News

News

• November 30, 2018 30 Nov'18

  Ponemon study shows data valuation discrepancies in enterprises

  A new study from the Ponemon Institute shows enterprises are underestimating the value of their data, including critical and confidential information assets.

• November 29, 2018 29 Nov'18

  SamSam ransomware actors charged, sanctioned by US government

  The FBI indicted two threat actors involved with the SamSam ransomware attacks while the US Treasury sanctioned two others for their role in exchanging Bitcoin earned from attacks.

• November 29, 2018 29 Nov'18

  Breaking down Dell's "potential cybersecurity incident" announcement

  Dell provided some information about a "potential cybersecurity incident" earlier this month, but it's unclear how the company and customers should be reacting.

• November 28, 2018 28 Nov'18

  Botnet takedown snares 3ve, Methbot ad fraud campaigns

  The Justice Department indicted eight individuals accused of running major ad fraud campaigns, including the 3ve botnet, which generated millions of dollars in fake ad revenue.

• November 28, 2018 28 Nov'18

  Compromised NPM package highlights open source trouble

  A compromised NPM package targeted a popular bitcoin wallet with cryptocurrency-stealing code and experts say the issue highlights the lack of a chain of trust in open source software.

• November 27, 2018 27 Nov'18

  USPS website flaw exposed data for one year

  The U.S. Postal Service inadvertently exposed the data of 60 million users and has only just fixed the underlying website flaw, despite being notified of the issue one year ago.

• November 21, 2018 21 Nov'18

  Risk assessments essential to secure third-party vendor management

  Panelists at Infosec North America advised those charged with third-party vendor management to perform due diligence and assess the innate risk vendors create for business processes.

• November 21, 2018 21 Nov'18

  DeepMasterPrints fake fingerprints can fool fingerprint sensors

  Researchers have developed AI-generated synthetic fingerprints -- known as DeepMasterPrints -- that can spoof biometric scanners and potentially be used to launch practical attacks.

• November 20, 2018 20 Nov'18

  Risk & Repeat: Who's to blame for bad passwords?

  This week's Risk & Repeat podcast discusses whether users are responsible for creating and reusing weak passwords or if the technology systems themselves are to blame.

• November 20, 2018 20 Nov'18

  Recorded Future names Tessa88 suspect in LinkedIn, Myspace breaches

  Researchers at Recorded Future identified the individual behind the notorious Tessa88 hacker handle, but it's unclear what role he played in the LinkedIn and Myspace breaches.

• November 20, 2018 20 Nov'18

  AWS moves to curb S3 data leaks, but Chris Vickery is doubtful

  Amazon unveils new settings to help users avoid S3 data leaks, but UpGuard's Chris Vickery, who uncovered most AWS exposures, is doubtful the changes will end the problem.

• November 16, 2018 16 Nov'18

  Firefox Monitor offers breach alerts on visited websites

  The promised integration with Have I Been Pwned is expanding in Firefox Monitor with new breach alerts when a user visits a recently compromised website.

• November 16, 2018 16 Nov'18

  Cylance acquisition shifts BlackBerry towards security

  BlackBerry made its strongest move yet toward enterprise security with a $1.4 billion acquisition of cybersecurity startup Cylance, which specializes in AI-powered threat protection.

• November 16, 2018 16 Nov'18

  Google BGP route leak was accidental, not hijacking

  Despite early speculation, experts concluded the BGP route leak that sent Google traffic through China and Russia was due to an accidental misconfiguration and not malicious activity.

• November 16, 2018 16 Nov'18

  Risk & Repeat: Are we winning the war on cybercrime?

  On this week's Risk & Repeat podcast, Chet Wisniewski of Sophos discusses his company's latest research and explains why there's reason for optimism in the war on cybercrime.

• November 16, 2018 16 Nov'18

  After 2015 OPM data breach, agency failed to update security

  News roundup: Three years after the OPM data breach, the agency still hasn't implemented basic security. Plus, seven new Meltdown, Spectre attacks were uncovered, and more.

• November 15, 2018 15 Nov'18

  BT Security CEO: Red teaming is valuable, but challenging

  During the Securing the Enterprise conference at MIT's CSAIL, BT Security CEO Mark Hughes discusses the benefits and challenges red teaming has presented to his company.

• November 14, 2018 14 Nov'18

  Cybercrime agreement signed by 50 nations, not U.S., China and Russia

  An international cybercrime agreement was signed by 50 nations and 150 companies in Paris, but the U.S., China and Russia were not part of the accord.

• November 12, 2018 12 Nov'18

  SSD encryption failures made worse by BitLocker settings

  Researchers discover major manufacturers poorly implemented SSD encryption, allowing easy access to data, and Microsoft BitLocker made the issue worse.

• November 12, 2018 12 Nov'18

  Android Ecosystem Security Transparency Report is a wary first step

  Reading through Google's first quarterly Android Ecosystem Security Transparency Report feels like a mix of missed opportunities and déjà vu all over again. Much of what is in the new Android ...

• November 09, 2018 09 Nov'18

  New spam botnet infects over 100,000 home routers

  News roundup: A new spam botnet infected over 100,000 home routers through a UPnP vulnerability, according to researchers. Plus, HSBC Bank reported a data breach, and more.

• November 08, 2018 08 Nov'18

  Risk & Repeat: MIT CSAIL discusses securing the enterprise

  This week's Risk & Repeat podcast discusses the MIT CSAIL Securing the Enterprise conference and how experts there advocated for new strategies and approaches to infosec.

• November 08, 2018 08 Nov'18

  U.S. Cyber Command malware samples to be logged in VirusTotal

  The Cyber National Mission Force will share unclassified U.S. Cyber Command malware samples to VirusTotal and one expert hopes there will be more action taken to help researchers.

• November 06, 2018 06 Nov'18

  Latest Symantec acquisitions target endpoint security

  Endpoint security startups Appthority and Javelin Networks are the latest Symantec acquisitions as the cybersecurity giant aims to improve its endpoint protection product.

• November 06, 2018 06 Nov'18

  PortSmash side-channel attack targets Intel Hyper-Threading

  The latest side-channel attack against Intel chips, known as PortSmash, targets Hyper-Threading in order to steal data, such as private OpenSSL keys from a TLS server.

• November 05, 2018 05 Nov'18

  As PHP v5 nears its end, enterprises face serious threats

  The majority of websites still use the outdated PHP v5, according to recent data, causing concern over the fact that it will stop receiving security support at the end of the year.

• November 02, 2018 02 Nov'18

  Bleedingbit vulnerabilities put Wi-Fi access points at risk

  Armis researchers discovered two chip-level Bluetooth vulnerabilities -- dubbed Bleedingbit -- that could allow pseudo-remote code execution on wireless access points.

• November 02, 2018 02 Nov'18

  SamSam ransomware campaigns continue to target U.S. in 2018

  News roundup: SamSam ransomware targeted 67 organizations in 2018, according to research. Plus, Equifax is sending its breach victims to Experian for credit monitoring, and more.

• November 02, 2018 02 Nov'18

  Kraken ransomware gets packaged into Fallout EK

  Researchers found Kraken ransomware has become more popular after being packaged in the Fallout exploit kit and becoming part of an affiliate program.

• October 31, 2018 31 Oct'18

  The first sandboxed antivirus is Windows Defender

  Microsoft created the first sandboxed antivirus solution in its latest Insider version of Windows Defender for Windows 10, moving proactively to harden the product against attacks.

• October 26, 2018 26 Oct'18

  Google sets Android security updates rules but enforcement is unclear

  The vendor requirements for Android are a strange and mysterious thing but a new leak claims Google has added language to force manufacturers to push more regular Android security updates. ...

• October 26, 2018 26 Oct'18

  Settlement in Yahoo data breach leaves company to pay $50M

  News roundup: The Yahoo data breach will cost the company another $50 million in a settlement deal. Plus, Check Point acquired cloud security company Dome9, and more.

• October 26, 2018 26 Oct'18

  WebExec vulnerability leaves Webex open to insider attacks

  A remote code execution flaw in Cisco Webex -- called WebExec -- could be an easy vector for insider attacks, and the researchers who found it say it's easier to exploit than detect.

• October 25, 2018 25 Oct'18

  Risk & Repeat: Facebook breach raises regulatory questions

  This week's Risk & Repeat podcast discusses new developments regarding Facebook's recent data breach, as well as the social networking giant's response to the incident.

• October 25, 2018 25 Oct'18

  Malwarebytes cybercrime report shows increase in attacks on businesses

  Malwarebytes' report, 'Cybercrime Tactics and Techniques Q3 2018,' highlights how businesses became the focus of cyberattacks versus consumers over the past three months.

• October 25, 2018 25 Oct'18

  FireEye ties Russia to Triton malware attack in Saudi Arabia

  FireEye security researchers claimed the Russian government was 'most likely' behind the Triton malware attack on an industrial control system in Saudi Arabia last year.

• October 23, 2018 23 Oct'18

  Healthcare.gov breach exposes data on 75,000 people

  Malicious actors attacked a back-end insurance system and the resulting Healthcare.gov breach exposed an unknown amount of data on 75,000 people.

• October 22, 2018 22 Oct'18

  Zero-day jQuery plugin vulnerability exploited for 3 years

  A zero-day in jQuery File Upload could affect thousands of projects because the jQuery plugin vulnerability has existed for eight years and actively exploited for at least three years.

• October 19, 2018 19 Oct'18

  Facebook hack the work of spammers, not foreign adversary

  News roundup: The Facebook hack was the work of spammers, according to The Wall Street Journal. Plus, 35 million voter records are for sale on the dark web, and more.

• October 19, 2018 19 Oct'18

  GreyEnergy threat group detected attacking high-value targets

  Researchers claim a new threat group called GreyEnergy is the successor to BlackEnergy, but experts are unsure if the evidence supports the claims or warnings of future attacks.

• October 19, 2018 19 Oct'18

  Risk & Repeat: Military cybersecurity scrutinized in GAO report

  This week's Risk & Repeat podcast discusses the GAO report on vulnerabilities and weaknesses in modern weapons systems and what they mean for the U.S. military.

• October 19, 2018 19 Oct'18

  (ISC)2: Cybersecurity workforce shortage nears 3 million worldwide

  With a workforce in short supply, the skills gap has affected the professional growth of security pros worldwide, an (ISC)2 Cybersecurity Workforce Study found.

• October 18, 2018 18 Oct'18

  New libSSH vulnerability gives root access to servers

  A 4-year-old libSSH vulnerability can allow attackers to easily log in to servers with full administrative control, but it is still unclear exactly how many devices are at risk.

• October 16, 2018 16 Oct'18

  Pentagon data breach exposed travel data for 30,000 individuals

  The Department of Defense said a Pentagon data breach exposed travel records for approximately 30,000 military and civilian personnel, but the investigation is still in progress.

• October 15, 2018 15 Oct'18

  Mystery around Trend Micro apps still lingers one month later

  The mystery around the Trend Micro apps that were removed from the Mac App Store continues despite Trend Micro's numerous updates on the matter.

• October 12, 2018 12 Oct'18

  Facebook breach affected 20 million fewer than thought

  The recent Facebook breach affected 20 million fewer accounts than was previously thought. The company now says 29 million accounts had data exposed to attackers.

• October 12, 2018 12 Oct'18

  Mozilla delays distrust of Symantec TLS certificates, Google doesn't

  Mozilla delays plans to distrust Symantec TLS certificates in Firefox because despite more than one year's notice, approximately 13,000 websites still use the insecure certificates.

• October 12, 2018 12 Oct'18

  Industroyer, NotPetya linked to TeleBots group by ESET researchers

  News roundup: An APT group called TeleBots group was linked to Industroyer malware and NotPetya ransomware, according to researchers. Plus, Imperva is acquired by Thoma Bravo and more.

• October 11, 2018 11 Oct'18

  Paul Vixie wants to stop malicious domains before they're created

  Farsight Security's Paul Vixie says his company's new research into domain name lifespans and causes of death shows the need for new policies and action to curb malicious domains.

• October 11, 2018 11 Oct'18

  U.S. weapon systems cybersecurity failing, GAO report says

  A U.S. Government Accountability Office report gave failing grades to military weapon systems cybersecurity, but some experts say the report should be a source of encouragement.

• October 11, 2018 11 Oct'18

  Patched MikroTik router vulnerability worse than initially thought

  Tenable Research finds new exploits of an already patched MikroTik router vulnerability that could enable hackers to launch remote code execution attacks.

• October 10, 2018 10 Oct'18

  Google security audit begets product changes, German probe

  A Google security audit uncovered a glitch in Google Plus that exposed data from nearly 500,000 accounts, causing the company to shutter the social network and spur a German data protection probe.

• October 09, 2018 09 Oct'18

  At (ISC)² Security Congress 2018, a congressman calls for action

  Rep. Cedric Richmond (D-La.) outlined three key strategies for addressing cybersecurity policy and workforce gaps.

• October 09, 2018 09 Oct'18

  U.S. government domain officials to start using 2FA

  The government domain registrar -- DotGov -- began rolling out two-factor authentication for officials managing .gov domains in order to mitigate against DNS hijacking.

• October 08, 2018 08 Oct'18

  Risk & Repeat: Inside the Facebook 2FA fail

  This week's Risk & Repeat podcast discusses the latest controversy for Facebook, which has been using two-factor authentication numbers for advertising purposes.

• October 05, 2018 05 Oct'18

  GRU indictment accuses 7 Russians in global cyberattacks

  The U.S., U.K. and other allies accused seven Russian military officers in cybercrimes around the world, and the GRU indictment from the U.S. formally pressed charges.

• October 05, 2018 05 Oct'18

  Compromised Supermicro chips reportedly infiltrated US

  News roundup: A Bloomberg report claimed China infiltrated U.S. companies and government agencies through tiny Supermicro chips on motherboards. Plus, a new Telegram flaw and more.

• October 04, 2018 04 Oct'18

  North Korean cybertheft of $100-plus million attributed to APT38

  Security researchers tracked an aggressive cybertheft campaign -- attributed to North Korean APT38 -- in which threat actors attempted to steal more than $1 billion and destroy all evidence along the way.

• October 03, 2018 03 Oct'18

  DigiCert, Gemalto and ISARA to provide quantum-proof certificates

  Quantum computing threats are on the horizon, but DigiCert, Gemalto and ISARA have teamed up to develop new quantum-proof digital certificates and remake the PKI industry.

• October 02, 2018 02 Oct'18

  Facebook GDPR fate uncertain following data breach

  Facebook's GDPR consequences are still up in the air following a data breach, as Irish regulators are waiting on more information before determining if the social network will face a fine.

• October 01, 2018 01 Oct'18

  FBI, DHS blaming the victims on Remote Desktop Protocol

  FBI, DHS call on users to mitigate Remote Desktop Protocol vulnerabilities and handle RDP exploits on their own, even as the "going dark" campaign continues unabated.

• September 28, 2018 28 Sep'18

  Facebook breach affected nearly 50 million accounts

  Nearly 50 million accounts were affected in a Facebook breach, but it is still unclear what data attackers may have obtained and who might have been behind the breach.

• September 28, 2018 28 Sep'18

  Risk & Repeat: NSS Labs lawsuit shakes infosec industry

  This week's Risk & Repeat podcast discusses NSS Labs' antitrust suit against several security vendors, including CrowdStrike and the Anti-Malware Testing Standards Organization.

• September 28, 2018 28 Sep'18

  UN exposes sensitive data on public Trello boards

  News roundup: The U.N. accidentally exposed credentials on public Trello boards. Plus, Uber is set to pay $148 million settlement following its 2016 data breach cover-up, and more.

• September 28, 2018 28 Sep'18

  DEF CON report: Election equipment plagued by 10-year-old flaw

  The DEF CON report from the 2018 Voting Village paints a troubling picture for election equipment vendors, including a machine with a flaw known since 2007 left unpatched.

• September 28, 2018 28 Sep'18

  Alphabet's Chronicle launches VirusTotal Enterprise

  VirusTotal has a new look, thanks to Alphabet's Chronicle, including new enterprise features for faster malware searches, as well as the ability to keep submitted data private.

• September 27, 2018 27 Sep'18

  Microsoft wants to eliminate passwords -- and there's an app for that

  At its Ignite 2018 conference, Microsoft declared an end to the password era and extended support for its Microsoft Authenticator app to Azure AD-connected apps.

• September 27, 2018 27 Sep'18

  Congressional websites need to work on TLS

  Congressional websites may not always have the best security, according to Joshua Franklin. Although, senators may be better at website security than House representatives.

• September 27, 2018 27 Sep'18

  Election website security a mess for states and candidates alike

  Joshua Franklin has been researching election website security for congressional candidates, and he found a lot of misconfigurations on official pages and other sites meant to confuse voters.

• September 26, 2018 26 Sep'18

  Controversial Chrome login feature to be partially rolled back

  Google will modify the next version of Chrome in an attempt to appease critics of the browser's cookie retention functionality and automatic Chrome login feature.

• September 26, 2018 26 Sep'18

  Browser Reaper POC exploit crashes Mozilla Firefox

  A security researcher developed a proof-of-concept attack on Firefox, called Browser Reaper, which can crash or freeze the browser. But he gave Mozilla short notice of the flaw.

• September 25, 2018 25 Sep'18

  Google Chrome sign-in changes cause confusion and concern

  Google Chrome sign-in changes are being criticized by experts, and poor communication from Google has led to more confusion about user privacy and consent.

• September 25, 2018 25 Sep'18

  Hardcoded credentials continue to bedevil Cisco

  Cisco hit by yet another new hardcoded credentials flaw, the latest in a long line of such flaws since last year, this time in its video surveillance manager appliance.

• September 25, 2018 25 Sep'18

  Cybersecurity Tech Accord expands with new members, partners

  Microsoft announced that, six months after its introduction, the Cybersecurity Tech Accord has nearly doubled its membership and partnered with the Global Forum on Cyber Expertise.

• September 24, 2018 24 Sep'18

  AI and machine learning expected to solve security problems

  A global Ponemon survey of security professionals found that many believe artificial intelligence and machine learning technology will improve enterprise and IoT security.

• September 21, 2018 21 Sep'18

  White House National Cyber Strategy praised by experts

  The new National Cyber Strategy released by the White House details plans for improving cybersecurity and garners positive early reviews from experts for its comprehensiveness.

• September 21, 2018 21 Sep'18

  Mirai botnet creators avoid jail time after helping the FBI

  News roundup: The Mirai botnet creators will not serve time in prison after they worked with the FBI. Plus, the Department of Defense updated its cyber strategy, and more.

• September 21, 2018 21 Sep'18

  CrowdStrike responds to NSS Labs lawsuit over product testing

  CrowdStrike and the Anti-Malware Testing Standards Organization responds the allegations made by NSS Labs in a bombshell antitrust suit over product testing practices.

• September 21, 2018 21 Sep'18

  State Department data breach exposes employee info

  A State Department data breach involving the agency's unclassified email system may have been due to a lack of multi-factor authentication, according to one expert.

• September 20, 2018 20 Sep'18

  Risk & Repeat: Trend Micro apps land in hot water

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss Trend Micro's Mac apps, which have come under fire for questionable data collection features.

• September 20, 2018 20 Sep'18

  GovPayNow leak exposes 14 million records dating back six years

  Experts question the security audit and government agency vetting that took place before the GovPayNow leak, which affected 14 million customer records dating back six years.

• September 19, 2018 19 Sep'18

  NSS Labs lawsuit takes aim at CrowdStrike, Symantec and ESET

  In an antitrust lawsuit, NSS Labs accused some of the top antimalware vendors in the industry, including CrowdStrike and Symantec, of conspiring to undermine its testing efforts.

• September 18, 2018 18 Sep'18

  WannaMine cryptojacker targets unpatched EternalBlue flaw

  Unpatched systems are still being targeted by the WannaMine cryptojacker, despite warnings and global cyberattacks using the EternalBlue exploit leaked from the NSA.

• September 14, 2018 14 Sep'18

  What the GAO Report missed about the Equifax data breach

  The Government Accountability Office investigated the Equifax data breach, but the GAO's report leaves out several important points about the infamous incident.

• September 14, 2018 14 Sep'18

  Researchers bring back cold boot attacks on modern computers

  The idea of cold boot attacks began 10 years ago, but researchers at F-Secure found the attack can be used on modern computers to steal encryption keys and other data.

• September 14, 2018 14 Sep'18

  British Airways data breach may be the work of Magecart

  News roundup: The British Airways data breach may be the handiwork of hacking group Magecart, according to researchers. Plus, hacker Guccifer will be extradited to U.S., and more.

• September 13, 2018 13 Sep'18

  Trend Micro apps fiasco generates even more questions

  In addition to other Trend Micro apps banished from the Mac App Store for gathering data inappropriately, the company has admitted to publishing the Open Any Files app.

• September 12, 2018 12 Sep'18

  Risk & Repeat: Inside the GAO's Equifax breach report

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Government Accountability Office's report on the Equifax breach and the questions it raises.

• September 12, 2018 12 Sep'18

  Microsoft patches Windows ALPC flaw exploited in the wild

  Microsoft's September 2018 Patch Tuesday release included a fix for the Windows ALPC vulnerability that was exploited in the wild for about two weeks before being patched.

• September 12, 2018 12 Sep'18

  Jake Braun discusses the Voting Village at DEF CON

  The Voting Village at DEF CON 26 expanded its scope to test every aspect of election security that it could. Organizer Jake Braun discusses how it went and what's next.

• September 11, 2018 11 Sep'18

  Trend Micro apps on Mac accused of stealing data

  Researchers claimed Trend Micro apps in the Mac App Store were stealing data. The company removed the offending features, but researchers are still not sold on Trend Micro's excuse.

• September 11, 2018 11 Sep'18

  Robot social engineering works because people personify robots

  Brittany 'Straithe' Postnikoff studied robot social engineering and found personification of robots can lead to effective attacks, regardless of whether or not AI is involved.

• September 07, 2018 07 Sep'18

  Another mSpy leak exposed millions of sensitive user records

  News roundup: An mSpy leak has again exposed millions of customer records on the internet. Plus, the FIDO Alliance launched a biometrics certification, and more.

• September 07, 2018 07 Sep'18

  Lazarus Group hacker charged in WannaCry, Sony attacks

  The Department of Justice charged one Lazarus Group hacker, Park Jin Hyok, for his role in the WannaCry attack, Sony hack, SWIFT banking theft and more.

• September 07, 2018 07 Sep'18

  Misconfigured Tor sites leave public IP addresses exposed

  The anonymity of Tor is once again under scrutiny, as a researcher finds misconfigured Tor sites can expose the public IP address connected to a dark web site.

• September 06, 2018 06 Sep'18

  Risk & Repeat: Fortnite flaw disclosure enrages Epic Games

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss the dispute between Google and Epic Games over a newly disclosed flaw in the Android version of Fortnite.

• September 05, 2018 05 Sep'18

  Five Eyes wants to weaken encryption, or legislation may be needed

  Five Eyes -- the government intelligence alliance between Australia, Canada, New Zealand, the U.K. and the U.S. -- vows not to weaken encryption, while pushing for encryption backdoors.

• August 31, 2018 31 Aug'18

  Another patched Apache Struts vulnerability exploited

  News roundup: A new Apache Struts vulnerability was exploited in the wild mere days after it was patched. Plus, Facebook removes app over privacy concerns and more.

• August 30, 2018 30 Aug'18

  Risk & Repeat: Are the Meltdown and Spectre flaws overhyped?

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss whether or not Meltdown and Spectre deserved to be nominated for the Pwnie Awards' Most Overhyped Bug.

• August 30, 2018 30 Aug'18

  Congress wants CVE program changes from DHS and MITRE

  In a letter to DHS and MITRE, Congress said CVE program management has been 'insufficient' and called for the program to receive more consistent funding and additional oversight.