Sign up for our weekly newsletter!
REGISTER NOW
News & Views
Content posted in March 2019
Android Banking Trojan 'Gustuff' Becomes More Dangerous
Larry Loeb  
3/29/2019   35 comments
New report puts Gustuff into the same threat tier as Anubis, Red Alert, Exobot, LokiBot and BankBot.
Artificial Intelligence in Modern Cybersecurity Operations
George Wrenn  
3/28/2019   12 comments
As a rapidly evolving field of science, AI has become flexible to new approaches and tools allowing even cutting-edge technology such as quantum computing under its umbrella of methods.
Worldwide Study Finds Limited Advances Against Evolving Threats
Larry Loeb  
3/28/2019   16 comments
Security vendor SonicWall has issued its SonicWall Cyber Threat Report based on its experiences in 2018.
Investigation Into LockerGoga Ransomware Finds Flaws in the Code
Larry Loeb  
3/27/2019   12 comments
Preliminary analysis of LockerGoga shows it has, in its current forms, limited ability to spread in a network.
WordPress Zero-Day Vulnerability Found in 'Social Warfare' Plugin
Larry Loeb  
3/26/2019   29 comments
'Social Warfare' was open to attacks through use of a stored Cross-Site Scripting (XSS) vulnerability that was introduced with the latest change made to the plugin (3.5.2).
5 Years of the NIST Cybersecurity Framework
Joe Stanganelli  
3/26/2019   1 comment
With NIST celebrating the five-year anniversary of its widely adopted and recommended Cybersecurity Framework just last month, a look back over the years illustrates how far the Framework has come.
Norsk Hydro: This Is How You React to a Ransomware Breach
Larry Loeb  
3/25/2019   10 comments
The company's response to a massive ransomware attack is an object lesson in how to do it right.
Facebook Exposes Millions of Unencrypted User Passwords
Larry Loeb  
3/22/2019   53 comments
It's an internal matter – but it could affect millions of the social network's users.
FIN7 Resurfaces With New Malware Techniques
Larry Loeb  
3/22/2019   5 comments
The FIN7 group of cyber criminals is still going strong.
Jackson County Still Recovering After Paying Ryuk Ransom
Joe Stanganelli  
3/21/2019   2 comments
Radio silence after reports of a headline-snagging ransomware payment in Jackson County, Ga., presents a possible case study in the pros and cons of paying ransomware attackers.
Evidence Found of Malware Families Collaborating
Larry Loeb  
3/20/2019   9 comments
IBM's X-Force has found that intertwined relationships exist between the Trickbot, Gozi, Ramnit and IcedID malware families – and that spells trouble.
Cyber Attacks Grow by 55% in 2018 & Data Theft Dominates – Report
Larry Loeb  
3/19/2019   11 comments
The findings from Positive Technologies aren't that, erm, positive.
Is Your Supply Chain the Weakest Link?
Steve Durbin  
3/19/2019   2 comments
Despite organizations' best efforts to secure intellectual property and other sensitive information, limited progress has been made in effectively managing information risk in the supply chain.
Study Shows Massive Attacks Bypassing MFA
Larry Loeb  
3/18/2019   9 comments
Multi-factor authentication is no silver bullet for security problems.
New IoT Device Regulation Establishes Base Line for Security
Larry Loeb  
3/15/2019   3 comments
Legislation seeks to use the spending power of the government, which, if the bill goes through, will only be able to acquire those IoT devices that meet the bill's requirements.
North Korea Circumvents Sanctions Through Cybercrime, Says Report
Larry Loeb  
3/14/2019   1 comment
The UN report believes the DPRK has snaffled up half a billion dollars so far through nefarious means.
Convergence: Real Problems When it Comes to Securing the IoT/IIoT
Alan Zeichick  
3/14/2019   Post a comment
Today, enterprises are dealing with a proliferation of connected devices that probably aren't dedicated to computing – think video cameras, inventory sensors, machine tools, thermostats and environmental monitors.
Enterprise Is the Target of 'Big Game Hunting'
Larry Loeb  
3/11/2019   Post a comment
GrandCrab has mutated, and enterprises should be worried.
Study Finds 77% of Mobile Users Compromised by Leak of PII Data
Larry Loeb  
3/8/2019   Post a comment
It doesn't help that 43% of companies have at least one mobile device with no lock screen active.
InfoSec Community Excited as NSA Releases Ghidra 9.0 to the Public
Larry Loeb  
3/7/2019   Post a comment
At the RSA Conference in San Francisco this week, the National Security Agency released to the public one of its internal tools, Ghidra 9.0, which is used for software reverse engineering. The NSA has been using it internally for a decade.
Qbot Mutation Poses Global Threat
Larry Loeb  
3/5/2019   Post a comment
Once again, we can see how malware change will defeat static signature analysis.
Boosted Rowhammer & Cache Attacks Spell Bad News for Intel
Larry Loeb  
3/5/2019   Post a comment
Researchers from Worcester Polytechnic Institute in Massachusetts and the University of Lübeck in Germany have published a paper that is really bad news for Intel.
Akamai's Stats Reveal Retail's Vulnerability
Larry Loeb  
3/4/2019   1 comment
A single AIO bot can target more than 120 retailers at once.
Digital Signatures Can Be Forged in PDF Docs
Larry Loeb  
3/1/2019   18 comments
Researchers in Germany have figured out three different ways to forge digital signatures in PDF documents.




Latest Articles
The use of plain-text HTTP communication, outdated libraries and weak default credentials all rang alarm bells.
Survey finds that respondents who adopted a more traditional or reactive approach to their data protection and security program did not believe they would reach their digital transformation goals.
If Android is to 'fork' following Huawei's isolation, the enterprise needs to begin adjusting the threat models used around employee device use.
New web standard allows third-party services to obtain in-depth details about another site's visitors.
Breaches cause massive amounts of money to fix, as a new report from Bitglass shows.
Flash Poll
Video
In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
Radio Shows
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2019 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with