Sign up for our weekly newsletter!
REGISTER NOW
News & Views
Latest Content
Page 1 / 2   >   >>
Cloudflare Looks to Take the Pain Out of DNSSEC Protocol Adoption
Larry Loeb  
9/21/2018   Post a comment
Uptake of the newer DNSSEC protocol has been slow, but a new tool from Cloudflare looks to make it easier to ensure secure websites and more control over DNS.
Xbash Malware: Dangerous Mix of Threats
Jeffrey Burt  
9/21/2018   Post a comment
The Xbash malware includes ransomware and cryptomining functions as well as botnet and self-propagation capabilities and will delete Linux databases.
Ransomware Developers Embrace Politics, Targeting Obama, Trump & Merkel
Jeffrey Burt  
9/20/2018   1 comment
Recent malware campaigns have used names such as Barak Obama, Angela Merkel and Donald Trump to entice unsuspecting users to download the ransomware, McAfee researchers have found.
Hackers Still Targeting Windows 10, Windows 8 Survey
News Analysis  
9/20/2018   Post a comment
A newly released survey by PAM specialist Thycotic finds that hackers are continuing to target Windows 10 and Windows 8 by using social engineering techniques. The solution is to adopt a zero-trust policy.
Account Takeover Attacks Are on the Rise
News Analysis  
9/20/2018   Post a comment
An analysis by Barracuda Networks finds that Account Takeover attacks are increasing as cybercriminals and even amateurs are using this technique to create more sophisticated phishing campaigns.
Data Breach Can Affect Company's Long-Term Stock Price
Larry Loeb  
9/19/2018   4 comments
A recent study by CompariTech finds that data breaches can have some long-term effects when it comes to a company's stock price, but most of the financial damage diminishes over time.
California Looks to Pass Rudimentary IoT Security Legislation
Joe Stanganelli  
9/19/2018   Post a comment
A California bill specific to IoT cybersecurity measures sits on Gov. Jerry Brown's desk, ready for him to sign it into law. The wording and limits of the law, however, leaves questions as to just how big an effect it will have.
House Bill Would Create Federal Standards for Data Breach Notifications
News Analysis  
9/19/2018   Post a comment
A bill that has now passed the House Financial Services Committee would create federal standards for how banks and other financial institutions notify customers when a data breach occurs.
PyLocky Ransomware Can Get Around Machine Learning Solutions
Jeffrey Burt  
9/18/2018   Post a comment
The PyLocky ransomware, detected by Trend Micro, puts a focus on the ongoing machine learning race between cybersecurity experts and bad actors.
'Peekaboo' Zero-Day Exploit Targets Security Camera
News Analysis  
9/18/2018   Post a comment
Researchers at Tenable are detailing a new zero-day exploit dubbed 'Peekaboo,' which targets the software that runs security cameras and other surveillance equipment.
Data Breaches Costing More C-Level Executives Their Jobs
News Analysis  
9/17/2018   Post a comment
A survey conducted by Kaspersky Labs shows that a major data breach can cost CIOs, CISOs and even CEOs their jobs, especially in North America.
Fuji's Electric V-Server Susceptible to Numerous Vulnerabilities
Larry Loeb  
9/17/2018   5 comments
Another industrial control system is shown to have a series of serious flaws. This time, it's Fuji's Electric V-Server, according to warnings from ICS-CERT.
Why CISOs Need a Seat at the IoT Projects Table
Dawn Kawamoto  
9/17/2018   Post a comment
Only 38% of CISOs and IT security professionals are asked for their input when IoT projects are launched, despite frequent attacks against IoT devices, according to a recent Trend Micro report.
Iran Targeting ISIS Supporters, Kurds With Spyware
Jeffrey Burt  
9/14/2018   Post a comment
Check Point researchers found that victims of Iran's campaign were enticed to download mobile apps that were packed with spyware.
OpenSSL 1.1.1 Released With TLS 1.3 Support
Larry Loeb  
9/14/2018   Post a comment
The 1.1.1 version of OpenSSL, the popular cryptography library for encrypted communications, has been released with support for TLS 1.3, as well as other improvements.
Lock Up Your Laptops: Cold Boot Attacks Are Back
Joe Stanganelli  
9/14/2018   Post a comment
Researchers at F-Secure have developed a workaround to nullify the popular ten-year-old patch that was thought to have solved the problem of cold-boot attacks. Encryption keys and other sensitive data on millions of laptops could be affected.
Cobalt Group Returns With Downloader Malware
Jeffrey Burt  
9/13/2018   Post a comment
Proofpoint found new campaigns by the notorious cybercrime gang using its CobInt modular downloader.
Unsecured Veeam Database Reportedly Exposed Millions of Records
News Analysis  
9/13/2018   Post a comment
Another day, another database exposed to the public Internet. In this case, a security researcher found a server belonging to Veeam and hosted on AWS left millions of records exposed.
NordVPN & ProtonVPN Offerings Vulnerable to Code Execution Attack
Larry Loeb  
9/12/2018   4 comments
A report from Cisco Talos found that VPNs developed by NordVPN and ProtonVPN were each vulnerable to the same code execution attack.
Verizon Offers Look Inside Data Breach Investigations
News Analysis  
9/12/2018   Post a comment
Verizon's new Data Breach Digest tracks investigators through four different breach scenarios for lessons learned.
Tor Browser Flaw Could Allow Governments to Bypass Security Settings
News Analysis  
9/12/2018   1 comment
A report from Zerodium found a flaw in the Tor browser that could allow government agencies to bypass security settings within the software. However, the latest version eliminates this security risk.
Will Charges Against WannaCry & Sony Cybercrimes Suspect Temper Future Attacks?
Dawn Kawamoto  
9/11/2018   Post a comment
The Justice Department has charged North Korean national Park Jin Hyok with conspiracy to commit wire fraud and computer-related fraud in several high-profile cases, including the WannaCry ransomware virus attack and Sony Pictures Entertainment hack. Will cases like this temper future cyber attacks?
British Airways Already Facing Lawsuits Following Data Breach
News Analysis  
9/11/2018   1 comment
With more than 380,000 customer records compromised following this month's data breach, British Airways is already facing lawsuits.
Cryptominers Rush to Exploit Apache Struts 2 Vulnerability
Larry Loeb  
9/10/2018   2 comments
The Apache Struts 2 vulnerability was revealed about two weeks ago. Now F5 Labs has found that it's being used in a Monero cryptomining exploit.
US Is No. 1 in Malicious Web Addresses
Larry Loeb  
9/7/2018   4 comments
Palo Alto Network's Unit 42 has found that from April to June 2018 the US was numero uno in hosting malicious domains and exploit kits.
Trend Micro: Cryptomining, Data Breaches Highlight Busy 1H 2018
Jeffrey Burt  
9/7/2018   Post a comment
The rise of design flaws in processors from Intel and other chip-makers and the slowing down of ransomware were key trends in cybersecurity in the first six months of the year.
Attackers Snoop on MikroTik Router Traffic
Larry Loeb  
9/6/2018   3 comments
Researchers at Qihoo 360 Netlab report that unknown attackers have eavesdropped on the traffic of thousands of MikroTik routers.
Leaders & Employees Confess Cybersecurity Mistakes – Switchfast Report
Larry Loeb  
9/5/2018   6 comments
Leaders of small and midsized business are making common cybersecurity goofs and failing to model the right behaviors.
Android Spyware BusyGasper: Small With Unusual Capabilities
Jeffrey Burt  
9/5/2018   4 comments
Kaspersky researchers said the malware is not sophisticated, but it comes packed with a broad array of interesting features and capabilities.
Get Ready for Realistic Attacks on the Internet of Things
Alan Zeichick  
9/4/2018   3 comments
Good news: We haven't seen a widespread action against IoT devices. Bad news: IoT devices are shockingly vulnerable.
European Union Braces for Liability Shift for Data Breaches
News Analysis  
9/3/2018   2 comments
There are moves in the EU to introduce a change in liability for consumers who fall victim to data breaches, and other initiatives may follow. These would correct a longstanding cybersecurity moral hazard: that companies do not necessarily suffer directly from a data breach involving customer data.
Exploitable Flaws Found in Trusted Platform Module 2.0
Larry Loeb  
8/31/2018   2 comments
The US Department of Defense uses the TPM as a key element in dealing with security of device identification and authentication, encryption and similar tasks.
Cryptojacking: How Bad Actors Make Money off Your Data Center
News Analysis  
8/30/2018   5 comments
Cryptojacking is all the rage right now among bad actors. However, it's not only smartphones that are being targeted, but enterprise data centers as well. Here's how security teams can protect their infrastructure.
Data Leaks Via Smart Light Bulbs? Believe It
Larry Loeb  
8/29/2018   24 comments
Researchers from the University of Texas at San Antonio have shown it's possible to exfiltrate data from a smart-bulb system. But there's no need to go back to candles just yet.
Microsoft Outlook Backdoor Amped Up by Russia-Linked Group
Larry Loeb  
8/28/2018   16 comments
The Russia-linked Turla group uses PDF attachments to email messages to exfiltrate data, according to ESET.
Kaspersky: Lazarus Takes Aim at macOS in Cryptocurrency Campaign
Jeffrey Burt  
8/28/2018   4 comments
Kaspersky researchers said users of Apple and Linux systems should see the AppleJesus campaign as a warning not to get lax in their cybersecurity efforts.
Five IoT Endpoint Security Recommendations for the Enterprise
Alan Zeichick  
8/27/2018   8 comments
It's 2:00 a.m. Do you know where your devices are? Find out five IoT security tips to help you sleep at night.
Apache Struts Critical Weakness Found, Patched
Larry Loeb  
8/24/2018   7 comments
The open source framework for Java-based web apps has a critical flaw the Apache Software Foundation is trying to counter.
Social Media Malware: Fake News or Real Threat to Democracy?
News Analysis  
8/23/2018   42 comments
With new elections coming up this fall in the US, it's time to reconsider and rethink the security we apply to our social media networks.
Vulnerable Web Apps Top Threat to Enterprises
Jeffrey Burt  
8/22/2018   2 comments
A report by Kaspersky researchers found that 73% of successful network perimeter breaches in 2017 were committed via web apps, while inside threats continue to put companies at risk.
Microsoft Yanks Suspected Russian-Intelligence Domains
Larry Loeb  
8/22/2018   6 comments
Microsoft has pulled the plug on domains it suspected as fronts for Russian Intelligence. The company says the targets were US conservative groups.
Electrical Grid Attack via IoT Devices Successfully Simulated
Larry Loeb  
8/21/2018   9 comments
Researchers have successfully simulated an attack on an electrical power grid that employs IoT devices to trigger a blackout.
Busting the Open Source Security Myth
News Analysis  
8/20/2018   1 comment
Cloud training expert says too many developers assume that open source software is inherently more secure but that's not always the case and it can lead to security issues.
Foreshadow-NG Vulnerability Sets Tech Giants Scrambling
Larry Loeb  
8/20/2018   Post a comment
Foreshadow vulnerabilities expose processors and even the cloud to penetration.
Congressional Campaign Websites Vulnerable to Attack, Say Researchers
Jeffrey Burt  
8/17/2018   1 comment
Researchers presented a study at DEF CON that showed that a third of congressional candidates' websites are vulnerable to attack, adding to threats already seen by some politicians.
Check Point: Fax Machines, Networks Vulnerable to Attack
Jeffrey Burt  
8/17/2018   12 comments
Researchers for the cybersecurity company found a way to exploit vulnerabilities in the fax system of an HP OfficeJet inkjet all-in-one printer to gain access to all systems on a network.
IAM Heads to the Mobile Cloud
Joe Stanganelli  
8/16/2018   Post a comment
Persisting problems with identity and access management combined with usability demands are influencing the IAM market. But will enterprise IT step up its IAM game?
IETF Makes Transport Layer Security Version 1.3 Official
Larry Loeb  
8/15/2018   11 comments
TLS 1.3 is now the industry standard for secure Internet connections via HTTPS.
Summertime Security Blues: Why Threats Heat Up on Vacation
News Analysis  
8/15/2018   Post a comment
During the summer months, the number of remote workers in enterprises increases, as do the security threats. Here are some common sense practices to help cut down on breaches, phishing attacks and other issues.
DHS: Millions of Smartphones Infected With Severe Embedded Vulnerabilities
Joe Stanganelli  
8/14/2018   Post a comment
Research from DHS revealed this past week seems to demonstrate that millions of smartphones have deep vulnerabilities allowing for privilege escalation and complete takeover.
Page 1 / 2   >   >>




Latest Articles
Uptake of the newer DNSSEC protocol has been slow, but a new tool from Cloudflare looks to make it easier to ensure secure websites and more control over DNS.
The Xbash malware includes ransomware and cryptomining functions as well as botnet and self-propagation capabilities and will delete Linux databases.
Recent malware campaigns have used names such as Barak Obama, Angela Merkel and Donald Trump to entice unsuspecting users to download the ransomware, McAfee researchers have found.
A recent study by CompariTech finds that data breaches can have some long-term effects when it comes to a company's stock price, but most of the financial damage diminishes over time.
A California bill specific to IoT cybersecurity measures sits on Gov. Jerry Brown's desk, ready for him to sign it into law. The wording and limits of the law, however, leaves questions as to just how big an effect it will have.
Flash Poll
Video
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
Facebook has introduced new measures that will enable users to secure access to their accounts using a physical 'key' application.
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
Radio Shows
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2018 Light Reading - an Informa business, trading within KNect365 US, Inc. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with