Sign up for our weekly newsletter!
News & Views
Content posted in January 2018
Ransomware Shows There's no Honor Among Cyberthieves
Larry Loeb  
1/31/2018   11 comments
Proofpoint has found that one group of cybercrooks is stealing from other gangs of cybercriminals by using a proxy Tor browser to steal Bitcoins used to pay off ransomware threats.
Four Enterprise Security Lessons From Maury
News Analysis  
1/31/2018   5 comments
Popular daytime TV show Maury offers some surprisingly apt lessons for enterprise IT leaders for keeping their data protected and their networks secure.
Cryptomining: Paying the Price for Cryptocurrency
Simon Marshall  
1/30/2018   25 comments
The growing popularity of Bitcoin and other cryptocurrency has led to cryptomining, with enterprises and individuals running the software unknowingly. Here's a look at the underside of this new business model.
Trump's 5G Nationalization Plan: Is It Good for Security?
News Analysis  
1/30/2018   4 comments
The Trump administration has floated a plan to nationalize 5G networks as a security precaution against China, but it's been met with confusion.
OilRig's Use of RGDoor Shows Sophistication of Nation-State Attacks
Larry Loeb  
1/29/2018   2 comments
OilRig, a group linked to Iran, has been installing RGDoor, a secondary backdoor that can reopen a system even if it's been fixed. Its use shows how sophisticated nation-state attacks are becoming.
Security Spending Increasing, Along With Data Breaches
Larry Loeb  
1/29/2018   22 comments
In one of those good news/bad news reports on the state of security, the amount of money being spent on security is expected to increase this year, but the number of data breaches is also rising.
Intel CEO Promises Chips That Fix Spectre & Meltdown Flaws
News Analysis  
1/26/2018   1 comment
During Intel's fourth-quarter earnings call, CEO Brian Krzanich promises the company will ship processors that are free of the Spectre and Meltdown flaws later this year.
Alphabet's Security Moonshot: To Boldly Go... Where Others Are Going Too
News Analysis  
1/26/2018   1 comment
Google parent company Alphabet launches Chronicle, a business unit looking to create a digital 'immune system' against threats. Other companies are taking a similar approach.
Cisco Beefing Up Cloud Security With Skyport Buy
News Analysis  
1/25/2018   7 comments
Cisco gains expertise and technology in hardware security to augment software tools.
8 Personal & Professional Data Privacy Tips to Follow
Simon Marshall  
1/25/2018   6 comments
With International Data Privacy Day coming later this month, Security Now offers a checklist to help protect personal and professional data.
HPE, Dell EMC Warn Customers Over Spectre, Meltdown Patches
News Analysis  
1/25/2018   Post a comment
Hewlett Packard Enterprise and Dell EMC, two of the biggest suppliers of enterprise data center gear, have issued new warnings about the Spectre and Meltdown patches from Intel.
AWS Officially Inks Deal for Security Startup Sqrrl
News Analysis  
1/24/2018   1 comment
After a month of rumors, Amazon Web Services has finally inked a deal for Sqrrl, a big data and security startup with roots in the NSA.
Linus Torvalds: Intel's Spectre Patch Is 'Complete & Utter Garbage'
Larry Loeb  
1/24/2018   17 comments
In a scathing assessment of Intel's efforts to patch the Spectre flaw, Linux inventor Linus Torvalds offers no quarter for the chipmaker.
Sumo Logic Adds Security Layer With FactorChain Acquisition
News Analysis  
1/24/2018   Post a comment
Sumo Logic is adding security tools into its cloud-based analysis platform by acquiring startup FactorChain.
GDPR, Cloud Changing Security Pros' Priorities – Report
News Analysis  
1/23/2018   3 comments
A report developed by Ponemon Institute and Gemalto finds that issues from cloud computing to GDPR are changing the way security pros approach their work.
CenturyLink's Adaptive Network Security Mobility Looks to Secure Public WiFi
News Analysis  
1/23/2018   Post a comment
In order to secure data that remote users are sending across public WiFi connections, CenturyLink has officially released its Adaptive Network Security Mobility product.
SamSam Ransomware Continues Making Hospitals Sick
Larry Loeb  
1/22/2018   5 comments
SamSam or Samas continues to surface in hospitals and other healthcare facilities. The way the ransomware works shows how vulnerable healthcare is to these particular types of attacks.
Thycotic's Joseph Carson: Government & Encryption Issues Will Be Huge
Simon Marshall  
1/22/2018   Post a comment
In the second part of his Q&A with Security Now, Thycotic Chief Security Scientist Joseph Carson talks about encryption and the role that governments play in security.
Schneider Electric Offers Additional Details on Triton Malware
News Analysis  
1/19/2018   1 comment
In December, FireEye and Symantec disclosed details about the Triton malware, which targets industrial systems. Now, Schneider Electric is offering additional details.
Spectre Can Obfuscate Tracking Tools, Too
Larry Loeb  
1/19/2018   4 comments
As the security community learns more about the Spectre vulnerability, clever coders are already finding other exploits. Here's looking at the first of many.
Congressman Looking for Answers About Spectre & Meltdown
News Analysis  
1/18/2018   44 comments
A California congressman has written to the CEOs of Intel, AMD and ARM seeking answers about the Spectre and Meltdown vulnerabilities.
Google's G Suite Gets Security Dashboard
News Analysis  
1/18/2018   1 comment
Security center for G Suite provides security analytics, actionable insights, and tips to help admins better protect the organization against attacks, Google says.
Google Chrome Extensions Hide Malice
Larry Loeb  
1/17/2018   9 comments
Researchers from ICEBEG found malicious code hiding in four popular Google Chrome extensions. The search giant is working to fix the problem.
Spectre, Meltdown Flaws Already Producing Spam
News Analysis  
1/17/2018   6 comments
Attackers are already flooding the web with fake patches and other spam, a few weeks after the disclosure of the Spectre and Meltdown flaws.
Thycotic's Joseph Carson: Hackers Will Soon Read Your Mind
Simon Marshall  
1/16/2018   Post a comment
In the first part of his Q&A with Security Now, Thycotic's Joseph Carson talks privacy in an interconnected world and how hackers will soon read minds.
After Spectre & Meltdown, Intel Faces an 'Evil Maid' Problem
Larry Loeb  
1/16/2018   2 comments
In a rough start to 2018, Intel is dealing with the Spectre and Meltdown vulnerabilities in its CPUs, and now the chip maker is confronting reports of a flaw that leaves chips open to an 'Evil Maid' attack.
Predicting Russian Cyberwar: A Look Back
News Analysis  
1/15/2018   1 comment
Information security predictions are ease to make and usually wrong. However, a look at how escalating international tensions combined with nation-state hacking power could cause a significant cyberwar turned out to be pretty precise.
FireEye Acquiring X15 Software for $20M
News Analysis  
1/12/2018   1 comment
FireEye is looking to combine its security tools with X15 Software's big data and machine learning capabilities in a deal worth about $20 million.
Security Warning: Intel Inside
Larry Loeb  
1/12/2018   9 comments
At CES, Intel CEO Brian Krzanich looked to reassure the whole industry that the chip maker would ensure that its processors were secure following the Meltdown and Spectre disclosures.
McAfee: Attackers Targeting North Korean Dissidents, Journalists
News Analysis  
1/11/2018   4 comments
A report from McAfee finds that a group of attackers is targeting North Korean dissidents, as well as some journalists, through social networks and a South Korean chat app called KakaoTalk.
Cisco Looks to Thwart Encrypted Network Threats
News Analysis  
1/11/2018   Post a comment
With the release of its Encrypted Traffic Analytics offering, Cisco is looking to protect enterprise networks against attacks that are hidden in encrypted traffic.
Smaller Financial Firms Preparing for New Ransomware Threats
Simon Marshall  
1/10/2018   1 comment
Nearly a year after WannaCry and other ransomware attacks that targeted financial institutions, smaller firms are looking to prepare. Here's what the CISO of Texas-based Real Time Resolutions is doing to fight back.
WPA3 Standard Teased at CES Following KRACK Attack
Larry Loeb  
1/10/2018   Post a comment
A few months after the KRACK attack, the Wi-Fi Alliance unveiled a few details about the upcoming WPA3 standards, with an emphasis on security and encryption.
CloudPassage Ensuring Next Level Container Security
Security TV  
1/9/2018   Post a comment
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the beginning until the end.
Dell EMC, VMware Race to Plug Virtual Appliance Security Hole
Larry Loeb  
1/9/2018   Post a comment
Dell EMC, along with VMware, are hard at work plugging a zero-day exploit that targets the companies' virtual appliance gear.
A Necessary Security Slowdown
Curt Franklin  
1/5/2018   4 comments
The key to being more secure might well lie in the ability to slow down just a bit.
Friday Haiku: Open Books
Curt Franklin  
1/5/2018   1 comment
The year opens with a huge vulnerability. Of course there's a haiku to explain it all.
My Cybersecurity Predictions for 2018, Part 4: Regulating Encryption
News Analysis  
1/5/2018   1 comment
Joe Stanganelli wraps up his 2018 cybersecurity predictions with a look at what's coming in laws and regulations around encryption.
Cybersecurity on the Attack: Security Now Poll Results
Curt Franklin  
1/4/2018   2 comments
The readers of Security Now have weighed in on the idea of cybersecurity teams going on the offense against hackers. Hackers might want to start worrying.
Countries, Coins & Cloud Will Test Enterprise Security in 2018
Simon Marshall  
1/4/2018   1 comment
According to expert researchers from Kaspersky Labs, 2018's security challenges will be bigger than those seen in 2017.
Meltdown & Spectre News Gets Worse – & Better
Larry Loeb  
1/4/2018   3 comments
Intel CPU vulnerabilities grow in scope but patches to address the problem are beginning to be deployed.
New Intel Vulnerability Hits Almost Everyone
Curt Franklin  
1/3/2018   15 comments
A vulnerability in the way that Intel CPUs deal with memory could leave everyone using an Intel-based computer open to attack.
Cyber Insurance Builds for Business
Simon Marshall  
1/3/2018   1 comment
Insurance for cyber issues is growing to take its place with property, casualty and business continuity insurance for the enterprise.
Autofill Brings Automatic Vulnerability
Larry Loeb  
1/2/2018   4 comments
A vulnerability in browser-based autofill may mean that your users are spilling the beans on much more than they know.
Welcome to 2018 in IT Security
Curt Franklin  
1/2/2018   15 comments
It's a new year filled with new threats in IT security. Rejoice!
Chain of Flaws Threatens Win 10
Larry Loeb  
1/1/2018   19 comments
Chaining multiple vulnerabilities can create attacks that threaten millions of Windows 10 computers.

Latest Articles
Palo Alto Network's Unit 42 has found the first cryptocurrency miner malware that spreads like a worm through the use of Docker containers.
Artificial intelligence (AI) is creating a new frontier in information security. Systems that independently learn, reason and act will increasingly replicate human behavior. Just like humans, they will be imperfect, but also capable of achieving great things.
Palo Alto Networks' Unit 42 researchers have discovered a new and previously undocumented Remote Access Tool (RAT).
Researcher finds Sophos firewalls can allow net-based RCE without authentication.
The rise of DevSecOps may be the reason that 70% of respondents to Radware's survey stated that the CISO was not the top influencer in deciding on security software policy.
Information Resources
upcoming Webinars
Top Tips for Blocking pwned [email protected]$$wOrds in Your Organization
Tuesday, October 29, 2019
12 p.m. New York/ 4:00 p.m. London
Podcast: Infrastructure Hunting – Stopping Bad Actors in Their Tracks
Being able to effectively build a threat intelligence ecosystem or threat-hunting identification response requires both user and systems sophistication and capabilities. Security, orchestration, automation and response (SOAR) is a new technology designed to provide organizations a single comprehensive platform they can use to implement an intelligence driven security strategy.
Podcast: Digital Transformation, SD-WAN & Optimal Security
Dan Reis chats to Cybera's Josh Flynn about how to achieve digital transformation without sacrificing security.
Podcast archive
Flash Poll
In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2019 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with