their nearest rival.
Digital Transformation With Cloud: Answering Risks With Algorithms
Joe Stanganelli  
2/20/2019   8 comments
Cloud projects are big. Huge. So it's not perpetuating FUD to point out that cloud transformation still bears security and data-stewardship risks. But what appears too big a challenge for mere man might be no match for machine.
Take White Hats Seriously to Staunch the Flow of Zero-Days
Joe Stanganelli  
2/19/2019   10 comments
Zero-day vulnerabilities are serious, and on the rise. And IT-security teams make the problem worse when they fail to respond, or respond poorly, to responsible vulnerability disclosures.
Container Vulnerability: Still a Reality
Larry Loeb  
2/18/2019   4 comments
A security problem with runC that could allow attackers to escape Linux containers and obtain unauthorized, root- level access to the host operating system is on the move.
Increased Cryptomining: a Toehold for Attackers
Larry Loeb  
2/15/2019   7 comments
New research reveals that in the last nine months of 2018 there has been a 19x increase in cryptomining activity on the Internet.
Lessons Learned From 2018 Security Breaches
Marzena Fuller  
2/14/2019   59 comments
It's better to hear about a data breach internally than by a security researcher who happens to discover a publicly exposed asset or confidential data for sale on a dark web.
The Rise of 'Fileless' Malware
Larry Loeb  
2/14/2019   7 comments
The attack that fileless malware causes does not touch the disk of the target, loading the malware instructions only into memory. Sneaky.
Google Moves to Control More of the Internet
Larry Loeb  
2/13/2019   5 comments
The company has said that its goal is only to create a faster Internet, which allows for more use and hence more searches and thus more revenue for them.
What You Need to Know About Arbitrary Code Execution Vulnerabilities
Alan Zeichick  
2/12/2019   1 comment
Despite their rather innocuous name, ACE vulnerabilities can appear in just about any software. So here's what to do...
Six Large Data Dumps Add Fuel to Collection #1's Fire
Joe Stanganelli  
2/12/2019   Post a comment
Collection #1 was just the beginning. Researchers at Recorded Future have uncovered six more dark-web data dumps to complete the set — and possibly hint at even more password databases circulating.
AI & 'Fuzzing' Combination Empowers APT
Larry Loeb  
2/11/2019   2 comments
When the bad guys add AI and 'fuzzing' to their armory, the advanced persistent threat gets, erm, even more threatening.
How Secure Is Manufacturing?
Larry Loeb  
2/8/2019   4 comments
Study finds that manufacturing industries struggle to find skilled cybersecurity staff and are underspending on training – but it's not all bad news...
Google's GDPR Fine: What It Means for Jurisdictional Arbitrage
Joe Stanganelli  
2/7/2019   1 comment
In the wake of France's recent €50 million GDPR fine against Google, enterprises should consider GDPR-enforcement considerations when determining the base of their EU operations.
Email Fraud – New Trends Exposed
Larry Loeb  
2/7/2019   3 comments
It's the security threat that just keeps on giving.
Modern Enterprise – Stewards of Personal Data
Larry Loeb  
2/6/2019   3 comments
Get on the nine-step program if you want to assure data privacy.
A Collaborative Approach to Cybersecurity: Beyond ISACs
Cody Cornell  
2/5/2019   1 comment
When it comes to fighting cyber threats, automation and collaboration could help SOCs do more with less.
Beware of 'TheMoon' – Evolving Botnets
Larry Loeb  
2/4/2019   16 comments
CenturyLink's labs have been tracking a shape-shifting IoT botnet that is a security professional's worst nightmare.
UAE's Cyberwar on Civilians Employed Former US Intelligence Operatives
Joe Stanganelli  
2/1/2019   4 comments
A recent exposé about a surveillance program in the United Arab Emirates raises uncomfortable questions about cyberwarfare and US intelligence officers.
Is Your Cisco Router Leaving Your Enterprise Vulnerable?
Larry Loeb  
1/31/2019   8 comments
If your network uses Cisco's RV320 or RV325 Dual Gigabit WAN VPN routers, you are already under attack.
Four Security Questions You Need to Answer for SD-WAN Success
Alan Zeichick  
1/31/2019   7 comments
Before you select an SD-WAN vendor, read this.
Should All IAM Be CIAM?
Joe Stanganelli  
1/30/2019   6 comments
CIAM vendors are right that traditional IAM isn't going to cut it for customer-facing solutions – but their sound premises have led to the perverse conclusion of keeping in-house IAM systems suboptimal. What if the power of CIAM could help employees realize better usability and security too?
Japanese Government to Use 'Credential Stuffing' to Survey Consumer IoT Devices
Larry Loeb  
1/30/2019   18 comments
The Japanese government is concerned about the security of IoT devices – but is a mass attempt to log into consumers' devices the right approach to the issue?
5G Security Transformation: Why Businesses Need to Prepare Now
News Analysis  
1/29/2019   7 comments
5G technology holds a good deal of promise for businesses, from expanded IoT capabilities to new ways to reach customers. The downside is that these networks require a new security approach, which InfoSec teams need to start thinking about now.
Page 1 / 2   >   >>




Latest Articles
It's an internal matter – but it could affect millions of the social network's users.
The FIN7 group of cyber criminals is still going strong.
Radio silence after reports of a headline-snagging ransomware payment in Jackson County, Ga., presents a possible case study in the pros and cons of paying ransomware attackers.
IBM's X-Force has found that intertwined relationships exist between the Trickbot, Gozi, Ramnit and IcedID malware families – and that spells trouble.
The findings from Positive Technologies aren't that, erm, positive.
Flash Poll
Video
In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
Radio Shows
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2019 Light Reading - an Informa business, trading within KNect365 US, Inc. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with