Headlines

Here’s an overview of some of last week’s most interesting news and articles: How to build a better SOC team There’s no scarcity of discussion around the reasons for the infosec skills shortage or ideas for how we can narrow the gap. Few discussions, however, take an honest look at [...]
Mon, May 29, 2017 2:23:00 AM, Continue reading at the source
Microsoft quietly patched a critical vulnerability found by Google's Project Zero team in the Malware Protection Engine. [...]
Sun, May 28, 2017 10:00:00 AM, Continue reading at the source
The high-profile WannaCry attack was the first time that 57% of US consumers were exposed to how ransomware works, the results of a recent Carbon Black survey have revealed. On the one hand, this high percentage is very disturbing. Ransomware has been around since 2005, and you would think that [...]
Fri, May 26, 2017 6:27:00 PM, Continue reading at the source
Your daily round-up of some of the other stories in the news [...]
Fri, May 26, 2017 5:38:00 PM, Continue reading at the source
Why would someone release the keys to victims? Who knows, but as the poster who uploaded them says, 'Enjoy!' [...]
Fri, May 26, 2017 5:26:00 PM, Continue reading at the source
Researchers have demonstrated how a malicious app with two specific permission can stealthily compromise users’ Android devices. “The possible attacks include advanced clickjacking, unconstrained keystroke recording, stealthy phishing, the silent installation of a God-mode app (with all permissions enabled), and silent phone unlocking + arbitrary actions (while keeping the screen [...]
Fri, May 26, 2017 5:13:00 PM, Continue reading at the source
Many Americans see Memorial Day in the US as the holiday that kicks off summer. Stores are loaded with shiny new grills, bags of charcoal, and rows of filled propane tanks. Patio furniture is being dusted off while refrigerators are stuffed with marinating steaks, bowls of potato salad, and chilled [...]
Fri, May 26, 2017 4:19:00 PM, Continue reading at the source
Mark Dowd discusses why certain exploit mitigations have been so successful in driving up the cost of exploit development for attackers. [...]
Fri, May 26, 2017 4:00:00 PM, Continue reading at the source
Independent expert advice on Data Protection and GDPR For many organisations, the General Data Protection Regulation (GDPR) now mandates the appointment of an independent Data Protection Officer (DPO). In response to this, BH Consulting has launched a new DPO-as-a-Service offering in order to assist clients in meeting their data protection [...]
Fri, May 26, 2017 3:02:00 PM, Continue reading at the source
It's dangerous to go alone outside Google's protective walled garden, but it's the price you pay for free software. [...]
Fri, May 26, 2017 3:00:00 PM, Continue reading at the source
Pacemakers and pacemaker programmers lack authentication and are plagued with thousands of software vulnerabilities across leading manufacturers. [...]
Fri, May 26, 2017 3:00:00 PM, Continue reading at the source
Mike Mimoso and Chris Brook recap the news of the week, including the EternalRocks worm, the latest on WannaCry, a subtitle hack, and a Twitter flaw. [...]
Fri, May 26, 2017 2:00:00 PM, Continue reading at the source
GDPR is a game-changing piece of data protection legislation that goes into effect on May 25, 2018. While the legislation includes various components related to how organizations collect, store, manage and protect customer data, the ‘right to be forgotten’ gives individuals the right to have personal data erased. If most [...]
Fri, May 26, 2017 1:00:00 PM, Continue reading at the source
The Cloud Security Alliance (CSA) released its first ever research and guidance report on connected vehicle security. Authored by the CSA’s Internet of Things (IoT) Working Group, “Observations and Recommendations on Connected Vehicle Security” provides a comprehensive perspective on vehicle security connectivity design, possible attack vectors of concern, and recommendations [...]
Fri, May 26, 2017 12:30:00 PM, Continue reading at the source
Phishing sites are deploying freely available TLS certificates in order to dupe victims into thinking they're visiting a safe site. [...]
Fri, May 26, 2017 12:00:00 PM, Continue reading at the source
SMB is the Windows networking protocol, so SMB security holes like the one that led to WannaCry can't happen on Linux/Unix, right? Wrong! [...]
Fri, May 26, 2017 11:35:00 AM, Continue reading at the source
Despite use of facial recognition being banned under state law, Vermont's DMV is 'overstepping' the legislation, say campaigners [...]
Fri, May 26, 2017 11:05:00 AM, Continue reading at the source
Many pointed the finger at Windows XP, but the worst hit computers were unpatched Windows 7 machines [...]
Thu, May 25, 2017 10:54:00 PM, Continue reading at the source
While the world is still battling the WannaCry ransomworm menace, fraudsters have decided to exploit the threat’s visibility and users’ confusion to make them install fake Android apps that supposedly protect against it. WannaCry hits Russia’s postal service Reuters has reported on Wednesday that the Russian postal service was among [...]
Thu, May 25, 2017 9:47:00 PM, Continue reading at the source
A recently released extension for Chrome, developed by the public key crypto database Keybase, brought end-to-end encrypted messaging to several apps this week. [...]
Thu, May 25, 2017 6:43:00 PM, Continue reading at the source
Rep. Tom Graves has revised a draft of the Active Cyber Defense Certainty Act with new provisions that include mandatory notification and permission to recovery or destroy stolen data on the attacker’s computer. [...]
Thu, May 25, 2017 6:14:00 PM, Continue reading at the source
Your daily round-up of some of the other stories in the news [...]
Thu, May 25, 2017 5:40:00 PM, Continue reading at the source
A linguistics analysis of the 28 ransom notes included with WannaCry indicate that native Chinese and English speakers wrote the original note, Flashpoint said. [...]
Thu, May 25, 2017 5:00:00 PM, Continue reading at the source
A vulnerability in caption files has been patched in some media players, but it's not clear how widespread the flaw still is [...]
Thu, May 25, 2017 4:34:00 PM, Continue reading at the source
The Samba Team has patched a severe bug that leaves computers vulnerable to wormable exploit. [...]
Thu, May 25, 2017 4:20:00 PM, Continue reading at the source
Given the very public explosion of ransomware, and an ever-growing list of other cyber threats, IT services providers are increasingly looking for ways to meet the insatiable demand for cybersecurity. In this article we will look at some of the trends and challenges facing the MSSP community. How has the cost [...]
Thu, May 25, 2017 4:06:00 PM, Continue reading at the source
New machine-learning tool aims to deliver even more information to Google's advertisers about your 'consumer journey' [...]
Thu, May 25, 2017 2:22:00 PM, Continue reading at the source
The developers of Samba have plugged a critical remote code execution flaw that could allow a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. What is Samba? Samba is a free and open source implementation of the [...]
Thu, May 25, 2017 2:19:00 PM, Continue reading at the source
The security skills shortage is a very real issue. Cisco estimates that there are currently one million unfilled cyber security jobs worldwide, while a report from Frost & Sullivan predicts that by 2020, the number will be 1.5 million. The security industry is only growing – and fast. IDC says [...]
Thu, May 25, 2017 2:00:00 PM, Continue reading at the source
A total of 200 master keys can now be used by victims to decrypt and unlock their systems. [...]
Thu, May 25, 2017 1:56:00 PM, Continue reading at the source
Scientists at the Technical University of Munich (TUM) have developed a holographic imaging process that depicts the radiation of a Wi-Fi transmitter to generate three-dimensional images of the surrounding environment. Industrial facility operators could use this to track objects as they move through the production hall. Set-up of the WLAN-holography [...]
Thu, May 25, 2017 1:30:00 PM, Continue reading at the source
The automotive industry is currently undergoing a dramatic revolution. This is a statement being echoed by leaders from across the sector, with individuals such as GM CEO Mary Barra professing that the automotive industry is set to change more in the next five to ten years than it has in [...]
Thu, May 25, 2017 12:00:00 PM, Continue reading at the source
Europe moves a step closer to limiting the spread of extremism and toxic content via social platforms [...]
Thu, May 25, 2017 11:14:00 AM, Continue reading at the source
Think you got off scot-free with this whole WannaCry business? Well, it turns out that you might be immune to infection by WannaCry because you've already been infected by Adylkuzz. #irony Last week, the WannaCry ransomware attack made headlines around the world as it spread at an unprecedented and almost mindboggling [...]
Thu, May 25, 2017 10:32:00 AM, Continue reading at the source
Kernels can be exploited and iCloud account user information leaked due to the security flaws. [...]
Thu, May 25, 2017 9:30:00 AM, Continue reading at the source
The market for automated credential stuffing tools is growing fast, because of a record number of breaches. [...]
Wed, May 24, 2017 9:49:00 PM, Continue reading at the source
Here's everything you need to know about the secretive FBI's investigative powers. [...]
Wed, May 24, 2017 6:00:00 PM, Continue reading at the source
Your daily round-up of some of the other stories in the news [...]
Wed, May 24, 2017 4:44:00 PM, Continue reading at the source
Many of today's organizations are considering public cloud storage options for their data, due to their low upfront cost and ease of use. Several public cloud providers, such as Amazon Web Services, are designed with an OpEx model that can often seem more appealing than constructing an onsite data center, [...]
Wed, May 24, 2017 4:12:00 PM, Continue reading at the source
Computers all around the world were hit with one of the worst ransomware viruses in history earlier this month. The virus, dubbed “WannaCry,” hit over 200 thousand computers in 150 countries. The virus was able to attack hospital systems in the U.K. and a telecom company in Spain. WannaCry has [...]
Wed, May 24, 2017 2:05:00 PM, Continue reading at the source
Here's the problem: the existence of administrative credentials stored on machines throughout the network. What could happen if some of these credentials become known to an unauthorized user? That user would have partial or complete administrative access to the entire domain. IT administrators have a significant challenge on their hands if [...]
Wed, May 24, 2017 12:23:00 PM, Continue reading at the source
When it comes to reducing risk before an issue occurs, do organizations need the unequivocal strength of The Avengers or could they hedge their bets on just Iron Man? While cybersecurity threats like ransomware and botnets are increasingly making headlines, for most organizations, internal employees are their biggest risks. Studies show [...]
Wed, May 24, 2017 11:21:00 AM, Continue reading at the source
In this guide, learn about current regulations and how to deal with theft, insurance problems, and hardware damage. [...]
Wed, May 24, 2017 8:49:00 AM, Continue reading at the source
All this time, a rather simple Twitter bug could have caused chaos on the platform. [...]
Wed, May 24, 2017 7:08:00 AM, Continue reading at the source
A major challenge facing security vendors today is that most solutions and products are developed based on knowledge of previous threats that already exist. This makes many security solutions reactive by their very design, which is not a tenable strategy for facing the volume of new attacks and strategies arising [...]
Tue, May 23, 2017 10:37:00 PM, Continue reading at the source
The malware is able to lock out companies from accessing their networks as well as infecting neighboring systems. [...]
Tue, May 23, 2017 4:00:00 PM, Continue reading at the source
We regularly do deep dive Q&A pieces with our executives to share the leadership perspectives at Fortinet. Read below for an interview with Phil Quade, Fortinet's CISO.  [...]
Tue, May 23, 2017 1:51:00 PM, Continue reading at the source
The government wants to install black box-type devices on telecoms networks for unfettered access to UK metadata, which one rights group says will "become central to the new surveillance regime." [...]
Tue, May 23, 2017 12:19:00 PM, Continue reading at the source
The destructive ransomware has caused chaos and it may be that cyberattackers want to continue capitalizing on the malware. [...]
Tue, May 23, 2017 6:35:00 AM, Continue reading at the source
The "black box" attacks compromise ATMs to dispense cash. [...]
Tue, May 23, 2017 5:57:00 AM, Continue reading at the source