News Analysis
Latest Content
Page 1 / 2   >   >>
5G Security Transformation: Why Businesses Need to Prepare Now
News Analysis  
1/29/2019   7 comments
5G technology holds a good deal of promise for businesses, from expanded IoT capabilities to new ways to reach customers. The downside is that these networks require a new security approach, which InfoSec teams need to start thinking about now.
In the Cloud, SD-WAN Provides Security at the Edge
News Analysis  
1/23/2019   7 comments
As businesses move to the cloud, remote locations are relying more and more on SD-WAN. However, this change means a different approach to security. Here's why enterprises should look to the edge.
Exposed Oklahoma Server Shows On-Premises Data Is Vulnerable, Too
News Analysis  
1/18/2019   16 comments
Over the last year, vulnerable, cloud-based databases have shown that dangers of trusting data to others. However, an exposed government server in Oklahoma proves that attackers can find on-premises data, too.
'Collection #1' Repository Totals 87GB of Stolen Email Addresses & Passwords
News Analysis  
1/17/2019   1 comment
With the discovery of 'Collection #1,' security researcher Troy Hunt appears to have found the largest repository of stolen email addresses and passwords ever, totaling more than 87GB and 12,000 separate files.
A Diverse Security Workforce Is a Stable Security Workforce
News Analysis  
1/17/2019   2 comments
In an era when enterprises are scrambling to keep up with security demands, a new industry survey from ISF finds that having more diverse skills on the InfoSec team is one way to ensure a more stable workforce.
Fancy Bear's LoJax C&C Servers Still Functioning in the Wild
News Analysis  
1/17/2019   Post a comment
A new report from NetScout's ASERT Team found that two command-and-control servers associated with Fancy Bear's LoJax malware are still active.
Cyber Attacks, Climate Change Are Top Global Risk for Businesses & Governments
News Analysis  
1/17/2019   Post a comment
The World Economic Forum ranks climate change, economic instability, cyber attacks and data thefts as some of the top concerns facing businesses around the globe.
Justice Department Indicts 2 Ukrainian Nationals With Hacking SEC
News Analysis  
1/16/2019   1 comment
The Justice Department has charged two Ukrainian nationals with hacking into the SEC's EDGAR systems and accessing sensitive company reports and other data before the information was made public.
Zix Acquiring AppRiver to Bolster Email Security for SMBs
News Analysis  
1/16/2019   Post a comment
In a move to bolster its email security portfolio for small and midsized businesses, Dallas-based Zix is paying $275 million for AppRiver.
Schneider Electric EV Charging Stations Vulnerable to Attack
News Analysis  
1/15/2019   1 comment
Researchers at Positive Technologies have found three vulnerabilities within Schneider Electric's EVlink Parking electric vehicle charging stations, which could allow an attacker to take control of the system.
Average Cyber Attack Cleanup Tops $1M, Radware Finds
News Analysis  
1/15/2019   1 comment
Over the last year, the amount that companies pay out to clean up from a cyber attack jumped more than 50%, topping $1 million on average, according to a new industry survey from Radware.
Texas City Hit With Ransomware
News Analysis  
1/15/2019   Post a comment
It's back to paper and pen for a while for Del Rio, Texas, which was hit with a ransomware attack earlier this month.
Ryuk Ransomware Origin Remains a Mystery
News Analysis  
1/14/2019   Post a comment
After shutting down newspaper printing facilities, as well as a cloud hosting firm, security researchers are debating who is behind the Ryuk ransomware. While it seemed that North Korea played a role, more research shows that a Russian gang might be responsible.
Hyatt Hotels Kicks Off Bug Bounty Program
News Analysis  
1/11/2019   1 comment
Hyatt Hotels is teaming with HackerOne on a new bug bounty hunting program that looks to pay up to $4,000 for ‘critical’ vulnerabilities in software.
Zerodium Ups Ante for Zero-Day Exploits, Especially in iOS
News Analysis  
1/10/2019   Post a comment
Zerodium, which buys flaws and exploits for its customers, is upping the amount it pays for several different types of vulnerabilities, especially Apple's iOS.
Sophos & Akamai Target Cloud Security With Acquisitions
News Analysis  
1/9/2019   Post a comment
As companies move more data to the cloud, data security becomes a major issue. To address these concerns, Sophos is acquiring Avid Security and Akamai inked a deal for Janrain.
Radware Boosts Bot-Fighting Capabilities With ShieldSquare Acquisition
News Analysis  
1/8/2019   Post a comment
Radware plans to bolster its cloud security portfolio with a deal for ShieldSquare, which offers tools for fighting bots.
New Malvertising Campaign Delivers Vidar Stealer Plus Ransomware
News Analysis  
1/8/2019   Post a comment
Malwarebytes Labs has uncovered a new malvertising campaign in the wild that delivers a one-two punch: the Vidar data stealer and GrandCrab ransomware.
Marriott Revises Data Breach Numbers as Investigation Continues
News Analysis  
1/4/2019   3 comments
Marriott has revised the number of customer accounts it believes were affected during a massive data breach. While the overall number dropped, the company now believes 5 million unencrypted passport numbers were exposed.
Six CISO Trends to Watch in 2019
News Analysis  
1/4/2019   1 comment
From legislation to insurance to staffing, 2019 is shaping up as a challenging year for CISOs. Here are six top trends security executives need to watch.
Ryuk Ransomware Tied to Printing Press & Cloud Service Provider Attacks
News Analysis  
1/3/2019   7 comments
A series of cyber attacks over the holiday week that targeted newspaper printing presses and a cloud service provider are tied to a specific strain of ransomware called Ryuk.
Phishing & Social Engineering Attacks Will Rise in 2019
News Analysis  
1/2/2019   11 comments
The rise of fileless attack techniques and other developments is making phishing a much more serious problem for enterprise security. As we head into 2019, a new approach is needed.
4 Global Cybersecurity Threats for 2019
News Analysis  
12/31/2018   4 comments
As the calendar turns to 2018, ISF is urging members to watch out for four specific security issues: ransomware, legislation, IoT and supply chain.
5G Network Security Needs a Comprehensive Approach in 2019
News Analysis  
12/28/2018   15 comments
As the first 5G rollouts are anticipated to start in 2019, service providers need to take a more holistic and comprehensive approach to securing these new networks and the businesses and customers using them.
Security Leaders Need to Heed the Harsh Security Lessons of 2018
News Analysis  
12/26/2018   4 comments
The sheer number of incidents from 2018 has put even more of the spotlight on enterprise security. Over the next 12 months, businesses need be on the lookout for email and stolen privileges schemes, nation-state attacks and increases in compliance legislation.
Justice Department Ties 2 Chinese Nationals to Notorious APT10 Group
News Analysis  
12/21/2018   6 comments
In another indictment aimed at China's cyberespionage infrastructure, the Justice Department has charged two Chinese nationals with belonging to the notorious APT10 group, which targeted industries in the US, Japan and other countries.
McAfee: IoT & Crypomining Malware Growth Exploded in Q3
News Analysis  
12/20/2018   6 comments
In its new quarterly threat report, McAfee Labs researchers found that malware targeting IoT devices, as well as cryptomining, continued to grow, specifically by taking advantage of lax security practices.
US Ballistic Missile Defense System Riddled With Security Flaws
News Analysis  
12/18/2018   1 comment
An Inspector General's report concerning the Defense Department's Ballistic Missile Defense System found numerous security flaws, including a lack of multi-factor authentication and classified information stored on removable drives.
Shamoon Malware Re-Emerges With Attacks in Italy, Middle East
News Analysis  
12/18/2018   Post a comment
Over the last week, several reports emerged that the Shamoon malware, which was last seen in 2016, has re-emerged with attacks in Italy and the Middle East. This version includes a destructive data file wiper.
Spam Emails Bring Bomb Threats to US Businesses, Schools
News Analysis  
12/14/2018   1 comment
On Thursday, US businesses and schools began receiving a number of bomb threats that demanded Bitcoin as ransom. All these seem related to a series of spam emails.
China Suspected of Massive Marriott Data Breach – Report
News Analysis  
12/13/2018   1 comment
A New York Times report finds that investigators believe China-backed attackers pulled off the massive data breach at Marriott, exposing the records of 500 million guests. It's a continuation of the tensions between China and the US.
'Operation Sharpshooter': Lazarus Revived or False Flag Operation?
News Analysis  
12/12/2018   Post a comment
McAfee Labs has homed in on a new attack targeting critical infrastructure that they call 'Operation Sharpshooter.' However, while there is technical overlap with the Lazarus Group, there's also the possibility of a false flag operation.
Supermicro: Report Clears Company of Hacking Allegations
News Analysis  
12/12/2018   Post a comment
Following a Bloomberg report that found hackers implanted specialized chips in its motherboards, Supermicro claims an audit has cleared the company of wrongdoing.
New Google+ Bug Affects 52M Users, Accelerating Site's Demise
News Analysis  
12/11/2018   Post a comment
While the latest disclosure does not seem to have leaked any data, it accelerates Google+'s demise.
Cloud, Compliance & the Death of the IT Checklist
News Analysis  
12/7/2018   1 comment
For years, IT could rely on various checklists to ensure that systems and infrastructure were in compliance with various government regulations. The cloud has upended that structure, and a new, more automated approach is now needed.
North Korean-Backed Group Suspected of 'Stolen Pencil' Campaign
News Analysis  
12/6/2018   3 comments
The ASERT Team at NetScout has published a report that details a campaign dubbed "Stolen Pencil," which targeted universities and other academic groups. A North Korean-backed group is suspected of starting it.
Citrix: Password Reset Necessary to Stop Credential Stuffing Attack
News Analysis  
12/6/2018   1 comment
Citrix forced users of its ShareFile tool to reset their passwords this week, following concerns that an attacker may have attempted to use credential stuffing to access accounts.
IoT Botnets Are Increasing Source of Malware on SP Networks
News Analysis  
12/5/2018   1 comment
IoT botnets now make up 78% of the malware found on service provider networks, according to a new analysis by Nokia. These bots are being used for a wide-range of criminal activity, including cryptomining.
Quora Breach Hits 100M User Accounts Containing Highly Personal Data
News Analysis  
12/5/2018   7 comments
The latest mega data breach hit question-and-answer portal Quora, which reported 100 million user accounts were accessed by a malicious third-party. The data also contains highly personal details about customers.
FBI Investigating 'Cyber Intrusion' of NRCC – Report
News Analysis  
12/4/2018   2 comments
In an echo of the same cyberattack that hit Democrats two years ago, the FBI is investigating the theft of emails from the National Republican Congressional Committee, according to a public report.
Microsoft, Mastercard Team Up on Identity Management Technology
News Analysis  
12/4/2018   1 comment
While not explicit in their announcement, it seems Microsoft and Mastercard plan to use some form of blockchain to create what they call a 'universally-recognized digital identity.'
Marriott: 500 Million Guest Records Compromised in Data Breach
News Analysis  
11/30/2018   45 comments
Marriott is investigating a possible data breach that may have compromised the personal data of 500 million Starwood guests, including credit card information, names, addresses and more.
Dell: Your Personal Info May, or May Not, Have Been Stolen
News Analysis  
11/29/2018   23 comments
It appears attackers attempted to penetrate Dell's network in early November. While the company does not believe any personal data was taken, Dell cannot guarantee no one was compromised.
Ransomware, New Privacy Laws Are Top Security Concerns for 2019
News Analysis  
11/29/2018   24 comments
It's never too early for New Year's predictions. The Information Security Forum is focused on four areas for 2019: ransomware; new privacy laws and regulations; IoT; and supply chain.
Iranian Hackers Charged With Creating SamSam Ransomware
News Analysis  
11/29/2018   2 comments
The Justice Department has charged two Iranian hackers with creating the SamSam ransomware that helped them collect about $6 million in Bitcoin ransom and caused about $30 million in damage.
Feds Charge 8 in Large-Scale Ad Fraud & Botnet Scheme
News Analysis  
11/28/2018   9 comments
The Justice Department has charged eight people with operating a large-scale ad fraud scheme that involved a pair of botnets based on malware dubbed Kovter and Boaxxe.
UK & Dutch Authorities Slap Uber With Fines Over 2016 Data Breach
News Analysis  
11/28/2018   3 comments
On the same day, authorities in the UK and the Netherlands each fined Uber for a data breach that occurred in 2016 and affected millions of customers, as well as Uber drivers.
Facebook Documents Could Shed Light on Company's Privacy Policies
News Analysis  
11/27/2018   13 comments
Now that the UK Parliament has seized a cache of Facebook documents and emails, experts foresee a new focus on how the social media giant treats its users' privacy and personal data.
Cross-Functional Communication Can Better Secure Your Enterprise
News Analysis  
11/26/2018   2 comments
Security teams are being asked to not only handle a greater threat landscape, but help the entire enterprise stay secure. Cross-functional communication can help your security work more effectively outside the InfoSec department.
Former FBI Agent James Gagliano: 'Cyber Touches Everything'
News Analysis  
11/20/2018   Post a comment
Former FBI Agent James Gagliano sees the worlds of physical security and cybersecurity increasingly merging in the area of critical infrastructure.
Page 1 / 2   >   >>

Latest Articles
Cisco's research has proven that beyond meeting compliance requirements, good privacy is good for business and individuals.
Once again, a novel 'speculative execution side-channel' attack has been discovered by researchers.
Security researchers have found that the implementation in Remote Desktop Gateway of string segmentation lays it open to memory corruption vulnerabilities.
In Q4 of 2019, the average ransom payment increased by 104% to $84,116, finds Coveware report.
DHS-CISA has issued a security advisory about GE Carescape medical instrumentation that enumerates many vulnerabilities present in them.
Information Resources
upcoming Webinars
Top Tips for Blocking pwned [email protected]$$wOrds in Your Organization
Tuesday, October 29, 2019
12 p.m. New York/ 4:00 p.m. London
Podcast: Infrastructure Hunting – Stopping Bad Actors in Their Tracks
Being able to effectively build a threat intelligence ecosystem or threat-hunting identification response requires both user and systems sophistication and capabilities. Security, orchestration, automation and response (SOAR) is a new technology designed to provide organizations a single comprehensive platform they can use to implement an intelligence driven security strategy.
Podcast: Digital Transformation, SD-WAN & Optimal Security
Dan Reis chats to Cybera's Josh Flynn about how to achieve digital transformation without sacrificing security.
Podcast archive
Flash Poll
In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2020 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with