Headlines

The CIA is planting web beacons inside Microsoft Word documents to track whistleblowers, journalists and informants, according to WikiLeaks. [...]
Fri, Apr 28, 2017 10:52:00 PM, Continue reading at the source
US-CERT has released an alert warning about a sophisticated attack campaign using multiple malware implants and targeting organizations in the IT, Energy, Healthcare and Public Health, Communications, and Critical Manufacturing sectors. “According to preliminary analysis, threat actors appear to be leveraging stolen administrative credentials (local and domain) and certificates, along [...]
Fri, Apr 28, 2017 7:28:00 PM, Continue reading at the source
The government's surveillance court previously warned the National Security Agency (NSA) that searching Americans' emails and text messages that were collected domestically would not be constitutional. [...]
Fri, Apr 28, 2017 7:08:00 PM, Continue reading at the source
Lithuanian man impersonated an Asian-based manufacturer to trick Facebook and Google into paying him $100 million. [...]
Fri, Apr 28, 2017 6:05:00 PM, Continue reading at the source
ID theft victims can report their cybercrime attack to the Federal Trade Commission, without having to file a police report in most cases. [...]
Fri, Apr 28, 2017 6:00:00 PM, Continue reading at the source
Endpoint woes grow as fileless attacks grow in prevalence and file-based attacks remain largely undetected by AV engines. [...]
Fri, Apr 28, 2017 5:50:00 PM, Continue reading at the source
Your daily round-up of some of the other stories in the news [...]
Fri, Apr 28, 2017 5:31:00 PM, Continue reading at the source
Nomx says it ensures "absolute security," but extensive testing shows otherwise. [...]
Fri, Apr 28, 2017 4:46:00 PM, Continue reading at the source
Behind the scenes with a security researcher as we follow her through a typical day defending the world against seemingly boundless cyberthreats and attacks [...]
Fri, Apr 28, 2017 4:30:00 PM, Continue reading at the source
Facebook's soul-searching report sets itself the challenge of knowing itself [...]
Fri, Apr 28, 2017 4:13:00 PM, Continue reading at the source
About 40% of small- and midsized businesses hit with ransomware paid their attackers, but less than half got their information back. [...]
Fri, Apr 28, 2017 3:30:00 PM, Continue reading at the source
Cybersecurity is at a critical tipping point.  With massive volumes of data being generated and analyzed across the globe every day from a variety of sources and devices, an entirely new approach to network security is required. From both a business and technology perspective, traditional security paradigms are struggling to [...]
Fri, Apr 28, 2017 3:26:00 PM, Continue reading at the source
The data was exposed for at least six months -- likely longer. [...]
Fri, Apr 28, 2017 3:00:00 PM, Continue reading at the source
The death of antivirus has been prophesied for years now, but the AV industry is still alive and kicking. SentinelOne, though, believes that in-memory resident attacks, i.e. fileless malware, just might be the thing that pushes it into oblivion. They base their conjecture on the results of the attack detections [...]
Fri, Apr 28, 2017 3:00:00 PM, Continue reading at the source
The risks insecure medical devices pose to patient safety are no longer just theoretical, and compromised electronic health records may haunt patients forever. A surgical robot, pacemaker, or other life critical device being rendered non-functional would give a whole new, and wholly undesirable, meaning to denial of service. Malware like [...]
Fri, Apr 28, 2017 2:30:00 PM, Continue reading at the source
Mike Mimoso and Chris Brook recap this year's SOURCE Boston Conference and discuss the week in news, including the long term implications of the NSA's DoublePulsar exploit, and the HipChat breach. [...]
Fri, Apr 28, 2017 2:28:00 PM, Continue reading at the source
Nearly 2,000 breaches were analyzed in this year’s Verizon 2017 Data Breach Investigations Report and more than 300 were espionage-related. Here are some of the comments Help Net Security received on the report. John Madelin, CEO at Reliance acsn Today’s report highlights that businesses must rethink their protection strategies to [...]
Fri, Apr 28, 2017 2:00:00 PM, Continue reading at the source
Corporate data governance programs are difficult to establish and enforce. For the most part, these programs lack the necessary people, processes and technology to effectively fend off security threats, data breaches, regulatory fines and lawsuits. The two weakest links in a company’s data governance program are uncontrolled user access to [...]
Fri, Apr 28, 2017 1:30:00 PM, Continue reading at the source
Cyberbit EDR uses adaptive behavioral analysis to detect fileless, signature-less attacks Cyberbit announced a new version of its adaptive Endpoint Detection and Response (EDR) platform, which now provides semi-automated threat hunting, centralized response capabilities, and an improved SDK for detection customization. Originally developed to meet requirements of high-risk organizations, Cyberbit’s [...]
Fri, Apr 28, 2017 1:00:00 PM, Continue reading at the source
Australian minister says government is considering moving towards 'active defence ... blocking or diverting malicious traffic' [...]
Fri, Apr 28, 2017 12:39:00 PM, Continue reading at the source
New research conducted by Vanson Bourne aims to uncover how well-placed global IT leaders consider themselves and their teams to be in terms of meeting current and future business demands. Of the six markets surveyed, Germany was found to be the best prepared to meet its digital transformation goals, closely [...]
Fri, Apr 28, 2017 12:30:00 PM, Continue reading at the source
Not too long ago, very few people had heard of the Society for Worldwide Interbank Financial Telecommunication or SWIFT. The organization's standardized message format has been adopted as the global standard for interbank financial transfers, and the associated software and messaging network drives the majority of international banking transfers today, [...]
Fri, Apr 28, 2017 11:58:00 AM, Continue reading at the source
Police to use facial recognition to match Champions League fans to 'persons of interest' as they arrive for the UEFA Cup final [...]
Fri, Apr 28, 2017 11:11:00 AM, Continue reading at the source
FCC chief signals assault on rules from the days of Ma Bell used by Obama to guarantee net neutrality [...]
Fri, Apr 28, 2017 10:27:00 AM, Continue reading at the source
It's not always the newest or the most sophisticated threat you need to worry about, Verizon's breach and security incident data for 2016 shows. [...]
Thu, Apr 27, 2017 10:30:00 PM, Continue reading at the source
Verizon's Data Breach Investigations Report for 2017 shows big growth in the reported number of ransomware attacks and incidents involving cyberespionage. [...]
Thu, Apr 27, 2017 10:19:00 PM, Continue reading at the source
A member of law enforcement acknowledged at SOURCE Boston that the lack of communication around ransomware remains a serious problem. [...]
Thu, Apr 27, 2017 9:12:00 PM, Continue reading at the source
Facebook users can fuel a social spam botnet by providing verified apps' access tokens in exchange for "likes" and comments. [...]
Thu, Apr 27, 2017 8:55:00 PM, Continue reading at the source
What has not been updated in the new Top 10 list is almost more significant than what has. [...]
Thu, Apr 27, 2017 6:31:00 PM, Continue reading at the source
It's time to move from a dependence on the flawed process of vulnerability identification and remediation to a two-pronged approach that also protects organizations from attacks. [...]
Thu, Apr 27, 2017 6:30:00 PM, Continue reading at the source
Starting with Chrome 62, Google will start marking any HTTP page where users may enter data, and any HTTP page visited in incognito mode [...]
Thu, Apr 27, 2017 6:27:00 PM, Continue reading at the source
OilRig aka Helix Kitten nation-state group leveraged Microsoft zero-day bug in targeted attacks. [...]
Thu, Apr 27, 2017 6:10:00 PM, Continue reading at the source
Do banking institutions have a good handle on the things they need to remediate and new control layers they need to adopt to keep users secure? To answer those questions, Accenture and NowSecure have performed vulnerability assessments of customer-facing mobile banking apps of 15 banking institutions in the North American [...]
Thu, Apr 27, 2017 5:46:00 PM, Continue reading at the source
Your daily round-up of some of the other stories in the news [...]
Thu, Apr 27, 2017 5:34:00 PM, Continue reading at the source
Last week iovation announced that Dwayne Melancon was leaving Tripwire after 17 years and joining the company as the new Vice President of Product, so we decided to get in touch and see what are his future plans. “My experience at Tripwire ran the gamut – I served in a [...]
Thu, Apr 27, 2017 4:52:00 PM, Continue reading at the source
Move shows the importance of international co-operation to take down cybercrime at its roots [...]
Thu, Apr 27, 2017 4:47:00 PM, Continue reading at the source
How well does your bank look after your details? The financial institutions are pretty confident they're doing a good job [...]
Thu, Apr 27, 2017 4:37:00 PM, Continue reading at the source
Source Boston keynoter Keren Elazari sounded a call to action for industry to extend an acceptance of hackers. [...]
Thu, Apr 27, 2017 3:47:00 PM, Continue reading at the source
Just as it is the default tool for most businesses, email’s capacity for rapid, mass communication has made it a favourite instrument of criminals. As a result, malicious emails have become a common occurrence in most consumer and business inboxes. Although chances are that most people will correctly identify the [...]
Thu, Apr 27, 2017 3:00:00 PM, Continue reading at the source
Today’s cybersecurity threats target all parts of the network and nearly every device attached to it, making the potential threat landscape virtually boundless. When you pair technically skilled criminals with the attractiveness of financial data, trying to keep information safe is a constant battle. With this in mind, organizations like [...]
Thu, Apr 27, 2017 2:30:00 PM, Continue reading at the source
As Microsoft hardens its defenses with tools such as Control Flow Guard, researchers at Endgame are preparing for the reality of Counterfeit Object-Oriented Programming attacks to move from theoretical to real. [...]
Thu, Apr 27, 2017 2:02:00 PM, Continue reading at the source
Researchers warn that the TV's lack of authentication means that a hacker could use it to access your Wi-Fi network [...]
Thu, Apr 27, 2017 12:10:00 PM, Continue reading at the source
Earlier this week, we open-sourced a tool we rely on for dynamic binary analysis: Manticore! Manticore helps us quickly take advantage of symbolic execution, taint analysis, and instrumentation to analyze binaries. Parts of Manticore underpinned our symbolic execution capabilities in the Cyber Grand Challenge. As an open-source tool, we hope [...]
Thu, Apr 27, 2017 11:50:00 AM, Continue reading at the source
Police gathered evidence from Fitbit, home alarm, Facebook, phone and credit cards to piece together timeline of events leading up to woman's death [...]
Thu, Apr 27, 2017 10:57:00 AM, Continue reading at the source
Researchers know what the botnet is capable of — but they don't seem to know what it'll actually do. [...]
Wed, Apr 26, 2017 10:53:00 PM, Continue reading at the source
For us at FortiGuard, it always sounds like a bad idea for people to share malware source code, even if it is for academic or educational purposes. For example, on GitHub we can currently find more than 300 distinct repositories of ransomware, which gives you some idea about the attention that [...]
Wed, Apr 26, 2017 8:33:00 PM, Continue reading at the source
The Hack the Air Force bug bounty program invites white hats from inside and outside the U.S. to hack its websites. [...]
Wed, Apr 26, 2017 7:43:00 PM, Continue reading at the source
The military unit has joined the bug bounty movement following the success of the "Hack the Pentagon" competition. [...]
Wed, Apr 26, 2017 7:30:00 PM, Continue reading at the source
Windows' system files were flagged as malicious, and Facebook was marked as a phishing site. [...]
Wed, Apr 26, 2017 5:44:00 PM, Continue reading at the source
At Source Boston, Josh Corman of the Atlantic Council said that healthcare is suffering from a lack of security talent, devices rife with vulnerabilities, and government incentivizing bad behavior. [...]
Wed, Apr 26, 2017 3:39:00 PM, Continue reading at the source