Headlines

There will be no lack of interesting content from Qualys at Black Hat next week. Depending on you interests, you might want to make time for some of these talks and presentations at booth #899. Wednesday, July 26 10:20 AM – Achieving 2-Second Visibility with Qualys Cloud Agent Jimmy Graham, [...]
Fri, Jul 21, 2017 6:55:00 PM, Continue reading at the source
ESET researchers have unearthed a botnet of some 500,000 infected machines engaged mostly in ad-related fraud by using malicious Chrome extensions, but also Facebook fraud and brute-forcing Joomla and WordPress websites. In addition to this, the compromised machines are also equipped with a fully featured backdoor, which allows the operators [...]
Fri, Jul 21, 2017 4:31:00 PM, Continue reading at the source
Companies struggle to keep up with and respond to cyberattacks due to lack of resources, according to Demisto. For example, more than 40 percent of respondents said their organizations are not prepared to measure incident response, and only 14.5 percent of respondents are measuring MTTR (Mean Time to Respond). While [...]
Fri, Jul 21, 2017 3:00:00 PM, Continue reading at the source
Awake Security unveils advanced security analytics solution Awake’s advanced security analytics provide security teams the insights needed to understand the scope and impact of observed behavior and investigate only credible alerts and threats. By cutting out cumbersome tasks during the investigative process, Awake enables analysts to focus on high-value security [...]
Fri, Jul 21, 2017 2:00:00 PM, Continue reading at the source
The Cisco 2017 Midyear Cybersecurity Report (MCR) uncovers the rapid evolution of threats and the increasing magnitude of attacks, and forecasts potential Destruction of Service attacks, which could eliminate organizations’ backups and safety nets. Also, with the advent of the Internet of Things, key industries are bringing more operations online, [...]
Fri, Jul 21, 2017 1:20:00 PM, Continue reading at the source
Information security staffs are so single-minded about defending their organizations from external attack that they all but ignore a threat with vastly greater potential for damage, according to the SANS Institute. Looking for an easier target As security protecting organizations from outside attack gets more formidable, attackers look for easier [...]
Fri, Jul 21, 2017 1:00:00 PM, Continue reading at the source
GhostCtrl, being distributed by rogue versions designed to look like legitimate apps, can monitor what you do and lock up your device - beware! [...]
Fri, Jul 21, 2017 12:58:00 PM, Continue reading at the source
Two key marketplaces for illegal drugs go dark as it's revealed that Dutch police secretly ran Hansa for a month during its investigation [...]
Fri, Jul 21, 2017 11:20:00 AM, Continue reading at the source
Security operations have come under increasing pressure from well-funded attackers armed with news tactics, tools and skills. As a result of this, there is additional scrutiny, micromanagement and oversight as IT security climbs the business agenda of many organizations. It’s vital to have the right information at your disposal to [...]
Thu, Jul 20, 2017 11:00:00 PM, Continue reading at the source
Just a few short weeks after dark web market Alpha Bay was shut down, Hansa Market is now also shuttered. After Alpha Bay’s shutdown, many users flocked to Hansa Market, which was touted as the most secure on the dark web. As users are starting to congregate on Reddit to [...]
Thu, Jul 20, 2017 9:38:00 PM, Continue reading at the source
Apple has released security updates for iOS, macOS (Sierra, El Capitan, and Yosemite), Safari, iCloud, iTunes, watchOS and tvOS. As per usual, the same fixed Webkit flaws abound in all of the updates, as it is the web browser engine used by Safari, App Store, and many other applications. Among [...]
Thu, Jul 20, 2017 8:03:00 PM, Continue reading at the source
Security operations teams are engaged in a constant struggle to keep up with the volume of security alerts, maintain the right skills, and manage incident response processes. They want quality information, presented in a way that makes it easy to grasp and react to quickly. They want not to be [...]
Thu, Jul 20, 2017 6:54:00 PM, Continue reading at the source
Apple released iOS 10.3.3 Wednesday that serves as a cumulative patch update for multiple vulnerabilities including the high-profile BroadPwn bug. [...]
Thu, Jul 20, 2017 6:08:00 PM, Continue reading at the source
Your daily round-up of some of the other stories in the news [...]
Thu, Jul 20, 2017 6:04:00 PM, Continue reading at the source
Using infrared for data transfer isn't new, but finding an IR transmitter on an ATM in Oklahoma took law enforcement by surprise [...]
Thu, Jul 20, 2017 4:55:00 PM, Continue reading at the source
From how the "Orpheus' Lyre" bug got its weird name all the way to what we can learn from it. No jargon, just plain English. Enjoy... [...]
Thu, Jul 20, 2017 4:43:00 PM, Continue reading at the source
U.S. authorities along with law enforcement Europe and Asia announced today the takedown of the dark web’s largest illicit market, AlphaBay. [...]
Thu, Jul 20, 2017 4:32:00 PM, Continue reading at the source
Make sure you check which phone number you have associated with your Facebook account - if it's assigned to someone else, they could take over your profile [...]
Thu, Jul 20, 2017 1:45:00 PM, Continue reading at the source
A total of eight Apple iOS security flaws were discovered by a single researcher. [...]
Thu, Jul 20, 2017 1:00:00 PM, Continue reading at the source
Tor wants to find bugs which could compromise the identity of its users. [...]
Thu, Jul 20, 2017 1:00:00 PM, Continue reading at the source
As application-focused threats continue to evolve, both in number and sophistication, a single web application security device is typically not enough to defend the entire, distributed network. Instead, organizations need to consider investing in a multi-pronged web application security approach that can tie different devices together, and leverage and share [...]
Thu, Jul 20, 2017 12:58:00 PM, Continue reading at the source
The Tor Project is launching a public bug bounty program to encourage security researchers to responsibly report issues they find in the software. [...]
Thu, Jul 20, 2017 12:42:00 PM, Continue reading at the source
More than 30m wishful thinkers clicked on the links tweeted out by the bots - who were after your wallet rather than after your heart [...]
Thu, Jul 20, 2017 11:47:00 AM, Continue reading at the source
Dropping in to BSidesLV while you're in Vegas? Come and see our data scientists talk about machine learning and the threats there - we'd love to say hi [...]
Thu, Jul 20, 2017 10:36:00 AM, Continue reading at the source
The cryptocurrency has been dealt another serious blow with the second high-profile theft of the week. [...]
Thu, Jul 20, 2017 8:49:00 AM, Continue reading at the source
Session border controllers (SBCs) provide the protection UC applications require – and data firewalls lack – enabling enterprises to make the leap to the cloud Chief security officers have a lot on their plate these days, from a daily influx of zero-day vulnerabilities to increasingly sophisticated denial-of-service (DoS) attacks. It's a [...]
Thu, Jul 20, 2017 8:11:00 AM, Continue reading at the source
Senator Ron Wyden is pushing to mandate government-wide use of the email authentication protocol DMARC “to ensure that hackers cannot send emails that impersonate federal agencies.” [...]
Wed, Jul 19, 2017 7:46:00 PM, Continue reading at the source
The lead prosecutor said the Russian man had cooperated with the US government "from the start." [...]
Wed, Jul 19, 2017 7:43:00 PM, Continue reading at the source
Your daily round-up of some of the other stories in the news [...]
Wed, Jul 19, 2017 6:53:00 PM, Continue reading at the source
A long-standing bug in the network authentication protocol called Kerberos led to a security hole in Windows, Linux and more. [...]
Wed, Jul 19, 2017 4:27:00 PM, Continue reading at the source
Criminals have made use of the leaked source code for the Nukebot banking Trojan, crafting modified versions of the malware to target banks in the U.S. and France. [...]
Wed, Jul 19, 2017 1:56:00 PM, Continue reading at the source
According to a report posted by the Office of the National Coordinator for Health Information Technology, 87 percent of office-based physicians had adopted some form of electronic health record (EHR) as of 2015. This is more than double the 42 percent that had done so when data was collected in [...]
Wed, Jul 19, 2017 12:58:00 PM, Continue reading at the source
Tens of millions of products ranging from airport surveillance cameras, sensors, networking equipment and IoT devices are vulnerable to a flaw that allows attackers to remotely gain control over devices or crash them. [...]
Wed, Jul 19, 2017 10:00:00 AM, Continue reading at the source
The company hopes that security orchestration and automation will bring in future enterprise revenue. [...]
Wed, Jul 19, 2017 8:06:00 AM, Continue reading at the source
Oracle's July Critical Patch Update included fixes for 308 vulnerabilities, 165 of which are remotely exploitable. [...]
Tue, Jul 18, 2017 8:47:00 PM, Continue reading at the source
The company appears to have ignored the security report, months after it was filed. [...]
Tue, Jul 18, 2017 8:05:00 PM, Continue reading at the source
Oracle today in its Critical Patch Update addressed a critical vulnerability in its Oracle E-Business Suite of business applications that allows for the download of business documents. [...]
Tue, Jul 18, 2017 7:45:00 PM, Continue reading at the source
Hackers hijacked CoinDash’s initial coin offering Monday, stealing $7.7 million in cryptocurrency from the nascent trading platform. [...]
Tue, Jul 18, 2017 7:02:00 PM, Continue reading at the source
Cloudflare and network operator Credo Mobile suffered a legal defeat when U.S. appeals court ruled to uphold a gag order on FBI surveillance data. [...]
Tue, Jul 18, 2017 6:34:00 PM, Continue reading at the source
It's about to get really difficult to accidentally fall for a phishing attack. [...]
Tue, Jul 18, 2017 5:00:00 PM, Continue reading at the source
Q: You joined Fortinet recently after three decades in cybersecurity roles in government, including most recently the NSA. What has that experience taught you about the nature and scope of the threats that organizations face these days? Some people say that street cops and detectives see an especially negative view of [...]
Tue, Jul 18, 2017 12:58:00 PM, Continue reading at the source
The hack took only a few minutes but allowed the criminal to escape with millions in investor funds. [...]
Tue, Jul 18, 2017 8:56:00 AM, Continue reading at the source
Many people will recognize the next few words as a gross understatement: The number of cyberthreats and cyberattacks targeting organizations won’t slow down anytime soon. In recent months, we’ve seen increasingly sophisticated attacks targeting specific organizations, compromised IoT devices used in DDoS attacks, and large-scale ransomware outbreaks spreading across the [...]
Mon, Jul 17, 2017 12:58:00 PM, Continue reading at the source
Whether or not former users of the affairs website will take up the offer, however, is up for debate. [...]
Mon, Jul 17, 2017 6:04:00 AM, Continue reading at the source
The impacts of ransomware and other breaches, which exploit failures in risk management, are preventable. The WannaCry ransomware attack was the most widespread of its kind in history. It took advantage of a Windows vulnerability – one detected and resolved months ago – encrypting victims' data and demanding a ransom [...]
Fri, Jul 14, 2017 4:58:00 PM, Continue reading at the source
The government just doxed several concerned (and angry) citizens. [...]
Fri, Jul 14, 2017 4:31:00 PM, Continue reading at the source
The SAP threat landscape is always growing thus putting organizations of all sizes and industries at risk of cyberattacks. The idea behind SAP Cyber Threat Intelligence report is to provide an insight into the latest security threats and vulnerabilities. Key takeaways July's set of SAP Security Notes consists of 23 patches with [...]
Fri, Jul 14, 2017 3:57:00 PM, Continue reading at the source
Sixteen years ago, Fortinet predicted the emergence of a digital economy where data would be driving business. We understood that this would require scaling the Internet to support hyperconnected network infrastructures. To accomplish this, network infrastructures that hadn’t fundamentally changed for decades would have to be radically redesigned. The challenge [...]
Fri, Jul 14, 2017 12:58:00 PM, Continue reading at the source
Fortinet is proud to be a Platinum Plus Sponsor at Black Hat’s 20th anniversary conference, being held this July 22-27 at the Mandalay Bay Convention Center in Las Vegas, NV. Our booth is #915. This year’s booth includes a live theater, and we have lined up great presentations from Fabric-Ready Partners, [...]
Fri, Jul 14, 2017 12:58:00 PM, Continue reading at the source
This is Part II of a series. Read Part I here. Sun Tzu wrote in his famous book, The Art of War, “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory [...]
Thu, Jul 13, 2017 12:58:00 PM, Continue reading at the source