RESOURCES


home.aspx
   
How To Get Rid Of Malware on Mac HOW TO GET RID OF MALWARE ON MAC

blog article

May 23, 2018

The modern-day malware is not easy to handle. Because there’s so many of them – adware, spyware, ransomware and more. And they just don’t affect Windows and Linux alone. Mac OS too are vulnerable. So if your using Mac and are of the thought that it won’t get affected, then yo...

Read More

Don’t fall into these hidden GDPR pitfalls DON’T FALL INTO THESE HIDDEN GDPR PITFALLS

blog article

May 22, 2018

With just weeks ahead of us, US companies are still unprepared for the EU’s General Data Protection Regulation (GDPR), according to Melissa – a global contact data quality and identity verification solutions provider. A survey conducted by NAPCO Research and Melissa requested feedback fr...

Read More

10 Tips to Reduce Common Vulnerabilities Exploited by Cybercriminals 10 TIPS TO REDUCE COMMON VULNERABILITIES EXPLOITED BY CYBERCRIMINALS

blog article

May 21, 2018

While it seems that today’s cybercriminals have a myriad of tricks and techniques at the ready to gain access to your network, the reality is that they are typically taking advantage of common vulnerabilities – such as unpatched software or default passwords – time and time again. ...

Read More

The Primary Factors Motivating Insider Threats THE PRIMARY FACTORS MOTIVATING INSIDER THREATS

blog article

May 21, 2018

There was once a time when the risk of an “insider threat” incident was relatively unknown, or simply not considered likely, within an organization. That time has quickly come and gone. With the rise in publicly-disclosed systems breaches and data leaks, along with the steady stream of s...

Read More

How to write a GDPR privacy notice HOW TO WRITE A GDPR PRIVACY NOTICE

blog article

May 21, 2018

If you’re just beginning your EU General Data Protection Regulation (GDPR)compliance journey, it’s unlikely you will be fully compliant by the time the Regulation is enforced on May 25, 2018. An integral part of your GDPR compliance project should be producing appropriate documentation, ...

Read More

What is a Virus Scanner? How do they work and protect your devices WHAT IS A VIRUS SCANNER? HOW DO THEY WORK AND PROTECT YOUR DEVICES

blog article

May 19, 2018

An anti-virus scanner is part and parcel of a free antivirus software, it scans a hard drive to detect malicious software in a computing device. Simply put, the goal-directed nature of a virus scanner software is to review and identify threats from viruses and programs. Anti virus scanner works in a...

Read More

Rootkit: What is Rootkit & it’s types? How to Detect it ROOTKIT: WHAT IS ROOTKIT & IT’S TYPES? HOW TO DETECT IT

blog article

May 18, 2018

In simple language, ‘rootkit’ is basically a software kit used to get to the root of the computer. In other words, a software kit used to gain admin access to the computer and thereby control it. Developed as a legitimate software to provide a ‘backdoor’ to software developer...

Read More

GDPR phishing scams target Apple and Airbnb customers GDPR PHISHING SCAMS TARGET APPLE AND AIRBNB CUSTOMERS

blog article

May 18, 2018

With just days until the EU General Data Protection Regulation (GDPR) is enforced, many organizations are updating their privacy policies and emailing customers to ensure they are aware of the changes. Cyber criminals are taking advantage of this through GDPR-related phishing scams. Apple and Airbnb...

Read More

5 Top-Rated Antivirus Apps For Android 5 TOP-RATED ANTIVIRUS APPS FOR ANDROID

blog article

May 17, 2018

Despite Google’s immense efforts in securing Android; the widely-used operating system remains vulnerable to numerous online threats. The best way to steer clear of the threats is to install the best antivirus app for Android devices. Some of us may feel that there is no need to install a free...

Read More

The Best Anti-Virus Protection of 2018 – Top AV Protection Programs THE BEST ANTI-VIRUS PROTECTION OF 2018 – TOP AV PROTECTION PROGRAMS

blog article

May 16, 2018

Malware creators are nefarious to the point that they make fatal infections to extract your financial related information or keep your PC from working by any methods. What you require for a perfect virus protection is the best antivirus programming on your PC. Because of the fortunate stars, as the ...

Read More

4 Ways to Defend Against Pretexting Scams 4 WAYS TO DEFEND AGAINST PRETEXTING SCAMS

blog article

May 16, 2018

Contrary to belief, insider threats are not always employees looking to steal company data and information with malicious intent. Many instances of data exfiltration at the hands of insiders are the result of simple mistakes, such as responding to a pretexting email. These unintentional insider thre...

Read More

NIST seeks feedback on its updated Risk Management Framework NIST SEEKS FEEDBACK ON ITS UPDATED RISK MANAGEMENT FRAMEWORK

blog article

May 16, 2018

The National Institute of Standards and Technology (NIST) has released a draft of its update to the Risk Management Framework (RMF), designed to help federal agencies and companies safeguard their information systems from cyber threats. The update will help organizations respond appropriately to pri...

Read More

What’s the Difference between a Penetration Test and a Vulnerability Assessment? WHAT’S THE DIFFERENCE BETWEEN A PENETRATION TEST AND A VULNERABILITY ASSESSMENT?

blog article

May 14, 2018

In the world of cybersecurity, nothing is static. The cyber threat environment is dynamic and evolving. There are new vulnerabilities discovered on a daily basis. Attacks are getting more sophisticated – they’re getting more complex and flying under the radar of traditional detection tec...

Read More

Researchers use new technique to target Android phones RESEARCHERS USE NEW TECHNIQUE TO TARGET ANDROID PHONES

blog article

May 14, 2018

It appears that researchers have found a new way to hack smartphones. The technique is called ‘Rowhammer’, in which hackers manipulate the physical electric charge in memory chips, corrupting the data and even running specific code. The cyber attack is able to compromise fundamental comp...

Read More

The Cyber Security Skills Gap is Getting Wider THE CYBER SECURITY SKILLS GAP IS GETTING WIDER

blog article

May 14, 2018

For any cyber security specialist who’s due a pay review, recently published threat reports make worthwhile reading. The latest annual roundup from FireEye confirms the Cyber Security Skills Gap as one of the biggest risks facing businesses. Specialists in this area are dubbed a “scarce ...

Read More

GDPR: 3 Ways to Protect Employees & Decrease Insider Threat Risk GDPR: 3 WAYS TO PROTECT EMPLOYEES & DECREASE INSIDER THREAT RISK

blog article

May 11, 2018

It might not seem like it, thanks to the added work it has created for organizations inside and outside of the EU, but the new GDPR compliance regulations were designed with the benefit of people in mind. The goal: “to protect all EU citizens from privacy and data breaches in an increasingly d...

Read More

NIST and automotive industry collaborate on new cybersecurity guidelines NIST AND AUTOMOTIVE INDUSTRY COLLABORATE ON NEW CYBERSECURITY GUIDELINES

blog article

May 09, 2018

Cybersecurity threats are on the rise. In response, the Automotive Industry Action Group (AIAG) has released the Cyber Security 3rd Party Information Security publication, which details cybersecurity guidelines for the automotive industry. The idea for the guidelines came about when a manufacturer a...

Read More

6 practical cybersecurity tips for SMEs 6 PRACTICAL CYBERSECURITY TIPS FOR SMES

blog article

May 07, 2018

Any business that employs fewer than 250 people can be categorized as a small and medium-sized enterprise (SME). There are more SMEs than there are corporations and overall, SMEs employ more people. SMEs serve as a driving force for competition and innovation in many economic sectors. Media coverage...

Read More

NIS Regulations – get our updated compliance guide NIS REGULATIONS – GET OUR UPDATED COMPLIANCE GUIDE

blog article

May 04, 2018

The EU Directive on security of network and information systems (NIS Directive) must be transposed into national law by 10 May 2018. The Directive requires operators of essential services (OES) and digital service providers (DSPs) to implement effective security measures appropriate to associated ri...

Read More

What is Computer Worm? How does it Spreads WHAT IS COMPUTER WORM? HOW DOES IT SPREADS

blog article

May 02, 2018

A computer worm is a type of malware which is intended for infecting vulnerable computers in a network. Computer worms tend to quickly replicate themselves and wiggle their way into poorly protected computers. Even today worms exist, the worm component of the dreaded Wanna Cry ransomware made it pos...

Read More

UnityPoint Health email accounts compromised in phishing attack UNITYPOINT HEALTH EMAIL ACCOUNTS COMPROMISED IN PHISHING ATTACK

blog article

May 01, 2018

UnityPoint Health has revealed that several employee email accounts were subject to a phishing attack . Upon discovery of the incident on February 15, UnityPoint changed the passwords of the affected accounts and enrolled forensic specialists to investigate. Affected information included patient nam...

Read More

When should an organization report a data breach? WHEN SHOULD AN ORGANIZATION REPORT A DATA BREACH?

blog article

Apr 27, 2018

From May 25, 2018, compliance with the EU General Data Protection Regulation(GDPR) will be mandatory for organizations that process EU residents’ personal information. The Regulation joins a number of US federal and state laws that hold organizations accountable for mitigating and managing inf...

Read More

Insider Threats Remain #1 Security Headache for Organizations, Research Shows INSIDER THREATS REMAIN #1 SECURITY HEADACHE FOR ORGANIZATIONS, RESEARCH SHOWS

blog article

Apr 27, 2018

Businesses cannot come up with a mitigation strategy to efficiently detect, identify and manage insider threats, according to research from the Ponemon Institute, so they risk the loss of critical confidential data and resources, network shutdown and reputational damage. In the past year, 159 organi...

Read More

Flawed routers with hardcoded passwords were manufactured by firm that posed “national security risk” to UK FLAWED ROUTERS WITH HARDCODED PASSWORDS WERE MANUFACTURED BY FIRM THAT POSED “NATIONAL SECURITY RISK” TO UK

blog article

Apr 27, 2018

Earlier this month the UK’s National Cyber Security Centre (NCSC) issued a warning to telecoms firms about the potential risks posed by devices manufactured by Chinese-state owned enterprise ZTE. “NCSC assess that the national security risks arising from the use of ZTE equipment or servi...

Read More

5 ways to improve your information security 5 WAYS TO IMPROVE YOUR INFORMATION SECURITY

blog article

Apr 25, 2018

Organizations are always looking for ways to improve their security posture, but the process is often frustrating. As soon as they secure one weakness, cyber criminals find another one. But if you take a step back, you’ll notice that, as much as cyber criminals’ tactics evolve, they alwa...

Read More

Yahoo gets $35 million slap on wrist for failing to disclose colossal 2014 data breach YAHOO GETS $35 MILLION SLAP ON WRIST FOR FAILING TO DISCLOSE COLOSSAL 2014 DATA BREACH

blog article

Apr 25, 2018

In an ongoing investigation by the Securities and Exchange Commission, Yahoo (now Altaba) has been fined $35 million for failing to report a known data breach in two straight years of SEC filings. Publicly traded companies in the United States are required by law to disclose any mishaps that may imp...

Read More

NIST releases updated version of the Cybersecurity Framework NIST RELEASES UPDATED VERSION OF THE CYBERSECURITY FRAMEWORK

blog article

Apr 24, 2018

After circulating a draft in December and accepting feedback, on April 16, 2018, the US Department of Commerce’s National Institute of Standards and Technology (NIST) released version 1.1 of its Cybersecurity Framework (CSF). Formally titled “Framework for Improving Critical Infrastructu...

Read More

Why you shouldn’t ignore the NIS Directive WHY YOU SHOULDN’T IGNORE THE NIS DIRECTIVE

blog article

Apr 24, 2018

By 9 May 2018, the Directive on security of network and information systems (NIS Directive) will have been transposed into UK law. However, unlike the EU General Data Protection Regulation (GDPR) (GDPR), which organisations are currently scrambling to comply with, there is little commotion about the...

Read More

List of free GDPR resources LIST OF FREE GDPR RESOURCES

blog article

Apr 23, 2018

The General Data Protection Regulation (GDPR) will be enforced from May, requiring all organizations that handle EU residents’ data to abide by its strict terms. If yours is one of the millions of organizations that need to comply with the GDPR, then no doubt you are getting slightly hot under...

Read More

Cybersecurity Metrics Your Board of Directors Should Care About & Why CYBERSECURITY METRICS YOUR BOARD OF DIRECTORS SHOULD CARE ABOUT & WHY

blog article

Apr 23, 2018

Businesses today are going through an incredible digital transformation – moving to the cloud, embracing the Internet of Things (IoT), implementing automation, etc. – all at a lightning fast pace. This is opening them up to new and expanding cybersecurity threats that are difficult to ma...

Read More

Cybersecurity of smart medical devices, hospital networks is top priority for the FDA CYBERSECURITY OF SMART MEDICAL DEVICES, HOSPITAL NETWORKS IS TOP PRIORITY FOR THE FDA

blog article

Apr 20, 2018

Securing medical devices is a top priority after countless vulnerabilities have been detected in connected medical devices and hospital infrastructures. Not only are hospital networks exposed to remote hacker attacks and security breaches, but they also struggle with insider threats and major errors...

Read More

Women Underrepresented at RSAC - Let WOMEN UNDERREPRESENTED AT RSAC - LET'S DO SOMETHING ABOUT IT

blog article

Apr 20, 2018

Although I’m excited to be at the RSA Conference with my Morphisec colleagues, it reminds me of the impetus for starting our Women in Cybersecurity Scholarship. Of 28 keynote speakers at RSAC, only seven are women, and six of these were added at the last minute following a string of scathing t...

Read More

Best Free Anti-Spyware and Antivirus Removal Software BEST FREE ANTI-SPYWARE AND ANTIVIRUS REMOVAL SOFTWARE

blog article

Apr 19, 2018

Spyware is a type of malicious software that secretly monitors and collects user information from PCs without their knowledge. It can gather valuable information such as user passwords, credit card details, and other confidential information by secretly recording user’s keystrokes and web brow...

Read More

THREAT INTELLIGENCE BRIEF: APRIL 18, 2018 THREAT INTELLIGENCE BRIEF: APRIL 18, 2018

blog article

Apr 18, 2018

“Great Western Railway urges online customers to update passwords after cyber-attack. The firm said hackers used an automated system to gain access to 1,000 customer accounts on its website and is taking action. While only a very small number of accounts have been affected by the attack, cyber...

Read More

Securing Your Organization SECURING YOUR ORGANIZATION'S HUMAN LAYER

blog article

Apr 18, 2018

In my time in the trenches, and in my previous role as a Gartner research analyst and industry advisor, I spent a LOT of time helping organizations across the world think through their cybersecurity programs. Much of this time was thinking through the defensive measures and how technology can assist...

Read More

U.S. official warns of U.S. OFFICIAL WARNS OF 'UNINTENDED CONSEQUENCES' OF EUROPEAN DATA PRIVACY LAW

blog article

Apr 18, 2018

SAN FRANCISCO (Reuters) - U.S. Department of Homeland Security Secretary Kirstjen Nielsen warned on Tuesday that a European data privacy law taking effect next month may have “unintended consequences” that harm the United States’ ability to protect itself from cyber attacks. The Eu...

Read More

US, UK issue odd warning about Russian hackers US, UK ISSUE ODD WARNING ABOUT RUSSIAN HACKERS

blog article

Apr 17, 2018

The U.S. Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), and the UK’s National Cyber Security Centre (NCSC) have today issued a joint Technical Alert about malicious cyber activity carried out by the Russian government. To summarize the alert - It claims hackers t...

Read More

New York City to offer free cybersecurity tools to deter criminal hackers NEW YORK CITY TO OFFER FREE CYBERSECURITY TOOLS TO DETER CRIMINAL HACKERS

blog article

Apr 17, 2018

New York Mayor Bill de Blasio recently announced that, in an effort to improve cybersecurity, the city will be offering a free mobile app that warns users when suspicious activity is detected on their devices. The program, NYC Secure, is a pioneering cybersecurity initiative protecting New Yorkers o...

Read More

Cyber-nationalism in Cybersecurity Standards CYBER-NATIONALISM IN CYBERSECURITY STANDARDS

blog article

Apr 16, 2018

There are a variety of global standards that have been created to provide guidance to Industrial Control System (ICS) vendors and end users attempting to secure systems.  Examples include ISA/IEC 62443, and ISO/IEC 15408.  Many countries are utilizing these globally accepted standards to d...

Read More

The Cyber Threat Alliance – Stopping Attackers in their Tracks THE CYBER THREAT ALLIANCE – STOPPING ATTACKERS IN THEIR TRACKS

blog article

Apr 16, 2018

When you think about the future of threat intelligence, we can all agree that threats morph, constantly. Sophisticated new botnets, the increase in DDoS-as-a-Service tools, and the rise in cryptocurrency are creating an unpredictable environment where even novice attackers can demand ransoms, carry ...

Read More

Is blockchain the alchemy to DDoS attacks? IS BLOCKCHAIN THE ALCHEMY TO DDOS ATTACKS?

blog article

Apr 12, 2018

DDoS(Denial of Distributed Service) attack is a type of cyber attack that involves a large number of computers and huge volumes of traffic to overwhelm a server or network, slowing it or rendering it completely unresponsive. Victims of a DDoS attack consist of both the end targeted system and all sy...

Read More

Kick-start your career in information security management KICK-START YOUR CAREER IN INFORMATION SECURITY MANAGEMENT

blog article

Apr 12, 2018

Attendees will gain a solid understanding of risk management, technical controls, legal frameworks, physical security, international standards and business continuity, including. The concepts relating to information security management, including confidentiality, integrity and availability (CIA). vu...

Read More

The GDPR: What technical measures do you need to conduct? THE GDPR: WHAT TECHNICAL MEASURES DO YOU NEED TO CONDUCT?

blog article

Apr 12, 2018

Many organisations’ network security defences consist only of patch management and antivirus software. Those are essential, but so is reviewing configurations, third-party applications and hardware. This is what vulnerability scans do. A vulnerability scan is an automated process that finds an...

Read More

Securing Critical Infrastructure in the Wake of Unprecedented Cyber Threats SECURING CRITICAL INFRASTRUCTURE IN THE WAKE OF UNPRECEDENTED CYBER THREATS

blog article

Apr 11, 2018

Last year saw a worrying trend in the cybersecurity attack arena as critical infrastructure came under fire, with many suggesting in 2018 these attacks could escalate. Various defense departments warned of nation-state campaigns targeting operational technology (OT) within the energy sector and nucl...

Read More

Why ISO 27001 is integral to data protection compliance WHY ISO 27001 IS INTEGRAL TO DATA PROTECTION COMPLIANCE

blog article

Apr 10, 2018

With the EU General Data Protection Regulation (GDPR)’s compliance deadline looming, any organisation that processes EU residents’ data will likely be investigating implementation options to help tackle its compliance project, if it hasn’t already done so. Supervisory authorities s...

Read More

GDPR for Marketing: The Definitive Guide for 2018 GDPR FOR MARKETING: THE DEFINITIVE GUIDE FOR 2018

blog article

Apr 09, 2018

The General Data Protection Regulation (GDPR) is a new digital privacy regulation being introduced on the 25th May, 2018. It standardizes a wide range of different privacy legislation’s across the EU into one central set of regulations that will protect users in all member states. Put simply, ...

Read More

How blockchain could solve the internet privacy problem HOW BLOCKCHAIN COULD SOLVE THE INTERNET PRIVACY PROBLEM

blog article

Apr 09, 2018

Blockchain, with its encrypted and immutable record, will eventually be used create universal digital identities, filled with information that only we will control and that will link back to the issuing banks, governments or even employers. Fintech firms, software makers, telecom providers and other...

Read More

A Brief History of Malware — Its Evolution and Impact A BRIEF HISTORY OF MALWARE — ITS EVOLUTION AND IMPACT

blog article

Apr 05, 2018

A brief look at the history of malware shows us that this malicious menace has been with us since the dawn of computing itself. According to Scientific American, the idea of a computer virus extends back to 1949, when early computer scientist John von Neumann wrote the “Theory and Organization...

Read More

In Plain Sight: Why Military Veterans Are a Great Fit for Cybersecurity Careers IN PLAIN SIGHT: WHY MILITARY VETERANS ARE A GREAT FIT FOR CYBERSECURITY CAREERS

blog article

Apr 05, 2018

Cybersecurity is a major concern for businesses worldwide. Just look at the results from “The Third Annual Study on the Cyber Resilient Organization” by IBM and the Ponemon Institute: The 2018 study found 65 percent of security professionals believe the severity of cyberattacks has incre...

Read More

Crossing the watershed – digital skills crises will soon be history CROSSING THE WATERSHED – DIGITAL SKILLS CRISES WILL SOON BE HISTORY

blog article

Apr 04, 2018

There is no shortage of talent, only of employers who train that talent. Thirty years ago it took around 18 months turn a University Graduate into a competent analyst programmer. During that second year about 30% left for more money. Hence the reluctance to train and sporadic skills “crises&ld...

Read More

IBM X-Force Report: Fewer Records Breached in 2017 IBM X-FORCE REPORT: FEWER RECORDS BREACHED IN 2017

blog article

Apr 04, 2018

The 2018 IBM X-Force Threat Intelligence Index has found the number of records breached dropped nearly 25 percent in 2017, as cybercriminals shifted their focus on launching ransomware and destructive attacks that lock or destruct data unless the victim pays a ransom. Last year, more than 2.9 billio...

Read More

Annual Cybersecurity Report: Impacts on Government ANNUAL CYBERSECURITY REPORT: IMPACTS ON GOVERNMENT

blog article

Apr 03, 2018

In our just released 2018 Annual Cybersecurity Report: Impacts on Government, we found that cyber attacks against agencies across the U.S. are increasing every day. From ransomware and distributed denial of service (DDoS) to IoT botnets and cryptojacking, the mix of threats are also becoming more le...

Read More

Protective Layers – Cybersecurity for Healthcare PROTECTIVE LAYERS – CYBERSECURITY FOR HEALTHCARE

blog article

Apr 03, 2018

Layered defense is key to a successful Cybersecurity Strategy in Healthcare which starts with endpoint management. The number of internet connected (IoT) devices is exploding. In a healthcare setting, these “endpoint” devices not only provide significant new opportunities for improving p...

Read More

How CISMP can help your information security career HOW CISMP CAN HELP YOUR INFORMATION SECURITY CAREER

blog article

Apr 03, 2018

A career in information security management is very alluring: it’s rewarding, there’s a high demand for skilled professionals and it comes with a generous salary. All you need to do to get started is gain a Certificate in Information Security Management Principles (CISMP). CISMP provides...

Read More

What Changes Q1 Brought to Cybersecurity WHAT CHANGES Q1 BROUGHT TO CYBERSECURITY

blog article

Apr 02, 2018

So far, 2018 has brought a number of new trends to the cybersecurity space, some of which were predicted correctly and some were not. Mari Galloway, director of finance and communications at the Women's Society of Cyberjutsu looked at what Q1 brought us. The first quarter of 2018, what an intere...

Read More

OPM tells agencies how to respond to cyber workforce needs OPM TELLS AGENCIES HOW TO RESPOND TO CYBER WORKFORCE NEEDS

blog article

Apr 02, 2018

The Office of Personnel Management released updated guidance to help agencies identify and address critical cybersecurity workforce needs. The document sets out a series of timelines detailing how agencies should identify and classify high-value IT and cybersecurity positions before developing actio...

Read More

WHAT DOES A CYBER THREAT HUNTER DO? WHAT DOES A CYBER THREAT HUNTER DO?

blog article

Apr 02, 2018

Learn about what a cyber threat hunter does in Data Protection 101, our series on the fundamentals of information security. The cyber threat hunter role is becoming increasingly important in the modern enterprise, as companies strive to stay ahead of the latest threats and implement rapid response t...

Read More

Treat Security Data With the Same Purpose as Financial Data TREAT SECURITY DATA WITH THE SAME PURPOSE AS FINANCIAL DATA

blog article

Mar 30, 2018

Data is a precious and vehemently defended resource within financial organizations. In most instances, financial data must be verified for accuracy and the results are well documented, retained and accessible for reference at any time. Additionally, scenarios that result in high profitability or lar...

Read More

State of Software Security: Checking the Pulse of the Healthcare Industry STATE OF SOFTWARE SECURITY: CHECKING THE PULSE OF THE HEALTHCARE INDUSTRY

blog article

Mar 30, 2018

Over the past year, our scans of thousands of applications and billions of lines of code found a widespread weakness in applications, which is a top target of cyber attackers. And when you zoom in from a big picture view down to a micro-level, there are a few industries that are struggling to keep u...

Read More

Healthcare Cybersecurity Vulnerabilities HEALTHCARE CYBERSECURITY VULNERABILITIES

blog article

Mar 29, 2018

Do you know where your healthcare system is vulnerable?  As new technology and innovation continue to emerge in healthcare, vulnerabilities aren’t falling behind and pop up everywhere.  So, what can you do? To protect your organizations, first of all, you need to be aware of the most...

Read More

Banks in Denial over Their Resilience to DDoS attacks BANKS IN DENIAL OVER THEIR RESILIENCE TO DDOS ATTACKS

blog article

Mar 28, 2018

Are retail and investment banks in denial about being adequately protected from the frequent advanced DDoS attacks they’re getting hit with today? It is mid-March 2018 – just three months into the year and 3 major banks have already been taken offline by DDoS attacks, making global headl...

Read More

Key Findings of 2018 Cyber Threat Report and How Government Can Respond KEY FINDINGS OF 2018 CYBER THREAT REPORT AND HOW GOVERNMENT CAN RESPOND

blog article

Mar 28, 2018

Symantec’s 2018 Internet Security Threat Report is here. Based on data collected by Symantec’s massive security infrastructure (the largest civilian threat collection network in the world), the report has become the de facto standard for giving enterprises and public organizations essent...

Read More

NIST Cybersecurity Framework Series Part 3: Detect NIST CYBERSECURITY FRAMEWORK SERIES PART 3: DETECT

blog article

Mar 28, 2018

Enterprise chief information security officers have their work cut out for them in the current threat landscape. As attack and infection strategies become more complex and difficult to predict, the business’s CISO must ensure that the organization’s most critical information assets and t...

Read More

Push for Progress: Empowering Women in Cybersecurity With Voice, Vision and Innovation PUSH FOR PROGRESS: EMPOWERING WOMEN IN CYBERSECURITY WITH VOICE, VISION AND INNOVATION

blog article

Mar 27, 2018

International Women’s Day has come and gone, but that doesn’t mean the push for progress is over. All across the world — in industries far and wide — women were celebrated for their accomplishments on March 8. Here at IBM, women were asked to submit a video or photo to demons...

Read More

Strengthen Cybersecurity Through a United Industry STRENGTHEN CYBERSECURITY THROUGH A UNITED INDUSTRY

blog article

Mar 23, 2018

Every process requires detail, precision and collaboration. If all of the components of the process aren’t working together, it fails. And that can result in catastrophe. As an example, let’s consider a relatively simple machine and one of its primary components: the bicycle and, more sp...

Read More

A preview of the new NIST Cybersecurity Framework A PREVIEW OF THE NEW NIST CYBERSECURITY FRAMEWORK

blog article

Mar 23, 2018

The NIST Cybersecurity Framework has become the de facto set of guidelines for critical infrastructure organizations to assess information security risk and implement adequate cybersecurity measures to manage risk, while protecting consumer privacy. Since being published in February 2014, the framew...

Read More

The Top 5 Application Security Activities for GDPR Compliance - Part II THE TOP 5 APPLICATION SECURITY ACTIVITIES FOR GDPR COMPLIANCE - PART II

blog article

Mar 21, 2018

When looking at any modern application, one will find a myriad of components, frameworks, APIs and code snippets written by various developers inside and outside your organization. Not all of them are as secure as they should be, and not all of them default to the most secure protocol, design patter...

Read More

Small Steps Towards a Secure IoT SMALL STEPS TOWARDS A SECURE IOT

blog article

Mar 21, 2018

A few weeks ago, the UK’s Department for Digital, Culture, Media and Sport, along with the National Cyber Security Centre, released a public draft of a new report into the security of IoT devices. The “Proposed Code of Practice for Security in Consumer IoT Products and Associated Service...

Read More

Did Microsoft admit that Surface Pro 4 Flickergate is a hardware problem? DID MICROSOFT ADMIT THAT SURFACE PRO 4 FLICKERGATE IS A HARDWARE PROBLEM?

blog article

Mar 21, 2018

The infamous problem with screen flicker and shaking on the Surface Pro 4 – a problem so ubiquitous it spawned the flickergate.com web site – may be nearing a resolution. Finally. I’ve been talking about the Surface Pro 4 flickering and shaking problem since October 2015. In April ...

Read More

STOP. THINK. CONNECT.™ Partnership for Systemwide Information Security Awareness STOP. THINK. CONNECT.™ PARTNERSHIP FOR SYSTEMWIDE INFORMATION SECURITY AWARENESS

blog article

Mar 21, 2018

By becoming a STOP. THINK. CONNECT.™ partner, UC joined more than 700 organizations worldwide making a difference in online safety and cybersecurity. Several UC locations, as well as the systemwide Information Security Awareness Workgroup, were already using STOP. THINK. CONNECT.™ resour...

Read More

How to Get Vital Cybersecurity Messages to Resonate in Higher Ed HOW TO GET VITAL CYBERSECURITY MESSAGES TO RESONATE IN HIGHER ED

blog article

Mar 20, 2018

Higher education IT professionals want — and need — to keep students informed about cybersecurity breaches and loss prevention, but the message may not be getting through, according to a CDW survey of 250 IT staff and 300 students. Here’s one example of the disconnect: 82 percent o...

Read More

Do IT Pros Consider Security When Purchasing Software? DO IT PROS CONSIDER SECURITY WHEN PURCHASING SOFTWARE?

blog article

Mar 19, 2018

Traditionally, security was about cost avoidance. It was thought of like insurance – something you have to have in case something bad happens, but not something that would boost the bottom line or attract customers. But in today’s environment, we are increasingly seeing that security is ...

Read More

Decrypting JobCrypter DECRYPTING JOBCRYPTER

blog article

Mar 19, 2018

Ransomware has been a growing issue for some time now. It has evolved into a big business, moving millions of dollars yearly from victims’ pockets into those of attackers. The modus operandi of ransomware authors is to infect your machine through any vector (phishing, drive-by browser exploits...

Read More

8 questions to ask about your industrial control systems security 8 QUESTIONS TO ASK ABOUT YOUR INDUSTRIAL CONTROL SYSTEMS SECURITY

blog article

Mar 19, 2018

A recent incident where a likely nation-state threat actor inadvertently shut down a critical infrastructure facility in the Middle East when testing new malware has stoked widespread concerns about the vulnerability of industrial control systems (ICSs) to new cyberthreats. Many security experts see...

Read More

The US Cities that are Best at Password Security THE US CITIES THAT ARE BEST AT PASSWORD SECURITY

blog article

Mar 18, 2018

New research reveals the US cities that are best at password security, with Minneapolis topping the list. A study by password manager Dashlane scores cities based on several metrics, including average password strength and average number of reused passwords. Mess With Texas Things might be bigger in...

Read More

An introduction to the NIST Risk Management Framework AN INTRODUCTION TO THE NIST RISK MANAGEMENT FRAMEWORK

blog article

Mar 16, 2018

The Risk Management Framework (RMF) is a set of information security policies and standards for federal government developed by The National Institute of Standards and Technology (NIST). The RMF is covered specifically in the following NIST publications: The Risk Management Framework (RMF) is a set ...

Read More

Introducing CA Veracode Verified INTRODUCING CA VERACODE VERIFIED

blog article

Mar 15, 2018

Are you struggling to respond to customer and prospect concerns about the security of your application? Do you know what good application security looks like, or how to get there? CA Veracode is pleased to announce the CA Veracode Verified program. With CA Veracode Verified, you prove at a glance th...

Read More

Threat Hunting: Common Attack Vectors and Delivery Channels THREAT HUNTING: COMMON ATTACK VECTORS AND DELIVERY CHANNELS

blog article

Mar 12, 2018

It’s generally accepted that the best defense is a good offense. In cybersecurity terms that means taking a more proactive approach to catching our cyber adversaries. Cyber threat hunting is an effective method for searching your network for malware and other threats that have evaded tradition...

Read More

The cost of a cyber attack THE COST OF A CYBER ATTACK

blog article

Mar 09, 2018

With the risk of a cyber attack now being classed as the top threat to organisations, it’s vital to have the right cyber security measures in place to protect your organisation from an attack. It’s not just an organisation’s reputation that can be damaged by a data breach – t...

Read More

How to Prevent a Breach From Spring Break HOW TO PREVENT A BREACH FROM SPRING BREAK

blog article

Mar 08, 2018

Spring Break, the latest named vulnerability, is more serious than the moniker implies. Spring Break is a critical remote code execution vulnerability in Pivotal Spring REST, one of the most popular frameworks for building web applications, and the effects of this vulnerability are widespread. A pat...

Read More

Maturity models in cyber security: what MATURITY MODELS IN CYBER SECURITY: WHAT'S HAPPENING TO THE IAMM?

blog article

Mar 08, 2018

Most generally, a maturity model is a tool for assessing an organisation's effectiveness at achieving a particular goal. They enable organisations to identify where their practices are weak or not taken seriously and where their practices are truly embedded. In the context of cyber security, mat...

Read More

HOW QUICKLY WILL YOU RECOVER FROM A CYBER ATTACK? HOW QUICKLY WILL YOU RECOVER FROM A CYBER ATTACK?

blog article

Mar 07, 2018

Protecting your business emails is about more than just filtering out spam, malware, and business e-mail compromise emails. In the context of migrating to Microsoft Office 365 and other cloud-based systems, email becomes an even more critical lifeline for the business – and a broader cyber res...

Read More

Morphisec Uncovers New Attack Vector Named CIGslip That Bypasses Microsoft Code Integrity Guard (CIG) MORPHISEC UNCOVERS NEW ATTACK VECTOR NAMED CIGSLIP THAT BYPASSES MICROSOFT CODE INTEGRITY GUARD (CIG)

blog article

Mar 07, 2018

Morphisec researchers Michael Gorelik and Andrey Diment have discovered CIGslip, a new method which can be exploited by attackers to bypass Microsoft’s Code Integrity Guard (CIG) and load malicious libraries into protected processes such as Microsoft Edge. The new attack vector manipulates the...

Read More

The Trends Are In: Cisco’s 2018 Cybersecurity Report THE TRENDS ARE IN: CISCO’S 2018 CYBERSECURITY REPORT

blog article

Mar 07, 2018

Recently, Cisco published the 2018 Annual Cybersecurity Report providing analysis and insights on the latest security trends and threats across the industry. John N. Stewart, Cisco’s Senior Vice President, Chief Security and Trust Officer captured the highlights in his latest blog, but I wante...

Read More

AppSec Buyers’ Insights: Binary vs. Source Code Scanning APPSEC BUYERS’ INSIGHTS: BINARY VS. SOURCE CODE SCANNING

blog article

Mar 06, 2018

The discussion surrounding which is superior – binary or source code scanning – has plagued the static analysis market since its inception. A source code scanner analyzes un-compiled code, whereas a binary scanner analyzes compiled code, but in the end, the result is the same. They are s...

Read More

2018 SonicWall Cyber Threat Report: Actionable Intelligence for the Cyber Arms Race 2018 SONICWALL CYBER THREAT REPORT: ACTIONABLE INTELLIGENCE FOR THE CYBER ARMS RACE

blog article

Mar 06, 2018

Make no mistake, we are in a global cyber arms race. But it can’t be won alone: we are in this together. That is why SonicWall is passing along findings, intelligence, analysis and research from our SonicWall Capture Labs to you today in our 2018 SonicWall Cyber Threat Report. By sharing actio...

Read More

3 STRATEGIES FOR WHEN MANAGEMENT DOESN’T GET THE IMPORTANCE OF INFORMATION SECURITY 3 STRATEGIES FOR WHEN MANAGEMENT DOESN’T GET THE IMPORTANCE OF INFORMATION SECURITY

blog article

Mar 05, 2018

The information security industry is broken. We talk about it all the time. There are things that happen constantly in our industry that put data (and people) at risk.  One of those things is management groups who don’t fully understand the importance of information security as a business...

Read More

CRYPTOMINING GOLD RUSH ONE GANG RAKES IN $7M OVER 6 MONTHS CRYPTOMINING GOLD RUSH ONE GANG RAKES IN $7M OVER 6 MONTHS

blog article

Mar 05, 2018

The bloom is on the criminal cryptomining of computer resources and the reason is obvious – it’s lucrative. One cryptomining gang tracked by researchers over the past six months minted $7 million with the help of 10,000 computers infected with mining malware. The rise of malicious crypto...

Read More

Web-based attacks still reign supreme according to the EU Cybersecurity Agency WEB-BASED ATTACKS STILL REIGN SUPREME ACCORDING TO THE EU CYBERSECURITY AGENCY

blog article

Mar 02, 2018

Web-based attacks and malware do not just hold the cybercrime crown, but they’re on the rise — that’s according to the latest Threat Landscape Report by the EU Agency for Network and Information Security (ENISA). In its sixth annual report, ENISA also reported that in 2017 attacker...

Read More

Breach Costs Equifax $275 Million Dollars BREACH COSTS EQUIFAX $275 MILLION DOLLARS

blog article

Mar 02, 2018

March 2, 2018 — Equifax Inc said today that it expects $275 million in costs in 2018 related to the credit reporting company’s massive data breach last year, offset by $75 million in insurance proceeds. The costs mainly reflect technology and data security upgrades, legal fees, and the o...

Read More

U.S. cybersecurity threat risk remains high -- no signs of lessening U.S. CYBERSECURITY THREAT RISK REMAINS HIGH -- NO SIGNS OF LESSENING

blog article

Feb 27, 2018

The United States’ cybersecurity in both the public and private sectors is at continual risk, according to Director of National Intelligence (DNI) Daniel R. Coats. And the country should expect attacks from both nation state and non-state actors. Furthermore, the “potential for surprise&...

Read More

CATCH UP ON THE PAST WEEK CATCH UP ON THE PAST WEEK'S CYBERSECURITY NEWS

blog article

Feb 27, 2018

Security and compliance were hot topics this week.  A malware attack hit government computers in Pennsylvania, Snapchat disclosed a phishing attack that exposed more than 55,000 users, while the SEC and the state of Colorado are moving to make cyberattacks more transparent. Risk management and ...

Read More

32 Cybersecurity Experts Predict Threats and Trends for 2018 32 CYBERSECURITY EXPERTS PREDICT THREATS AND TRENDS FOR 2018

blog article

Feb 26, 2018

Cybersecurity continues to be a hot topic in both media and business. The reasons are evident – the last two years saw consistent growth in cyber breaches with 2017 hitting a new record high. Namely, the recent 2017 Annual Data Breach Year-End Review by Identity Theft Resource Center revealed ...

Read More

My Cybersecurity Predictions for 2018 MY CYBERSECURITY PREDICTIONS FOR 2018

blog article

Feb 21, 2018

As BlackBerry’s Chief Security Officer, I regularly speak with Fortune 500 C-Suites and leaders representing the world’s top global brands, listening and learning about what security concerns keep them up at night. I also try to spend just as much time speaking with security researchers ...

Read More

Wireless Security: Why You Need to Take It Seriously In 2018 WIRELESS SECURITY: WHY YOU NEED TO TAKE IT SERIOUSLY IN 2018

blog article

Feb 13, 2018

When waves of cyber attacks hit last year, such as WannaCry and Not Petya ransomwares, businesses lost billions of dollars in high-profile breaches. In addition, more than half of the U.S. population’s Social Security information was compromised in the Equifax breach. It was a record-breaking ...

Read More

Cyber Security Trends 2018 CYBER SECURITY TRENDS 2018

blog article

Feb 13, 2018

With 2017 remembered for massive data breaches, ransomware attacks and new-found vulnerabilities, we’ve asked Tim Erridge, Director of Advisory at Context, to look at what’s in store for the months ahead. With both the GDPR and the NIS Directive coming into effect in 2018, organizations ...

Read More

Cybersecurity Now a Priority in Fed Government’s Modernization Initiative CYBERSECURITY NOW A PRIORITY IN FED GOVERNMENT’S MODERNIZATION INITIATIVE

blog article

Feb 13, 2018

As the security needs of federal agencies change, the government’s modernization efforts will also require them to change how they think about cybersecurity. The federal government dedicates roughly 80 percent of its entire information technology (IT) budget to maintaining existing legacy syst...

Read More

What’s shaping cybersecurity in 2018? WHAT’S SHAPING CYBERSECURITY IN 2018?

blog article

Feb 09, 2018

This year Cisco hosted the first CISO Experience at Cisco Live Barcelona, on 29 and 30 January. The event attracted over 60 Chief Information Security Officers (CISOs) and other senior security leaders, who discussed the topics that are shaping cybersecurity in 2018. In this first blog of the CISO E...

Read More

Malicious Trends: Cryptojacking Could Surpass Ransomware as Primary Money Maker MALICIOUS TRENDS: CRYPTOJACKING COULD SURPASS RANSOMWARE AS PRIMARY MONEY MAKER

blog article

Feb 07, 2018

Cryptocurrencies are hot. According to https://coinmarketcap.com, there are now over 1300 cryptocurrencies with new initial coin offerings (ICOs) accelerating all the time. Even Kodak is getting into the act with KODAKcoin. And currently, the price trajectory of Bitcoin is higher than a North Korean...

Read More

What Is Cyber Resilience and Why Should I Care? Part 1 WHAT IS CYBER RESILIENCE AND WHY SHOULD I CARE? PART 1

blog article

Feb 06, 2018

I’ll be the first to admit it - there’s a lot of acronyms, buzzwords, and catchphrases in the cybersecurity industry today and it can be difficult to understand how a product reflects the core values that give these words life. Take cyber resilience, for example, it’s often thought...

Read More

Advanced Security in All Sorts of Places ADVANCED SECURITY IN ALL SORTS OF PLACES

blog article

Feb 06, 2018

There’s a growing trend spreading through many different organizations in which automated and advanced security features are being developed, capabilities which were previously in the realm of more traditional security vendors. There’s now more security in more places than ever before, w...

Read More

Missing in Action: Several Prominent Malware of 2017 MISSING IN ACTION: SEVERAL PROMINENT MALWARE OF 2017

blog article

Feb 06, 2018

Thus far in 2018, PhishMe Intelligence™ has observed a lull in multiple malware families that were prominent throughout 2017. There are several possible reasons for this hiatus. It is likely that some malware families have petered out and will not return in widespread campaigns. In sharp contr...

Read More

Security and the $150B industry no one is talking about SECURITY AND THE $150B INDUSTRY NO ONE IS TALKING ABOUT

blog article

Feb 05, 2018

Think 2018 is IBM’s flagship conference where thinkers like you come together to innovate and educate—making the world of business work smarter. Together we will explore the journey to cloud and AI, blockchain, security, and Infrastructure discovering partnerships that unlock business an...

Read More

INFORMATION SECURITY NEWS ROUNDUP: JANUARY 2018 INFORMATION SECURITY NEWS ROUNDUP: JANUARY 2018

blog article

Feb 01, 2018

A new year means new developments in the world of information security news. We’ve already started to see some of Evan’s 2018 Information Security Predictions come true. The NSA is dealing with a shrinking talent pool as many employees jump to the private sector. Ransomware was one of th...

Read More

SUCCESS STORY: FLOWMON HELPS MSP TO DEAL WITH DDOS ATTACKS SUCCESS STORY: FLOWMON HELPS MSP TO DEAL WITH DDOS ATTACKS

blog article

Feb 01, 2018

Aspire, award-winning managed services company specialising in hosted services and data centre solutions started to become the victim of several large volumetric style DDoS attacks, aimed at both its network and the networks of its customers. Dealing with these attacks was a manual and time consumin...

Read More

2018 Industry Analyst Cybersecurity Predictions 2018 INDUSTRY ANALYST CYBERSECURITY PREDICTIONS

blog article

Jan 31, 2018

Key insights from top industry analysts to help demystify the cybersecurity landscape and reinforce critical areas of focus for organizations worldwide. Security services, IoT, integrated platforms, GDPR, skills shortage, detection and response, machine learning, automation and orchestration are jus...

Read More

The Rise of IoT Botnet Threats and DDoS attacks THE RISE OF IOT BOTNET THREATS AND DDOS ATTACKS

blog article

Jan 30, 2018

Earlier this month, a report by Neustar International Security Council (NISC) revealed that many businesses viewed unsecured IoT devices as their biggest concern about the state of their organisation’s security. While ransomware and financial data theft were still viewed as among the top threa...

Read More

Five cybersecurity threats to keep on your radar in 2018 FIVE CYBERSECURITY THREATS TO KEEP ON YOUR RADAR IN 2018

blog article

Jan 29, 2018

Criminal hackers are finding increasingly sophisticated ways to infiltrate cyber targets. In 2018, organizations can expect even more menacing, intense cyber attacks as threat actors seek new ways to target victims. Here are five cybersecurity threats to look out for. The IoT is becoming more widesp...

Read More

SECURITY TRENDS 2018: THE TOP CYBERSECURITY COMPANIES SECURITY TRENDS 2018: THE TOP CYBERSECURITY COMPANIES

blog article

Jan 29, 2018

What makes a cybersecurity company the best?” is not an easy question to answer. It’s tough to identify the top cybersecurity companies when they aren’t going around telling consumers how many infections they missed or advertising how many breaches they allowed. There are dozens of...

Read More

In the United States will Create a Government Agency for Cybersecurity IN THE UNITED STATES WILL CREATE A GOVERNMENT AGENCY FOR CYBERSECURITY

blog article

Jan 29, 2018

The US House of Representatives passed a bill to establish an agency for cybersecurity and infrastructure security. The project was developed within 5 months and was supported by the majority of members of the House of Representatives. The creation of a new agency involves the reorganization of a nu...

Read More

List of data breaches and cyber attacks in January 2018 LIST OF DATA BREACHES AND CYBER ATTACKS IN JANUARY 2018

blog article

Jan 29, 2018

The first list of 2018 is by no means a short one. In fact, this is one of the longest lists that I’ve ever put together. Thankfully, the total number of leaked records is far lower than previous months. Yay? I count this month’s total to be 7,073,069. If I have missed anything, please d...

Read More

So you want to be an ethical hacker? 21 ways to get started SO YOU WANT TO BE AN ETHICAL HACKER? 21 WAYS TO GET STARTED

blog article

Jan 28, 2018

The cyber security job market is experiencing a major workforce shortage. Millions of positions will be unfilled in the next few years as companies try to shore up their defenses against threat actors in our connected world. If you’re technically inclined, and if you’re willing to work h...

Read More

New Malware and Mirai Botnet Variants Pose Significant Threats NEW MALWARE AND MIRAI BOTNET VARIANTS POSE SIGNIFICANT THREATS

blog article

Jan 25, 2018

There is no shortage of malware on the Dark Web. In particular, during the past week security researchers from various points around the world have been talking about three threats, two of which are variants of the now infamous Mirai botnet code.

Read More

Small Businesses - Big Targets for Cyberattacks SMALL BUSINESSES - BIG TARGETS FOR CYBERATTACKS

blog article

Jan 24, 2018

Cybersecurity has become a complex undertaking, but too many small businesses have fallen so far behind the curve that a successful attack could seriously impact them. That level of cyber risk reflects the exposure of modern businesses to email security issues that still mean an entire company can b...

Read More

WHAT’S THE DIFFERENCE BETWEEN CYBERSECURITY AND CYBER RESILIENCE? WHAT’S THE DIFFERENCE BETWEEN CYBERSECURITY AND CYBER RESILIENCE?

blog article

Jan 23, 2018

While the term “cybersecurity” is as old as the hills in the security world, the term “cyber resilience” has been gaining momentum. This is a good thing. Cybersecurity management is complex and always changing, and focusing on security alone simply isn’t enough – ...

Read More

Information Security Advisory: 2018 InfoSec Predictions INFORMATION SECURITY ADVISORY: 2018 INFOSEC PREDICTIONS

blog article

Jan 22, 2018

2017 proved to be a challenging year on many fronts in the information security realm. The Equifax breach, WannaCry ransomware attacks, and Russian manipulation of social media were just some of the lowlights. How will 2018 pan out? Here are some thoughts from the Kroll Information Security team: Th...

Read More

DDoS Protection: a Big Need for Small Business DDOS PROTECTION: A BIG NEED FOR SMALL BUSINESS

blog article

Jan 22, 2018

Small businesses that are third party vendors to large businesses really have to step up their cyber security game to protect their networks, because large businesses are increasingly concerned about the quality of their network partners.

Read More

Just Keep Swimming: How to Avoid Phishing on Social Media JUST KEEP SWIMMING: HOW TO AVOID PHISHING ON SOCIAL MEDIA

blog article

Jan 22, 2018

Phishing attacks attempt to steal your most private information, posing major risks to your online safety. It’s more pressing than ever to have a trained eye to spot and avoid even the most cunning phishing attacks on social media.

Read More

Cybersecurity Trends: What to Expect in 2018 and Beyond CYBERSECURITY TRENDS: WHAT TO EXPECT IN 2018 AND BEYOND

blog article

Jan 17, 2018

The last year saw huge spikes in ransomware and threat actors have become even more proficient at lateral movement. Organizations aren't getting breached by advanced persistent threats specifically targeting them – at least for the most part. Opportunistic threat actors are taking advantag...

Read More

Mobile Security Threats of 2018 MOBILE SECURITY THREATS OF 2018

blog article

Jan 16, 2018

Mobile security is the topmost concern among the organizations today, thanks to mobility and BYOD (Bring Your Own Device). Most employees now routinely access corporate data from smartphones and tactfully keep sensitive information away from wrong hands. Now the truth is mobile malware are spreading...

Read More

PHISHING ATTACK PREVENTION: HOW TO IDENTIFY & AVOID PHISHING SCAMS PHISHING ATTACK PREVENTION: HOW TO IDENTIFY & AVOID PHISHING SCAMS

blog article

Jan 15, 2018

Phishing attacks are one of the most common security challenges that both individuals and companies face in keeping their information secure. Whether it's getting access to passwords, credit cards, or other sensitive information, hackers are using email, social media, phone calls, and any form o...

Read More

Are You Ready for the Evolution of Ransomware? ARE YOU READY FOR THE EVOLUTION OF RANSOMWARE?

blog article

Jan 15, 2018

With 2017 in the rearview mirror, we’re looking towards the changes a new year will bring. However, while the calendar may have changed, the threat of ransomware across industries and geographies has remained. And worse, it‘s looking like it’s about to evolve into an even greater p...

Read More

Top 10 Cybersecurity Tips for Businesses in 2018 TOP 10 CYBERSECURITY TIPS FOR BUSINESSES IN 2018

blog article

Jan 12, 2018

While your people are without a doubt the power behind your business, they can also be a weakness when it comes to cybersecurity. Organizations must protect against all types of threats – internal and external – and, the first step to doing this is understanding the basics of cybersecuri...

Read More

Mobile Threat Landscape: What to expect in 2018 MOBILE THREAT LANDSCAPE: WHAT TO EXPECT IN 2018

blog article

Jan 12, 2018

Last year, we witnessed more mobile attacks and data breaches than ever before. Ransomwares (like WannaCry, NotPetya…) have often made the headlines as their attacks increased by 300% in the first quarter of 2017 (Panda Lab), and globally, the volume of unknown malwares has quadrupled year-ov...

Read More

Top Seven Cybersecurity Predictions for 2018 TOP SEVEN CYBERSECURITY PREDICTIONS FOR 2018

blog article

Jan 11, 2018

With a turbulent 2017 finally behind us, what’s the cybersecurity forecast for 2018? Some predictions need no crystal ball – the cyber labor shortage will continue, spending on security solutions will go up, the breaches that do occur will be bigger and messier.

Read More

5 Cybersecurity Challenges and Trends: What to Expect in 2018 5 CYBERSECURITY CHALLENGES AND TRENDS: WHAT TO EXPECT IN 2018

blog article

Jan 10, 2018

Cybercriminals are going to create 3.5 million new, unfilled cybersecurity jobs by 2021. Compare that with one million openings in 2016. That’s an increase of 350 percent in just five years. And with that increase comes some serious cybersecurity revenue dedication. Everywhere, businesses are ...

Read More

8 Cyber Security Predictions for 2018 8 CYBER SECURITY PREDICTIONS FOR 2018

blog article

Jan 09, 2018

In preparation for the upcoming publication of the 2018 Annual SonicWall Threat Report, we’re busy reviewing and analyzing data trends identified by SonicWall Capture Labs over the course of 2017.
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector th...

Read More

The Healthcare / Cyber-Security Connection THE HEALTHCARE / CYBER-SECURITY CONNECTION

blog article

Jan 09, 2018

One of the businesses in the spotlight lately when it comes to cyber-attacks is healthcare – in fact, 46% of healthcare organizations experienced a data breach. The data associated with this industry is extremely sensitive and highly regulated, and also actively sought by hackers.

Read More

Cybersecurity Compliance and Resilience CYBERSECURITY COMPLIANCE AND RESILIENCE

blog article

Jan 08, 2018

IT security professionals have to worry about defending against ever-evolving cyber threats and, increasingly, the C-suite has to worry about following cybersecurity laws. The year 2018 will be marked by increasing regulations, and discussions about regulations, that are intended to protect cyberspa...

Read More

10 INFORMATION SECURITY PREDICTIONS FOR 2018 10 INFORMATION SECURITY PREDICTIONS FOR 2018

blog article

Jan 02, 2018

In 2017, the hacking group known as the Shadow Brokers made a name for themselves with their April release of (alleged) NSA tools (including EternalBlue).  Ransomware became even more mainstream, at least in the news, with the WannaCry outbreak in May.  Arguably the biggest news of the yea...

Read More

8 VISIONARY PREDICTIONS FOR INFORMATION SECURITY IN 2018 8 VISIONARY PREDICTIONS FOR INFORMATION SECURITY IN 2018

blog article

Jan 02, 2018

In 2017, the InfoSec community saw the continuance of several trends from 2016 as well as the emergence of some new and nasty surprises. File-less attacks continued to rise in popularity, ransomware attacks on healthcare organizations became more prevalent, spending on cyber insurance increased, and...

Read More

Cyber Security Trends: What to Watch for in 2018 CYBER SECURITY TRENDS: WHAT TO WATCH FOR IN 2018

blog article

Dec 27, 2017

As we wrap up another calendar year, we can’t help but think about the near future and what it holds in store for the cyber security -  and Distributed Denial of Service (DDoS) as a growing issue.  Based on Corero’s visibility into environments dealing with DDoS, we’ve su...

Read More

Public Wi-Fi Attacks - Starbucks PUBLIC WI-FI ATTACKS - STARBUCKS

blog article

Dec 19, 2017

One of the dangers when working while on the road is using public Wi-Fi access points, such as the ones you find in your hotel, airport or local cafe. Public Wi-Fi is incredibly convenient, but does come with its own unique risks. While such attacks are not as common as many other attacks, they do h...

Read More

This Android CryptoMining Malware is Capable of Destroying Android Phones THIS ANDROID CRYPTOMINING MALWARE IS CAPABLE OF DESTROYING ANDROID PHONES

blog article

Dec 18, 2017

Cybersecurity researchers have discovered a “jack of all trades” cryptocurrency mining malware called Loapi that is capable of destroying phones from within in two days. A new strain of malware targeting Android phones, called Loapi, capable of triggering a number of malicious activities...

Read More

The Convergence of Security and Network Operations THE CONVERGENCE OF SECURITY AND NETWORK OPERATIONS

blog article

Dec 13, 2017

More complex business networks, including cloud services and infrastructure, mobile applications, virtual desktops, SDN/NFV, and IoT systems, are taxing both security and network operations teams. At the same time, increasingly sophisticated and persistent attacks are challenging traditional organiz...

Read More

10 Cybersecurity Predictions for 2018 10 CYBERSECURITY PREDICTIONS FOR 2018

blog article

Dec 12, 2017

It has been a turbulent year of devastating ransomware attacks (e.g. NotPetya) and gut-wrenching breaches (e.g. Equifax). Undoubtedly, the question on everyone’s mind is, “what’s in store for us in the New Year?” Webroot’s top 10 cybersecurity predictions for 2018 cover...

Read More

2018 Predictions for Cyber Security 2018 PREDICTIONS FOR CYBER SECURITY

blog article

Dec 11, 2017

With rapid digitization and the inter-networked world leading to a huge data explosion combined with the relentless growth of transformative technologies, the importance of cyber security – now and in the future – is unquestionable. Industry requires skilled cyber security professionals ...

Read More

3 Disruptive Trends Driving Demand for Automated Cyber Security for SMBs 3 DISRUPTIVE TRENDS DRIVING DEMAND FOR AUTOMATED CYBER SECURITY FOR SMBS

blog article

Dec 11, 2017

Organizations typically struggle to provide a holistic security posture. There are many security vendors providing exciting and innovative solutions. But from a customer perspective, they often become various point solutions solving several unique problems. This often becomes cumbersome, expensive a...

Read More

2018 Cyber Security Predictions 2018 CYBER SECURITY PREDICTIONS

blog article

Dec 07, 2017

As 2017 draws to a close, here is what you can expect over the course of the upcoming year This past year, cyber criminals caused major service disruptions around the world, using their increasing technical proficiency to break through cyber defenses. In 2018, we expect the trend to become more pron...

Read More

Your Cybersecurity is Made from Human Suffering YOUR CYBERSECURITY IS MADE FROM HUMAN SUFFERING

blog article

Dec 04, 2017

Welcome! You’re here because you know I say things that let you ridicule me to your coworkers or because you happen to have a morbid curiosity about human suffering. If it’s the second one, then please skip directly to the vile pictures at the end of the article to get your jollies. Now ...

Read More

Holiday Hackers Can Ruin Website Availability and Security for Retailers HOLIDAY HACKERS CAN RUIN WEBSITE AVAILABILITY AND SECURITY FOR RETAILERS

blog article

Dec 01, 2017

The few days after Thanksgiving in the U.S. are traditionally peak holiday shopping days for U.S. residents. They flood both physical and online stores to check off items on their holiday shopping lists, with hopes of scoring a few bargains. Almost everyone does some shopping online, according to th...

Read More

Catch the Latest Malware with Capture Advanced Threat Protection CATCH THE LATEST MALWARE WITH CAPTURE ADVANCED THREAT PROTECTION

blog article

Nov 22, 2017

Now that Halloween is over and your coworkers are bringing in the extra candy they don’t want, let’s look back at the last quarter’s results from SonicWall Capture Advanced Threat Protection (ATP) network sandbox service. Grab the candy corn and let’s crunch some data. Note: ...

Read More

CYBER SECURITY FOR HIGHER EDUCATION: WHAT COLLEGES & UNIVERSITIES NEED TO KNOW CYBER SECURITY FOR HIGHER EDUCATION: WHAT COLLEGES & UNIVERSITIES NEED TO KNOW

blog article

Nov 21, 2017

Institutions of higher learning don’t just disseminate knowledge, they store it. Extensive data repositories hold proprietary information about vital scientific and academic research (some of it under contract to businesses and government). And then there’s the billions of pieces of pers...

Read More

New Research: Mobile Malware Hits Every Business NEW RESEARCH: MOBILE MALWARE HITS EVERY BUSINESS

blog article

Nov 17, 2017

Every business has experienced at least one mobile cyberattack in the past year, according to a new study published today by Check Point mobile threat researchers. The report, entitled Mobile Cyberattacks Impact Every Business, is the first study to document the volume and impact of mobile attacks a...

Read More

Banking Malware Spin-Off Targets Twitter, Facebook Accounts BANKING MALWARE SPIN-OFF TARGETS TWITTER, FACEBOOK ACCOUNTS

blog article

Nov 17, 2017

First reported by ZDNet, the Zeus offshoot has been repurposed with “new espionage capabilities” to both monitor and modify Facebook and Twitter posts, as well as gain the ability to eavesdrop on emails.

Read More

FIND YOUR WEAKEST LINK TO PROTECT AGAINST MALWARE FIND YOUR WEAKEST LINK TO PROTECT AGAINST MALWARE

blog article

Nov 16, 2017

According to Verizon’s Data Breach Investigation Report for 2017, two-thirds of cybersecurity breaches are caused by malware installed by malicious email attachments, and 43 percent of those attacks happen when hackers successfully utilize social-engineering tactics to breach company security....

Read More

Phishing Threats – How to Identify and Avoid Targeted Email Attacks PHISHING THREATS – HOW TO IDENTIFY AND AVOID TARGETED EMAIL ATTACKS

blog article

Nov 15, 2017

What is Phishing? As you may already know, phishing threats involve malicious emails that attempt to get you to disclose your personably identifiable information (PII) to compromise your personal identity or corporate data.

Read More

Exploring Anti-Malware Testing Methodologies EXPLORING ANTI-MALWARE TESTING METHODOLOGIES

blog article

Nov 09, 2017

The simple objective in testing an anti-malware product is to verify that it stops execution of malware on the endpoint. Testing in this case is not about features and functions, it’s about preventing the malware from executing.

Read More

Is Your DDoS Cloud Signaling Just Blowing Smoke? IS YOUR DDOS CLOUD SIGNALING JUST BLOWING SMOKE?

blog article

Nov 08, 2017

More and more organizations today are adopting a hybrid DDoS approach which combines both on-prem DDoS appliances with cloud mitigation capabilities. A hybrid DDoS approach takes a best-of-both worlds approach, combining the immediate response times of premise-based devices, with the capacity and fl...

Read More

SonicWall First to Identify 73 Percent of New Malware with Capture ATP Sandbox SONICWALL FIRST TO IDENTIFY 73 PERCENT OF NEW MALWARE WITH CAPTURE ATP SANDBOX

blog article

Nov 08, 2017

Last month, I wrote how we found nearly 26,500 new forms of malware and shared some general stats.  Let’s take a look at the new threats found by SonicWall’s network sandbox, Capture Advanced Threat Protection (ATP).

Read More

Legislation Incoming: How Prepared Is the Cybersecurity Community? LEGISLATION INCOMING: HOW PREPARED IS THE CYBERSECURITY COMMUNITY?

blog article

Nov 08, 2017

It’s hard to miss the spotlight shone on the cybersecurity industry recently. There’s been a procession of infamous, high-profile cyberattacks. At the same time, organisations are being required to comply with tougher data protection and regulations that, in the case of EU GDPR, will be ...

Read More

NIST Cybersecurity Framework: IoT and PKI Security NIST CYBERSECURITY FRAMEWORK: IOT AND PKI SECURITY

blog article

Nov 07, 2017

In order to talk about any specialized field of knowledge, you need a common language with agreed upon terms, definitions and some level of accepted industry standards. Cybersecurity is no different. But as the industry has evolved, this critical foundational concept has somehow taken a backseat.

Read More

Protecting the Healthcare System from Cyberattacks PROTECTING THE HEALTHCARE SYSTEM FROM CYBERATTACKS

blog article

Nov 06, 2017

Last year HHS established the Health Care Industry Cybersecurity Task Force following the passage of the Cybersecurity Act of 2015. The Task Force was composed of government and private industry leaders who are innovators in technology and leaders in healthcare cybersecurity.

Read More

Bad Rabbit Ransomware Attack Was Hiding A Spear Phishing Campaign BAD RABBIT RANSOMWARE ATTACK WAS HIDING A SPEAR PHISHING CAMPAIGN

blog article

Nov 06, 2017

During the attacks in eastern Europe with the Bad Rabbit ransomware, a more insidious attack was taking place in Ukraine under its cover, Reuters reported. Serhiy Demedyuk, head of the Ukrainian state cyber police, stated that a number of Ukrainian entities were targeted by phishing campaigns at the...

Read More

Financial Services Cybersecurity: Addressing the Horizontal Attack Surface FINANCIAL SERVICES CYBERSECURITY: ADDRESSING THE HORIZONTAL ATTACK SURFACE

blog article

Nov 03, 2017

The financial services industry is a prime target for cybercriminals, yet significant security gaps persist. PwC’s Global State of Information Security® Survey 2017 notes that “41 percent of financial services respondents ranked assessment of security protocols and standards of third...

Read More

Getting a Firsthand Understanding of Healthcare Cybersecurity Challenges GETTING A FIRSTHAND UNDERSTANDING OF HEALTHCARE CYBERSECURITY CHALLENGES

blog article

Nov 02, 2017

Fortinet recently hosted nine information security and healthcare IT leaders at its Healthcare Advisory Board Meeting in Miami. Over the course of the two-day event, leaders from Fortinet met and collaborated with these members of the healthcare information security community to get a full understan...

Read More

7 Tips for Defending Your Network against DDoS Attacks 7 TIPS FOR DEFENDING YOUR NETWORK AGAINST DDOS ATTACKS

blog article

Nov 02, 2017

Today’s distributed denial of service (DDoS) attacks are almost unrecognizable from the early days of attacks, when most were simple, volumetric attacks intended to cause embarrassment and brief disruption.

Read More

5 Biggest Takeaways From WannaCry Ransomware 5 BIGGEST TAKEAWAYS FROM WANNACRY RANSOMWARE

blog article

Nov 01, 2017

Global in scale, with across the board press coverage, the WannaCry ransomware attack has quickly gained a reputation as one of the worst cyber incidents in recent memory. Despite the scale, this attack relied on the same tried and true methods as other successful malware: find exposed ports on the ...

Read More

What is Bad Rabbit Ransomware? WHAT IS BAD RABBIT RANSOMWARE?

blog article

Nov 01, 2017

Bad Rabbit ransomware has recently created headlines on 24th of October after it attacked computer networks across Russia, Ukraine, Turkey & Germany. Bad Rabbit attack is similar to the attacks of Petya Ransomware & WannaCry Ransomware, which locked data of computer users and demanded a rans...

Read More

‘Reaper’ Botnet – A DDoS Trick or Treat? ‘REAPER’ BOTNET – A DDOS TRICK OR TREAT?

blog article

Oct 31, 2017

Researchers have discovered a massive new botnet, dubbed ‘Reaper’ or ‘IoTroop’, targeting poorly-defended IoT devices to form a ‘zombie army’ of devices that could rock the entire Internet with a powerful DDoS attack.

Read More

Meet the latest cyber threats: FreeMilk and Bad Rabbit MEET THE LATEST CYBER THREATS: FREEMILK AND BAD RABBIT

blog article

Oct 30, 2017

First detected in May 2017, FreeMilk is considered a particularly dangerous cyber threat because, once activated, it uses your computer to continue downloading sophisticated malware. complicated series of events leading up to the malware strike begins with the attacker observing an email exchange.

Read More

Critical Infrastructure and Cyber Security CRITICAL INFRASTRUCTURE AND CYBER SECURITY

blog article

Oct 30, 2017

Before the recent natural disasters, I could describe to you how we as a community might recover after a cyberattack to our critical infrastructure, but it would be hard to imagine. Some may argue that it would be too extreme of a scenario to consider and that we would never get to the point where w...

Read More

Preventing Bad Rabbit Is Only Remarkable If It PREVENTING BAD RABBIT IS ONLY REMARKABLE IF IT'S UNREMARKABLE

blog article

Oct 27, 2017

In the last 48 hours, a hurricane of e-mails has crossed my Inbox, with breathless and self-congratulatory subject lines like "Our latest release detects Bad Rabbit" and "XYZ now protects XYZ customers from Bad Rabbit."

Read More

Sage Ransomware Distinguishes Itself with Engaging User Interface and Easy Payment Process SAGE RANSOMWARE DISTINGUISHES ITSELF WITH ENGAGING USER INTERFACE AND EASY PAYMENT PROCESS

blog article

Oct 26, 2017

In early 2017, the Sage ransomware distinguished itself with a fresh take on the business model for criminal ransomware operations. Built with an engaging, intuitive user interface for requesting the ransom payment, it also reinforced the fact criminals are willing to invest in developing new versio...

Read More

Everything You Need to Know About DDoS Attacks EVERYTHING YOU NEED TO KNOW ABOUT DDOS ATTACKS

blog article

Oct 26, 2017

Since the first Denial-of-Service (DoS) attack was launched in 1974, Distributed Denial-of-Service (DDoS) attacks have remained among the most persistent and damaging cyber-attacks. Let’s examine how these attacks have evolved and how your company can mitigate them.

Read More

BANK PHISHING SCAM IS USING SHORTENED LINKS BANK PHISHING SCAM IS USING SHORTENED LINKS

blog article

Oct 26, 2017

Earlier this month, we witnessed a phishing attack on bank customers in Malaysia which combines some common social engineering techniques (scare tactics) with some newer technical misdirection techniques (URL shortening), and decided to provide a detailed blow-by-blow for you below on how this parti...

Read More

Cb Defense’s ‘Streaming Ransomware Prevention’ Stops Bad Rabbit in Its Tracks CB DEFENSE’S ‘STREAMING RANSOMWARE PREVENTION’ STOPS BAD RABBIT IN ITS TRACKS

blog article

Oct 25, 2017

Bad Rabbit appeared to infect machines via a drive-by-download that prompted the user to download a fake Adobe Flash installer. No exploits were used during initial infection. Once executed, Bad Rabbit shared similar worming capabilities as NotPetya & WannaCry.

Read More

WHAT YOU CAN LEARN FROM RECENT CYBER ATTACKS TARGETING SCHOOL SYSTEMS WHAT YOU CAN LEARN FROM RECENT CYBER ATTACKS TARGETING SCHOOL SYSTEMS

blog article

Oct 25, 2017

Just after the school year commenced, Steve Bradshaw, superintendent of the Columbia Falls, Montana, schools got a menacing text from a number he didn’t recognize. The cyber thug behind the message made a myriad of threats – including physical harm to district students and staff and rele...

Read More

Botnets Growing, via Reaper and Sockbot Malware BOTNETS GROWING, VIA REAPER AND SOCKBOT MALWARE

blog article

Oct 25, 2017

Thus far, the largest DDoS attack ever (estimated at 1.2 Tbps) was powered by 100,000 enslaved bots, but that number could be eclipsed by even larger botnets that are recently being formed.

Read More

Worldwide Bad Rabbit Ransomware Outbreak Starts With Social Engineering WORLDWIDE BAD RABBIT RANSOMWARE OUTBREAK STARTS WITH SOCIAL ENGINEERING

blog article

Oct 25, 2017

The outbreak started Tuesday and froze computer systems in several European countries, and began spreading to the U.S., the latest in a series of attacks. Department of Homeland Security’s Computer Emergency Readiness Team issued an alert saying it had received “multiple reports” o...

Read More

Bad Rabbit Ransomware: The Latest Attack BAD RABBIT RANSOMWARE: THE LATEST ATTACK

blog article

Oct 24, 2017

On Tuesday, Oct. 24, a new strand of ransomware named Bad Rabbit appeared in Russia and the Ukraine and spread throughout the day. It first was found after attacking Russian media outlets and large organizations in the Ukraine, and has found its way into Western Europe and the United States.

Read More

Threat Advisory & Analysis: ‘Bad Rabbit’ Ransomware THREAT ADVISORY & ANALYSIS: ‘BAD RABBIT’ RANSOMWARE

blog article

Oct 24, 2017

On October 24, a large-scale ransomware campaign spread across Europe, in campaigns closely mimicking the NotPetya attacks from earlier this year. Just as was the case with NotPetya, the sample appeared to spread through traditional methods of making SMB connections within a corporate environment, s...

Read More

Protecting Xero’s Cloud-Based Accounting Platform from Cyber Attacks PROTECTING XERO’S CLOUD-BASED ACCOUNTING PLATFORM FROM CYBER ATTACKS

blog article

Oct 24, 2017

Meeting with customers is always insightful, and recently I got a chance to sit down with Aaron McKeown, head of security engineering and architecture at Xero, to talk about how they use Imperva SecureSphere for their cloud-hosted applications.

Read More

One Year after the Largest DDoS Attack ONE YEAR AFTER THE LARGEST DDOS ATTACK

blog article

Oct 20, 2017

It’s been a full year since what most believe to be the world’s largest volumetric Distributed Denial of Service (DDoS) attack occurred; on October 21, 2016 over the course of several hours the Domain Name Service Provider Dyn came under attack by two large and complex DDoS attacks again...

Read More

Resilience in the Age of Automated Hacking RESILIENCE IN THE AGE OF AUTOMATED HACKING

blog article

Oct 18, 2017

When we think about cyber attacks, we usually think about the malicious actors behind the attacks, the people who profit or gain from exploiting digital vulnerabilities and trafficking sensitive data.

Read More

Mobile Phishing Attacks Jump, Financial Industry Is Biggest Target MOBILE PHISHING ATTACKS JUMP, FINANCIAL INDUSTRY IS BIGGEST TARGET

blog article

Oct 17, 2017

Jason Koestenblatt at Enterprise Mobility Exchange wrote: "Thanks to the amount of time employees are spending online to get work done, hackers have a veritable treasure trove of opportunities and touch points to gain entry into an enterprise’s data and sensitive information.

Read More

DDoS Attacks Still on the Rise and Now Targeting Corporate Data DDOS ATTACKS STILL ON THE RISE AND NOW TARGETING CORPORATE DATA

blog article

Oct 13, 2017

A new global survey by Kaspersky found that Distributed Denial of Service (DDoS) attacks have doubled over the last year. The research emphasised how any organisation, regardless of its size, type or location, can be seriously impacted by such attacks.

Read More

Securing Critical Infrastructure Organizations Against the Next Cyber Breach SECURING CRITICAL INFRASTRUCTURE ORGANIZATIONS AGAINST THE NEXT CYBER BREACH

blog article

Oct 12, 2017

The cyber-attack on Ukraine power centers last December — an event that took 30 substations offline and left more than 230,000 residents without power — was a rude awakening for power generation plants and distribution centers around the world.

Read More

Ransomware Attacks on MySQL and MongoDB RANSOMWARE ATTACKS ON MYSQL AND MONGODB

blog article

Oct 12, 2017

Ransomware is arguably one of the most vicious types of attack cyber security experts are dealing with today. The impact ransomware attacks can have on an organization is huge and costly.

Read More

Are Power Utilities Prepared for Cyber Attacks? ARE POWER UTILITIES PREPARED FOR CYBER ATTACKS?

blog article

Oct 11, 2017

Energy utilities tend to be distributed, and their operations are not always connected to the Smart Grid, or Internet of Things. However, power supply companies have increasingly automated their systems and adopted computer software programs that play a role in power generation and/or distribution, ...

Read More

Why cybersecurity is everyone’s business WHY CYBERSECURITY IS EVERYONE’S BUSINESS

blog article

Oct 10, 2017

This month is the 14th National Cyber Security Awareness Month, the annual campaign organized by the Department for Homeland Security to raise awareness of the importance of cybersecurity for both businesses and consumers.

Read More

Cybersecurity in the Workplace is Everyone’s Business CYBERSECURITY IN THE WORKPLACE IS EVERYONE’S BUSINESS

blog article

Oct 10, 2017

October is National Cyber Security Awareness Month(NCSAM) in the US, which is an annual effort by the Department of Homeland Security to educate the public about privacy and security in our increasingly connected world.

Read More

Cybersecurity Awareness Means Data Awareness CYBERSECURITY AWARENESS MEANS DATA AWARENESS

blog article

Oct 10, 2017

There is an old joke about a police officer who sees a man searching for something under a streetlight. The officer asks what he has lost. The man responds that he lost his keys, and then they both proceed to look under the streetlight together.

Read More

Cybersecurity in the Workplace is Everybody’s Business CYBERSECURITY IN THE WORKPLACE IS EVERYBODY’S BUSINESS

blog article

Oct 10, 2017

What can individual users do to preserve cybersecurity at work? Your organization is spending on cybersecurity tools, you have an awareness program, and if you look you will find that there are standards and procedures for choosing and maintaining products to help keep information secure.

Read More

Survey Says More than One Third of US Businesses Experience DDoS Attacks SURVEY SAYS MORE THAN ONE THIRD OF US BUSINESSES EXPERIENCE DDOS ATTACKS

blog article

Oct 09, 2017

How common are distributed denial of service attacks? Very common, according to a survey of business executives released last week by The Hartford Steam Boiler Inspection and Insurance Company (HSB).  According to that company’s press release, 35% of those companies surveyed said that the...

Read More

Cybersecurity in the Workplace: Adapt or Go the Way of the Dodo CYBERSECURITY IN THE WORKPLACE: ADAPT OR GO THE WAY OF THE DODO

blog article

Oct 08, 2017

The same goes for cybersecurity in the workplace. We can’t accept a set it and forget it cybersecurity culture. Rather, we must embrace one of adaptation. Leading analyst firm Gartner agrees. In its “CARTA” report, the company leads with adaptation – to risk, to trust assessm...

Read More

Strength in IT Security Numbers Can Be Misleading STRENGTH IN IT SECURITY NUMBERS CAN BE MISLEADING

blog article

Oct 06, 2017

There’s an assumption that bigger is somehow better when it comes to cybersecurity that doesn’t always play out the way one might expect. During an online Cybersecurity Summit 2017 event this week hosted by the Washington Post.

Read More

National Cyber Security Awareness Month: What Cyber Security Looks Like for Businesses on a Day-to-Day Level NATIONAL CYBER SECURITY AWARENESS MONTH: WHAT CYBER SECURITY LOOKS LIKE FOR BUSINESSES ON A DAY-TO-DAY LEVEL

blog article

Oct 05, 2017

October is National Cyber Security Awareness Month, but with the constant drum beat of headline-grabbing data breaches, I could argue at this point that every month is National Cyber Security Awareness Month. Equifax and the U.S. Securities and Exchange Commission (SEC) are the latest big organizati...

Read More

PROTECTING YOUR NETWORK AGAINST BRUTE FORCE PASSWORD ATTACKS PROTECTING YOUR NETWORK AGAINST BRUTE FORCE PASSWORD ATTACKS

blog article

Oct 05, 2017

Everyday, hackers are finding new and sophisticated techniques to compromise networks, yet one of the most tried and true attack methods – brute force attacks – remains popular. It is such a common password-cracking method because it can be used against nearly any type of encryption.

Read More

A Psychological Approach to Cyber Security A PSYCHOLOGICAL APPROACH TO CYBER SECURITY

blog article

Oct 04, 2017

It’s no secret that I’m passionate about Cyber Security. So naturally, I do what any other person obsessed would do: listen to podcasts whenever I get the chance. This past Monday, I was walking from my campus to the train station while listening to an interview on Recorded Future with M...

Read More

Simple Steps to Online Safety SIMPLE STEPS TO ONLINE SAFETY

blog article

Oct 02, 2017

Based on what we discussed above, it doesn’t take too much time or effort to launch a successful phishing attack. As a result, it’s one of the more effective ways for attackers to get what they want, which is often financial gain or political/ideological motives.

Read More

Bitdefender Creates Ransomware Recognition Tool BITDEFENDER CREATES RANSOMWARE RECOGNITION TOOL

blog article

Oct 02, 2017

The AV vendor created a free tool to help ransomware victims find which family and sub-version of ransomware has encrypted their data and then get the appropriate decryption tool, if it exists.

Read More

Threat Analysis: Don’t Forget About Kangaroo Ransomware THREAT ANALYSIS: DON’T FORGET ABOUT KANGAROO RANSOMWARE

blog article

Oct 02, 2017

The age of ransomware is upon us.  Advanced ransomware variants are using NSA-leaked exploits to ravage hundreds of thousands of computers and collect thousands of dollars in bitcoins, while new variants are being produced on a weekly basis.

Read More

New Ransomware Strain Evades Machine Learning Security Software NEW RANSOMWARE STRAIN EVADES MACHINE LEARNING SECURITY SOFTWARE

blog article

Sep 29, 2017

Here is the latest tactic in the cat-and-mouse game between cybercrime and security software vendors. The bad guys have come up with new a ransomware phishing attack, tricking users to open what appears to be a document scanned from an internal Konica Minolta C224e.

Read More

The Growth of DDoS-as-a-Service: Stresser Services THE GROWTH OF DDOS-AS-A-SERVICE: STRESSER SERVICES

blog article

Sep 28, 2017

The growth of DDoS-as-a-Service has resulted in a wide array of powerful and affordable DDoS services available to the public. Since the beginning of 2016, Radware’s ERT Research division has been monitoring a number of services available on both the clear and the darknet.

Read More

Phishing: don’t take the bait PHISHING: DON’T TAKE THE BAIT

blog article

Sep 27, 2017

Another day, another phishing attack. From businesses to consumers, phishing attacks are becoming a more widespread and dangerous online threat every year. One wrong click could quickly turn into a nightmare if you aren’t aware of the current techniques cyber scammers are using to get access t...

Read More

Helping Mobile Operators Keep Customers Safe with Virtualized Network Security HELPING MOBILE OPERATORS KEEP CUSTOMERS SAFE WITH VIRTUALIZED NETWORK SECURITY

blog article

Sep 27, 2017

At Trend Micro we’re always looking for innovative new ways to support our customers and help overcome their cybersecurity challenges. Mobile network operators (MNOs) are increasingly adopting virtualization and software acceleration technologies to become more agile in how they deploy.

Read More

Phantom RDoS Might Be a Fake Ploy, But Beware PHANTOM RDOS MIGHT BE A FAKE PLOY, BUT BEWARE

blog article

Sep 25, 2017

A group that calls itself Phantom Squad has launched an email-based ransomware DDoS (RDoS) extortion campaign against thousands of companies across the globe in the past week. They are threatening to launch DDoS attacks on their target victims on September 30 unless each victim pays about $700 in bi...

Read More

EMAIL SECURITY SHOULDN’T BE AN AFTERTHOUGHT WHEN MOVING TO CLOUD-BASED EMAIL EMAIL SECURITY SHOULDN’T BE AN AFTERTHOUGHT WHEN MOVING TO CLOUD-BASED EMAIL

blog article

Sep 25, 2017

The move to Microsoft Office 365TM is driven by the benefits of transitioning to a cloud-based solution, including reduced hardware and maintenance costs. At the same time, Office 365TM brings a new level of flexibility and agility to organizations. But what is less discussed is its inherent email s...

Read More

Deloitte Hit by ‘Sophisticated’ CyberAttack Revealing Client Emails DELOITTE HIT BY ‘SOPHISTICATED’ CYBERATTACK REVEALING CLIENT EMAILS

blog article

Sep 25, 2017

‘Big four’ accounting giant Deloitte has reportedly been the target of a sophisticated cyberattack where hackers gained access to confidential emails and plans of its blue-chip clients.

Read More

Scam of The Week: "Fake-tortion" Phishing Attacks SCAM OF THE WEEK: "FAKE-TORTION" PHISHING ATTACKS

blog article

Sep 24, 2017

The sophisticated attackers are targeting potential victims in an email sequence that starts with pornography and adult dating links, which are then followed up with extortion attempts.IT security company Forcepoint says it picked up more than 33,500 such emails in August, and Australian email addre...

Read More

NATIONAL HEALTH SERVICE CYBER SECURITY FEARS AND RESILIENCE STRATEGY NATIONAL HEALTH SERVICE CYBER SECURITY FEARS AND RESILIENCE STRATEGY

blog article

Sep 21, 2017

Cyber-attacks like the WannaCry incident which crippled many National Health Service (NHS) trusts in May this year brought into sharp focus the aging IT infrastructure and unpatched systems leading to the disruption of critical patient services.

Read More

TrickBot Targeting Financial and Cryptocurrency Data TRICKBOT TARGETING FINANCIAL AND CRYPTOCURRENCY DATA

blog article

Sep 21, 2017

While a great deal of focus for research into botnet trojans is on the multipurpose utility of this malware, many of these same tools are still utilized for direct financial crimes and fraud. This configuration data, provides a prima-facie insight into some of the preferred means for monetary gains ...

Read More

Barracuda Advanced Technology Group Tracks 20 Million Ransomware Phishing Attack BARRACUDA ADVANCED TECHNOLOGY GROUP TRACKS 20 MILLION RANSOMWARE PHISHING ATTACK

blog article

Sep 20, 2017

Barracuda Advanced Technology Group says it’s tracking a ransomware threat that has so far spawned about 20 million phishing emails sent to unsuspecting users around the world in in the last 24 hours and the threat is growing.

Read More

Do Hackers Have It Easy? DO HACKERS HAVE IT EASY?

blog article

Sep 19, 2017

Hackers got it easy. At least, it feels like it. They are in a growing “industry” with many, almost endless, targets to choose from. They have access to new tools and techniques, services that make it easy for them to launch an attack and lots of information and personal data at their fi...

Read More

Five questions you should be asking about cybersecurity FIVE QUESTIONS YOU SHOULD BE ASKING ABOUT CYBERSECURITY

blog article

Sep 18, 2017

The threat of hackers stealing private information and holding it for ransom is real, and the healthcare industry has become a prime target – in fact, phishing as emerged as the top security threat facing healthcare organizations.

Read More

Warning CCleaner Compromised With Malware WARNING CCLEANER COMPROMISED WITH MALWARE

blog article

Sep 18, 2017

CCleaner the evidence elimination tool that I recommend on The Complete Cyber Security Course has been compromised and Malware added to it. The effected Version is 5.33 of the CCleaner app offered for download between August 15 and September 12 2017.

Read More

Does your mobile anti-virus app protect or infect you? The truth behind DU Antivirus Security DOES YOUR MOBILE ANTI-VIRUS APP PROTECT OR INFECT YOU? THE TRUTH BEHIND DU ANTIVIRUS SECURITY

blog article

Sep 18, 2017

With mobile attacks representing nearly 20% of all cyberattacks in the Americas during the first half of 2017, users are constantly warned to be aware of security risks affecting their data and privacy, and install security software to protect their device.

Read More

Customized Phishing Simulations Keep You “Left of Breach” CUSTOMIZED PHISHING SIMULATIONS KEEP YOU “LEFT OF BREACH”

blog article

Sep 18, 2017

In part 2 we looked at Self-Enumeration, assessing security and business process gaps that phishing attackers exploit. It’s the first step in being “Left of Breach” the process that builds a proactive phishing defense strategy. In simulation design, you model known attacks—ei...

Read More

Apache Struts, RCE and Managing App Risk APACHE STRUTS, RCE AND MANAGING APP RISK

blog article

Sep 18, 2017

People used to argue about whether cyber security is a business problem or a technical problem. But this frames the issue poorly. “Problem” and “solution” imply that there is a definitive “solve.” Cybercrime isn’t a technical problem that can be definitively...

Read More

Integrating Artificial Intelligence into Cybersecurity: Collaboration is the Key INTEGRATING ARTIFICIAL INTELLIGENCE INTO CYBERSECURITY: COLLABORATION IS THE KEY

blog article

Sep 17, 2017

We have seen from the previous two posts on cybersecurity and AI the importance of using advanced technology to stay ahead of cybercriminals. But often times a threat transcends one particular box. This is where Fortinet’s collaboration is paramount. Regardless of the physical location of the ...

Read More

VEVO Data Breach Caused By LinkedIn Phishing Attack VEVO DATA BREACH CAUSED BY LINKEDIN PHISHING ATTACK

blog article

Sep 15, 2017

A Vevo spokesperson told Gizmodo that the company “can confirm that Vevo experienced a data breach as a result of a phishing scam via Linkedin. We have addressed the issue and are investigating the extent of exposure.”

Read More

How Can SMB Practices Improve Healthcare Cybersecurity? HOW CAN SMB PRACTICES IMPROVE HEALTHCARE CYBERSECURITY?

blog article

Sep 15, 2017

The healthcare sector has been under increasing attack from cybercriminals with a variety of tactics and motivations. In fact, cyberattacks targeting healthcare providers increased 63 percent in 2016. The increased attention cybercriminals are giving the healthcare space is not surprising. The prote...

Read More

3 Ways File Integrity Monitoring Identifies Zero-Day Attacks 3 WAYS FILE INTEGRITY MONITORING IDENTIFIES ZERO-DAY ATTACKS

blog article

Sep 14, 2017

A zero-day attack leaves your software vulnerable to be exploited by hackers. It is a serious security risk. Cybercriminals are becoming more and more adept in breaching IT security systems.

Read More

DDoS Attacks on Internet Providers Can Impact Downstream Customers DDOS ATTACKS ON INTERNET PROVIDERS CAN IMPACT DOWNSTREAM CUSTOMERS

blog article

Sep 13, 2017

Enterprises need to consider that even if they have protection against distributed denial of service (DDoS) attacks, their business could be taken offline if their Internet Service Provider (ISP), hosting provider or Domain Name Service (DNS) provider does not have adequate DDoS protection.

Read More

Paradise Ransomware Uses RSA Encryption to Attack Computers PARADISE RANSOMWARE USES RSA ENCRYPTION TO ATTACK COMPUTERS

blog article

Sep 13, 2017

A newly discovered ransomware-as-a-service (RaaS) program called Paradise is attempting to infect computers via hijacked Remote Desktop services. An RaaS is where the developer of ransomware manages its development and operates the Command and Control server in exchange for a small cut of all ransom...

Read More

Beware of the Bashware: A New Method for Any Malware to Bypass Security Solutions BEWARE OF THE BASHWARE: A NEW METHOD FOR ANY MALWARE TO BYPASS SECURITY SOLUTIONS

blog article

Sep 11, 2017

With a growing number of cyber-attacks and the frequent news headlines on database breaches, spyware and ransomware, quality security products have become a commodity in every business organization. Consequently a lot of thought is being invested in devising an appropriate information security strat...

Read More

Virginia Suspends E-Voting Machines Due to Cybersecurity Concerns VIRGINIA SUSPENDS E-VOTING MACHINES DUE TO CYBERSECURITY CONCERNS

blog article

Sep 11, 2017

Virginia has agreed to immediately pull all paperless touchscreen voting machines ahead of the upcoming gubernatorial election in November following concerns by cybersecurity experts. Taken on Friday, the decision comes following a recommendation by the Virginia Department of Elections that the mach...

Read More

Cybersecurity Risks are Substantial, Says SEC Chief CYBERSECURITY RISKS ARE SUBSTANTIAL, SAYS SEC CHIEF

blog article

Sep 06, 2017

The chairman of the Securities and Exchange Commission has urged Wall Street to educate everyday investors on teh ‘substantial risk’ of cybersecurity threats. Newly appointed SEC chairman Jay Clayton was speaking at a panel discussion at New York University’s School of Law on Tuesd...

Read More

HOW TO PREPARE FOR AND RESPOND TO AN EMAIL-BASED ATTACK HOW TO PREPARE FOR AND RESPOND TO AN EMAIL-BASED ATTACK

blog article

Sep 06, 2017

No matter how well you prepare technically for and educate and train your team on cyber resilience, at some point you’re going to experience a cyberattack. Yet, almost two-thirds (65%) of leaders don’t feel their organizations are fully equipped or updated to address email-based cybercri...

Read More

Maintaining Endpoint Security to Protect Your Network MAINTAINING ENDPOINT SECURITY TO PROTECT YOUR NETWORK

blog article

Sep 05, 2017

Growing innovation can mean a lot of things to an organization – new functionalities, increased efficiency, and potentially, added risk. New technologies and the proliferation of connected devices have increased the surface area for potential attacks, and to stay ahead of an evolving threat la...

Read More

Phishing Attack With PowerPoint Attachment Bypasses User Access Control PHISHING ATTACK WITH POWERPOINT ATTACHMENT BYPASSES USER ACCESS CONTROL

blog article

Sep 04, 2017

Fortinet researchers discovered a malicious PowerPoint file which currently is used to attack diplomats, United Nations- and government organizations worldwide. This will soon filter down to mass phishing attacks. The attack uses an existing Microsoft Office vulnerability in combination with a techn...

Read More

Cybersecurity Hygiene Set to Become a Higher Priority CYBERSECURITY HYGIENE SET TO BECOME A HIGHER PRIORITY

blog article

Sep 01, 2017

If passed The Promoting Good Cyber Hygiene Act instructs the National Institute of Standards and Technology (NIST), in consultation with the Federal Trade Commission (FTC) and the Department of Homeland Security (DHS), to establish a baseline set of voluntary best practices for good cybersecurity hy...

Read More

The Rise of Ransom-Driven DDoS Attacks THE RISE OF RANSOM-DRIVEN DDOS ATTACKS

blog article

Sep 01, 2017

In recent weeks, cyber attackers have become even more interested in extorting money from organizations by threatening to organize a distributed denial of service (DDoS) attackon critically important online systems.

Read More

WannaCry illustrated: See how attitudes have changed WANNACRY ILLUSTRATED: SEE HOW ATTITUDES HAVE CHANGED

blog article

Aug 31, 2017

Clearswift's recent survey with Vanson Bourne into the impact of May 2017’s WannaCry attack has revealed big changes in the way organizations and employees deal with cyber security. We've created an infographic that shows not only the devastating impact of the attack but also how this ...

Read More

Active ransomware attack uses impersonation and embedded advanced threats ACTIVE RANSOMWARE ATTACK USES IMPERSONATION AND EMBEDDED ADVANCED THREATS

blog article

Aug 31, 2017

In the last 24 hours, the Barracuda advanced security team has observed about 20 million attempts at a ransomware attack through an email attachment “Payment_201708-6165.7z.”  Here is a screenshot of the email with the addresses redacted: In this attack, the source of the email is a...

Read More

Cybersecurity for NAFTA CYBERSECURITY FOR NAFTA

blog article

Aug 31, 2017

When the North American Free Trade Agreement (NAFTA) was originally negotiated, cybersecurity was not a central focus. NAFTA came into force – removing obstacles to commercial trade activity between the US, Canada, and Mexico – in 1994, well before most digital services existed.

Read More

SSL Attacks – When Hackers Use Security Against You SSL ATTACKS – WHEN HACKERS USE SECURITY AGAINST YOU

blog article

Aug 29, 2017

In World War II, the Allies had a significant advantage because they were able to compromise the encryption protocols that the Japanese and Germans used to send sensitive messages.  They were able to intercept and decode messages to gain intelligence concerning sensitive military operations.

Read More

DDoS Attacks Blamed on Mirai-Style Botnet of 70,000 Android Devices DDOS ATTACKS BLAMED ON MIRAI-STYLE BOTNET OF 70,000 ANDROID DEVICES

blog article

Aug 29, 2017

Drawing striking parallels to last year’s Mirai botnet attacks, the new WireX botnet has, in recent weeks, pummeled a numbero f content providers and delivery networks with traffic from hijacked Android devices. Content delivery giant Akamai discovered the botnet malware after researching an a...

Read More

When Androids Attack: Protecting Against WireX Botnet DDoS Attacks WHEN ANDROIDS ATTACK: PROTECTING AGAINST WIREX BOTNET DDOS ATTACKS

blog article

Aug 29, 2017

Google recently removed roughly 300 apps from its Play Store after researchers found that the apps in question were secretly hijacking Android devices to feed traffic to wide-scale distributed denial of service (DDoS) attacks against multiple content delivery networks (CDNs) and content providers.

Read More

New Defray Ransomware Demands $5,000 In Customized Spear Phishing Attacks NEW DEFRAY RANSOMWARE DEMANDS $5,000 IN CUSTOMIZED SPEAR PHISHING ATTACKS

blog article

Aug 26, 2017

This newly discovered ransomware strain is targeting healthcare, education, manufacturing and tech sectors in the US and UK, using customized spear phishing emails. Defray is demanding a relatively high ransom amount - $5,000 in Bitcoin, and ironically the word defray means "to provide money to...

Read More

Trojans exploit WAP subscriptions to steal money TROJANS EXPLOIT WAP SUBSCRIPTIONS TO STEAL MONEY

blog article

Aug 25, 2017

Do you remember what WAP is? Didn’t think so! WAP is a rather primitive excuse for mobile Internet. The tiny websites it can access show mostly text, and we visited them back when phones had just learned to transmit data. Despite the fact that WAP has practically passed into oblivion, parts of...

Read More

Health Care Systems Remain Targets of Ransomware And Phishing Attacks in 2017 HEALTH CARE SYSTEMS REMAIN TARGETS OF RANSOMWARE AND PHISHING ATTACKS IN 2017

blog article

Aug 25, 2017

Health care networks and providers are squarely in the cross hairs of ransomware cyber criminals and if the current rate of attacks continue it will likely exceed last years' events significantly. On May 8, 2017, St. Mark’s Surgical Center, LLC in Fort Myers, FL disclosed publicly that som...

Read More

Detecting Ransomware: Behind the Scenes of an Attack DETECTING RANSOMWARE: BEHIND THE SCENES OF AN ATTACK

blog article

Aug 23, 2017

Ransomware has been the threat of the year. If you’ve had even a lazy eye on current events in information security, you’ve heard about the WannaCry infection that recently took out endpoints for hundreds of companies. By now you’ve (hopefully) patched all of your vulnerable Window...

Read More

Locky Ransomware Keeps Returning After Repeated Absences LOCKY RANSOMWARE KEEPS RETURNING AFTER REPEATED ABSENCES

blog article

Aug 23, 2017

It seems that each time the information security community is ready to declare the Locky ransomware dead and gone, phishing threat actors launch new campaigns with new characteristics. Locky’s presence on the threat landscape dates back to February 2016 when this malware formalized and matured...

Read More

July’s Most Wanted Malware: RoughTed and Fireball Decrease, But Stay Most Prevalent JULY’S MOST WANTED MALWARE: ROUGHTED AND FIREBALL DECREASE, BUT STAY MOST PREVALENT

blog article

Aug 21, 2017

Check Point’s latest Global Threat Impact Index reveals that that the number of organizations impacted globally by the RoughTed malvertising campaign fell by over a third during July, from 28% to 18%. RoughTed is a large-scale malvertising campaign used to deliver malicious websites and payloa...

Read More

Zeus Panda’s Modular Functions Provide Insight into Botnet Malware Capabilities ZEUS PANDA’S MODULAR FUNCTIONS PROVIDE INSIGHT INTO BOTNET MALWARE CAPABILITIES

blog article

Aug 21, 2017

One core element of the information security mission is the successful assessment of the risk posed to an organization by a malware sample or malware variety delivered by a phishing email. In 2017, phishers have embraced the use of adaptable and flexible malware to gain initial footholds in a networ...

Read More

Dispatch from DODIIS: Cyber security through the lens of IT DISPATCH FROM DODIIS: CYBER SECURITY THROUGH THE LENS OF IT

blog article

Aug 18, 2017

Here at the DODIIS 2017 conference, we heard from General Darren McDew, Commander of US Transportation Command, who eloquently summarized his own struggles to reconcile day-to-day IT administration with cyber security. “I viewed cyber through the lens of IT,” he said, shaking his head. I...

Read More

Cyber Security in 120 Secs: If Ransomware Was a Serial Killer CYBER SECURITY IN 120 SECS: IF RANSOMWARE WAS A SERIAL KILLER

blog article

Aug 18, 2017

This week Locky ransomware has come back from being dormant with serial killer attributes;   NotPetya is taking a toll on many companies such as Maersk that admit the cost could be up to $300M; Gartner's forecasts $93B in information security for 2018. The new variant Lukitus extension...

Read More

Ransomware: Don’t Make It Too Easy to Hit Your WordPress Site RANSOMWARE: DON’T MAKE IT TOO EASY TO HIT YOUR WORDPRESS SITE

blog article

Aug 17, 2017

Ransomware is a business.  And like all smart business people, hackers look for efficiencies to increase revenue and lower cost of delivery. This helps explain why ransomware’s evolving. One piece of evidence: hackers are using it to target compromised WordPress blogs. It’s nothing ...

Read More

TRICKBOT BANKING TROJAN MAKING PHISHING MORE REAL TRICKBOT BANKING TROJAN MAKING PHISHING MORE REAL

blog article

Aug 14, 2017

Trickbot is back, new and improved, and was found targeting customers of Lloyds Bank of the UK last week in a renewed phishing campaign intended to steal online banking users' security codes. The updated version of the malware, which first appeared last year, uses new techniques to make it even ...

Read More

UK Considers Penalizing Operators of Essential Services for Lax Cyber Security UK CONSIDERS PENALIZING OPERATORS OF ESSENTIAL SERVICES FOR LAX CYBER SECURITY

blog article

Aug 11, 2017

After the high-profile WannaCry ransomware attack of May 2017 that crippled its National Health Service, the United Kingdom (UK) government is keen on preventing such disastrous cyber incidents from happening again. And, as if internal motivation was not enough, now there is pressure from the Europe...

Read More

THE HUMAN SIDE OF CYBERSECURITY THE HUMAN SIDE OF CYBERSECURITY

blog article

Aug 09, 2017

As the waves of ransomware attacks continue to hit the shores of companies around the world prove, today’s cybersecurity balance still tips toward the bad guys. The odds are stacked against the good guys, as they need to mitigate all threats, whether it is against their networks, brand, or phy...

Read More

Protecting Your Organization From Phishing Schemes: Tips From the FBI PROTECTING YOUR ORGANIZATION FROM PHISHING SCHEMES: TIPS FROM THE FBI

blog article

Aug 08, 2017

It’s not just the bad actors that we at Core Security want to protect you from – we also want to protect you from yourself. It’s all hands on deck when it comes to securing your systems and the systems you interact with on a daily basis. 

Read More

The Cybersecurity Canon: The Seventh Sense: Power, Fortune, and Survival in the Age of Networks THE CYBERSECURITY CANON: THE SEVENTH SENSE: POWER, FORTUNE, AND SURVIVAL IN THE AGE OF NETWORKS

blog article

Aug 08, 2017

We modeled the Cybersecurity Canon after the Baseball or Rock & Roll Hall-of-Fame, except for cybersecurity books. We have more than 25 books on the initial candidate list, but we are soliciting help from the cybersecurity community to increase the number to be much more than that. Please write ...

Read More

MERCK EARNINGS PER SHARE PROJECTIONS DROP FOLLOWING MALWARE INFECTION MERCK EARNINGS PER SHARE PROJECTIONS DROP FOLLOWING MALWARE INFECTION

blog article

Aug 08, 2017

The fallout from the June outbreak of the NotPetya/ExPetr wiper malware continues, with Merck’s newly released Q2 financial filings highlighting the damages that malware infections and similar incidents can have on businesses’ operations and bottom lines. News that Merck was hit in the J...

Read More

IT Security Pros Forecast DDoS Attack Escalation IT SECURITY PROS FORECAST DDOS ATTACK ESCALATION

blog article

Aug 08, 2017

Corero recently surveyed some 100 IT security professionals at the InfoSecurity Europe conference in London last month, and their outlook on DDoS threat is bleak. Many of the survey responders expect to see a significant escalation of DDoS attacks during the year ahead, with 38% predicting that ther...

Read More

When to Decrypt and What to Decrypt For Cyber Security WHEN TO DECRYPT AND WHAT TO DECRYPT FOR CYBER SECURITY

blog article

Aug 07, 2017

It's certainly true that the use of network encryption has risen rapidly over the past few years on the Internet at large. A very broad range of threat actors have taken advantage of the easy availability of signed certificates from trusted certificate authorities (CAs).

Read More

New Cybersecurity Guidelines for Smart Cars issued by the UK government NEW CYBERSECURITY GUIDELINES FOR SMART CARS ISSUED BY THE UK GOVERNMENT

blog article

Aug 07, 2017

New cybersecurity guidelines for smart cars were issued by the UK government. The British government has issued a new set of guidelines on Sunday for automakers to incorporate cybersecurity as a priority into their designs of internet-connected vehicles. All internet connected vehicles to drive on t...

Read More

How Modern Email Phishing Attacks Have Organizations On The Hook HOW MODERN EMAIL PHISHING ATTACKS HAVE ORGANIZATIONS ON THE HOOK

blog article

Aug 06, 2017

They looked at more than 8,500 attacks that bypassed spam filters, from more than a hundred of their customers covering over half a million mailboxes, to better understand phishing, attack patterns, and phishing techniques & tools. Here are some key findings: About 77% of the attacks targeted 10...

Read More

5 STEPS FOR LAUNCHING AN ADVANCED SECURITY AWARENESS AND TRAINING INITIATIVE 5 STEPS FOR LAUNCHING AN ADVANCED SECURITY AWARENESS AND TRAINING INITIATIVE

blog article

Aug 05, 2017

Ultimately, the security chain is as strong as its weakest link and once a cybercriminal has compromised one account – even a junior employee – they can then leverage that account and move upwards through the organization, eventually getting to the final target like the CEO or CFO,&rdquo...

Read More

Even the “Smart Ones” Fall for Phishing EVEN THE “SMART ONES” FALL FOR PHISHING

blog article

Aug 04, 2017

It’s easy to believe that phishing only happens to people who aren’t smart enough to detect it. This simply isn’t true. As the tech-savvy developers at software company a9t9 have indicated in their statement[1] about a phishing incident last week, even smart developers can be foole...

Read More

Navigating the Network: How Mentors Can Help Newbies Break into Cybersecurity NAVIGATING THE NETWORK: HOW MENTORS CAN HELP NEWBIES BREAK INTO CYBERSECURITY

blog article

Aug 03, 2017

There’s an interesting paradox in the security industry.  On the one hand, we are constantly being told that there is a dearth of talent in cybersecurity.  Statistics like “one million open reqs” and “zero percent unemployment” get thrown around, creating the ...

Read More

Threat Actors Use Advanced Delivery Mechanism to Distribute TrickBot Malware THREAT ACTORS USE ADVANCED DELIVERY MECHANISM TO DISTRIBUTE TRICKBOT MALWARE

blog article

Aug 01, 2017

Threat actors’ consistent pursuit of improved efficiency is a key characteristic of the phishing threat landscape. One method for improving efficiency is to use a unique delivery technique that not only allows threat actors to distribute malware but also succeeds in evading anti-virus software...

Read More

Cybersecurity that Protects You from Future Threats CYBERSECURITY THAT PROTECTS YOU FROM FUTURE THREATS

blog article

Aug 01, 2017

With digital, IT and workforce transformation taking center stage, attackers will use them to compromise your network unless your environment is already set up to deflect attacks and minimize the impact of new threats. BYOD, Wi-Fi, mobile computing, cloud computing, and the Internet of Things have a...

Read More

FIVE THINGS TO KNOW ABOUT RANSOMWARE FIVE THINGS TO KNOW ABOUT RANSOMWARE

blog article

Jul 31, 2017

With WannaCry barely in the rear view mirror, ransomware was back in the spotlight with a new malware dubbed NotPetya. We can expect to see new ransomware strains as advanced attackers continue to evolve their tactics, and the ramifications on business will be significant if proactive measures are n...

Read More

What Is Destructive Malware? WHAT IS DESTRUCTIVE MALWARE?

blog article

Jul 31, 2017

Destructive malware sounds redundant, like “serious crisis” or “end result.” In fact, it is the latest advancement in malware that takes the already cunning ways in which polymorphic malware enters and hides within a computing device and then downloads a payload that will des...

Read More

Teen Hackers Can Launch a DDoS Attack for Cheap TEEN HACKERS CAN LAUNCH A DDOS ATTACK FOR CHEAP

blog article

Jul 27, 2017

You know it’s become way too easy to launch a distributed denial of service (DDoS) attackwhen even a 12-year old child can do it. This is the reality shown by a recent report from the National Crime Agency (NCA) in the United Kingdom, which found that the average age of suspects that it has in...

Read More

How to Proactively Defeat Insider Threats HOW TO PROACTIVELY DEFEAT INSIDER THREATS

blog article

Jul 27, 2017

Today, organizations invest significant resources to harden their perimeters against exterior attacks. Unfortunately, many of these same companies invest far less to protect themselves against internal threats—individuals who have direct access to sensitive and proprietary information. Given t...

Read More

State of Encrypted Traffic – New Cyber Attacks Spreading via Use of Encryption STATE OF ENCRYPTED TRAFFIC – NEW CYBER ATTACKS SPREADING VIA USE OF ENCRYPTION

blog article

Jul 25, 2017

The earliest schemes of cryptography, such as substituting one symbol or character for another or changing the order of characters instead of changing the characters themselves, began thousands of years ago.  Since then, various encoding and decoding systems were developed, based on more comple...

Read More

What is Shaping Asia’s State of Security? WHAT IS SHAPING ASIA’S STATE OF SECURITY?

blog article

Jul 25, 2017

Walk down the streets of Jakarta or Jaipur, and you will be sure to see people browsing the latest news or streaming their favorite shows on their portable devices. This is no surprise since Asia Pacific is home to the world’s largest population of Internet users, bolstered by a strong mobile ...

Read More

Hackers are targeting hotel Wi-Fi with particularly evil malware and spear phishing HACKERS ARE TARGETING HOTEL WI-FI WITH PARTICULARLY EVIL MALWARE AND SPEAR PHISHING

blog article

Jul 25, 2017

The veteran DarkHotel hacking group is back with a few new tricks up their sleeve. These sophisticated hackers first began targeting high level executives in 2011 with a signature brand of cybercrime that targets business travellers with malware attacks, using the Wi-Fi in luxury hotels across the g...

Read More

Cyber Exposure: The Next Frontier for Security CYBER EXPOSURE: THE NEXT FRONTIER FOR SECURITY

blog article

Jul 23, 2017

The stakes have never been higher when it comes to cybersecurity. Global cyber attacks such as the recent WannaCry ransomware attack is a sobering reminder that cybersecurity is the existential threat of this generation. A new report from Lloyd’s of London estimates a serious cyber attack coul...

Read More

The real problem with ransomware THE REAL PROBLEM WITH RANSOMWARE

blog article

Jul 22, 2017

Ransomware – a specialized form of malware that encrypts files and renders them inaccessible until the victim pays a ransom – is an extremely serious problem and it’s quickly getting worse. The FBI estimated that ransomware payments were $1 billion in 2016, up from “just&rdqu...

Read More

Cyber Insurance and DDoS Attack Protection CYBER INSURANCE AND DDOS ATTACK PROTECTION

blog article

Jul 21, 2017

This past spring American International Group (AIG), surveyed cyber security and risk experts to gain a deeper understanding of their views of the likelihood and impact of a systemic cyber-attack (an attack on more than one target, focused on a particular industry or sector of the economy). Not surp...

Read More

Cyber Insurance and DDoS CYBER INSURANCE AND DDOS

blog article

Jul 21, 2017

This past spring American International Group (AIG), one of the largest cyber insurance companies, surveyed  cyber security and risk experts to gain a deeper understanding of their views of the likelihood and impact of a systemic cyber-attack (an attack on more than one target, focused on a par...

Read More

Fight The Growing Cybersecurity Challenge in Health Care FIGHT THE GROWING CYBERSECURITY CHALLENGE IN HEALTH CARE

blog article

Jul 20, 2017

All industries need a sound cybersecurity strategy and incident response plan, but that is especially the case for health care given that instances of data breaches are on the rise. In its 2017 Internet Security Threat Report, Symantec noted that health care was listed second in the services industr...

Read More

The Cybersecurity Canon – How to Measure Anything: Finding the Value of ‘Intangibles’ in Business THE CYBERSECURITY CANON – HOW TO MEASURE ANYTHING: FINDING THE VALUE OF ‘INTANGIBLES’ IN BUSINESS

blog article

Jul 19, 2017

Douglas Hubbard’s “How to Measure Anything: Finding the Value of ‘Intangibles’ is an excellent candidate for the Cybersecurity Canon Hall of Fame. He describes how it is possible to collect data to support risk decisions for even the hardest kinds of questions. He says that n...

Read More

Evil Corp Hires Criminal Hackers For Highly Targeted Ransomware Infections EVIL CORP HIRES CRIMINAL HACKERS FOR HIGHLY TARGETED RANSOMWARE INFECTIONS

blog article

Jul 19, 2017

The Register just wrote about the difference between your run-of-the-mill spray-and-pray ransomware infections, and highly targeted manual deployment attacks like the SamSam or Samas attacks that have hit hospitals recently, locking all machines and demand exorbitant ransoms. The attacks are targete...

Read More

How to Stop the Menace of Android Rooting Malware Attacks with RASP HOW TO STOP THE MENACE OF ANDROID ROOTING MALWARE ATTACKS WITH RASP

blog article

Jul 17, 2017

One of the key security issues facing organizations that support Android devices is the risk of rooting malware. A number of malware families on the Android mobile OS attempt to obtain root access once installed because the elevated privileges gained come in handy to perform malicious activities. Th...

Read More

Four Key Elements of Real-Time DDoS Defense FOUR KEY ELEMENTS OF REAL-TIME DDOS DEFENSE

blog article

Jul 17, 2017

Recent technology developments have made it possible to see and stop distributed denial of service (DDoS) attacks when they attempt to enter your network, before they can do any damage. With this in mind, we have compiled a list of four elements of a DDoS defense system that will enable your busines...

Read More

June’s Most Wanted Malware: RoughTed Malvertising Campaign Impacts 28% of Organizations JUNE’S MOST WANTED MALWARE: ROUGHTED MALVERTISING CAMPAIGN IMPACTS 28% OF ORGANIZATIONS

blog article

Jul 17, 2017

Check Point’s latest Global Threat Impact Index revealed that 28% of organizations globally were affected by the Roughted malvertising campaign during June. A large-scale malvertising campaign, RoughTed is used to deliver links to malicious websites and payloads such as scams, adware, exploit ...

Read More

CYBERATTACKS ARE HERE: SECURITY LESSONS FROM JON SNOW, WHITE WALKERS & OTHERS FROM GAME OF THRONES CYBERATTACKS ARE HERE: SECURITY LESSONS FROM JON SNOW, WHITE WALKERS & OTHERS FROM GAME OF THRONES

blog article

Jul 15, 2017

As most of you have probably seen, we recently announced our new human point brand campaign. Put simply, we are leading the way in making security not just a technology issue, but a human-centric one. In light of this, I thought it would be fun to personify threats to the enterprise with one of my f...

Read More

The Service Side of Denial of Service THE SERVICE SIDE OF DENIAL OF SERVICE

blog article

Jul 13, 2017

Over the past four years, communications service providers (CSPs) have taken measurable strides to migrate network functions and applications to the cloud. And while we are not there yet, it’s clear that the cloud will drive the future of service innovation. However, in my view, the very defin...

Read More

FORCEPOINT JUMPS TO THE VISIONARIES QUADRANT IN 2017 GARTNER MAGIC QUADRANT FOR ENTERPRISE NETWORK FIREWALLS FORCEPOINT JUMPS TO THE VISIONARIES QUADRANT IN 2017 GARTNER MAGIC QUADRANT FOR ENTERPRISE NETWORK FIREWALLS

blog article

Jul 13, 2017

It’s official: Gartner has just named Forcepoint a Visionary in its 2017 Magic Quadrant for Enterprise Network Firewalls. In addition, we believe we were placed in the top-most position for Ability to Execute within the quadrant. This is a part of a growing series of accolades that Forcepoint ...

Read More

Karo Ransomware Raises Stakes for Victims by Threatening to Disclose Private Information KARO RANSOMWARE RAISES STAKES FOR VICTIMS BY THREATENING TO DISCLOSE PRIVATE INFORMATION

blog article

Jul 13, 2017

A ransomware victim must have a compelling reason to go through the burdensome process of obtaining Bitcoin and paying the ransom. For many victims, the threat of permanently losing access to their files is enough. However, some ransomware authors and criminals seek to push victims harder by raising...

Read More

Email Security Requires A Multi-Front Approach EMAIL SECURITY REQUIRES A MULTI-FRONT APPROACH

blog article

Jul 11, 2017

Thus begins your stereotypical crime novel. But let’s discuss an entirely different crime – fact, not fiction – that most commonly transpires in broad daylight, in a familiar setting. Let’s discuss a cybercrime: infiltration of an organization’s email accounts. Why is e...

Read More

Russians Are Suspects in Phishing Attacks Involving U.S. Nuclear Site RUSSIANS ARE SUSPECTS IN PHISHING ATTACKS INVOLVING U.S. NUCLEAR SITE

blog article

Jul 07, 2017

A report from the FBI and the US Department of Homeland Security warns of malware attacks targeting mainly nuclear power stations, and energy facilities. The attacks started May this year. These attacks are getting an amber rating, the second highest level, and this far look like "credential sp...

Read More

How the CopyCat malware infected Android devices around the world HOW THE COPYCAT MALWARE INFECTED ANDROID DEVICES AROUND THE WORLD

blog article

Jul 06, 2017

Check Point researchers identified a mobile malware that infected 14 million Android devices, rooting approximately 8 million of them, and earning the hackers behind the campaign approximately $1.5 million in fake ad revenues in two months. The malware, dubbed CopyCat by Check Point mobile threat re...

Read More

New Dark Web Site Offers Automated Social Engineering-As-A-Service NEW DARK WEB SITE OFFERS AUTOMATED SOCIAL ENGINEERING-AS-A-SERVICE

blog article

Jul 05, 2017

A June 30, 2017 post on Motherboard revealed a V1.0 of a site that does automated social engineering as a service, and has been in operation since June 2016. They wrote: "In the internet underground, cybercriminals regularly exchange stolen credit card and debit card numbers and people's pe...

Read More

Ukraine’s Security Service Blames Russia for Petya Cyberattack UKRAINE’S SECURITY SERVICE BLAMES RUSSIA FOR PETYA CYBERATTACK

blog article

Jul 03, 2017

Ukraine’s security service has claimed it has obtained proof that its Russian counterpart was involved in the cyber-attack. On Saturday, Ukraine’s state security service (SBU) claimed that Russian security forces were involved in the ‘Petya’ ransomware outbreak, further alleg...

Read More

4 Insights on Global Cybersecurity Challenges Directly from the CISOs 4 INSIGHTS ON GLOBAL CYBERSECURITY CHALLENGES DIRECTLY FROM THE CISOS

blog article

Jun 30, 2017

You’d think with a broad a cross section of companies from around the world that the cybersecurity issues would also vary greatly? While there were differences, four common threads were easy to find – talent acquisition and retention; budget dollars for prevention vs. monitoring/detectio...

Read More

In the Aftermath of the IN THE AFTERMATH OF THE 'NOTPETYA' ATTACK

blog article

Jun 29, 2017

Overseeing cybersecurity risk and responding to stakeholder concerns can be a complex task, particularly in the case of a fast-moving crisis like Tuesday’s global ransomware attack. While it appears the worst of the outbreak is over, here’s what we’ve learned along with recommendat...

Read More

HOW TO GET EVERYONE INVOLVED IN CYBERSECURITY HOW TO GET EVERYONE INVOLVED IN CYBERSECURITY

blog article

Jun 27, 2017

Security professionals have a saying: “The attacker only has to be right once, we have to be right every time.” Translation? According to Jamie Winterton, director of strategy, ASU’s Global Security Initiative, it’s a call to action across the organization. “Anyone atta...

Read More

How AI detects and mitigates cyber attacks in software-defined data centers HOW AI DETECTS AND MITIGATES CYBER ATTACKS IN SOFTWARE-DEFINED DATA CENTERS

blog article

Jun 22, 2017

Earlier this month Vectra announced plans to leverage the capabilities of VMware NSX to accelerate the detection and mitigation of hidden cyber attackers in virtualized data centers. Vectra currently applies artificial intelligence to automatically detect attacker behaviors inside virtualized data c...

Read More

What the Spartans Can Teach Us About Cybersecurity WHAT THE SPARTANS CAN TEACH US ABOUT CYBERSECURITY

blog article

Jun 22, 2017

Almost 2,500 years ago Leonidas and his force of roughly 7,000 Greek soldiers battled against Xerxes and his Persian army numbering in the hundreds of thousands. The Greeks held off the Persian army for seven days at a mountain pass named Thermopylae providing critical time for Athens to be evacuate...

Read More

Tracking and Mitigating Zyklon Phishing Using Threat Intelligence and Yara TRACKING AND MITIGATING ZYKLON PHISHING USING THREAT INTELLIGENCE AND YARA

blog article

Jun 21, 2017

The Zyklon HTTP Botnet malware is a tool that is readily accessible to threat actors in online criminal marketplaces and has been observed in use for various criminal activities. Among its features is the ability to log the keystrokes typed by a victim as well as to collect other private or sensitiv...

Read More

May’s Most Wanted Malware: Fireball and Wannacry Impact More Than 1 in 4 Organizations Globally MAY’S MOST WANTED MALWARE: FIREBALL AND WANNACRY IMPACT MORE THAN 1 IN 4 ORGANIZATIONS GLOBALLY

blog article

Jun 20, 2017

Check Point’s latest Global Threat Impact Index revealed more than one in four organizations globally was affected by the Fireball or Wannacry attacks during May– in the company’s latest Global Threat Impact Index.The top three malware families that impacted networks globally were ...

Read More

The EU Warns of “Joint” Response to Cyberattacks THE EU WARNS OF “JOINT” RESPONSE TO CYBERATTACKS

blog article

Jun 19, 2017

Amid ever-growing fears of cybercriminals and malicious hackers holding governments and its citizens to ransom, the European Union (EU) has warned that a cyberattack against a single member state will entice a collective response from all EU members. In a meeting in Luxembourg, EU foreign ministers ...

Read More

FIN10: Anatomy of a Ransomware Phishing Extortion Operation FIN10: ANATOMY OF A RANSOMWARE PHISHING EXTORTION OPERATION

blog article

Jun 17, 2017

Cyber security firm FireEye reported that that a number of Canadian mines and casinos were hacked by a group named FIN10 – FireEye labels FIN10 to be “one of the most disruptive threat actors observed in the region.”  It has been identified that these cyber criminals might be ...

Read More

91% of Cyber Attacks Start with a Phishing Email: Here 91% OF CYBER ATTACKS START WITH A PHISHING EMAIL: HERE'S HOW TO PROTECT AGAINST PHISHING

blog article

Jun 16, 2017

Phishing attacks continue to grow in sophistication and effectiveness – here’s how to defend against this common threat. A cybercriminal is just one phishing email away from gaining unfettered access to your device, network, and valuable data. Phishing emails hold the potential to bypass...

Read More

Phantom of the Opaera: New KASPERAGENT Malware Campaign PHANTOM OF THE OPAERA: NEW KASPERAGENT MALWARE CAMPAIGN

blog article

Jun 14, 2017

ThreatConnect has identified a KASPERAGENT malware campaign leveraging decoy Palestinian Authority documents. The samples date from April - May 2017, coinciding with the run up to the May 2017 Palestinian Authority elections. Although we do not know who is behind the campaign, the decoy documents&rs...

Read More

TrickBot Featured in New Wave of Phishing Emails Signaling Renewed Use of this Botnet Malware TRICKBOT FEATURED IN NEW WAVE OF PHISHING EMAILS SIGNALING RENEWED USE OF THIS BOTNET MALWARE

blog article

Jun 13, 2017

The TrickBot financial crimes and botnet malware has seen mild usage since its introduction in late 2016. While it is able to emulate many of the features that made the Dyre trojan so successful, many aspects of its deployment left it rough around the edges. Examples of this roughness like persisten...

Read More

Threat Spotlight: Breaking Down FF-Rat Malware THREAT SPOTLIGHT: BREAKING DOWN FF-RAT MALWARE

blog article

Jun 13, 2017

FF-RAT is a family of malware used in a number of targeted attacks over at least the last five years. It is by no means a new threat, but it is still actively used and developed and worthy of a breakdown in an effort to defend against it. FF-Rat malware has managed to stay under the radar and does n...

Read More

New PowerPoint Social Engineering Attack Installs Malware Without Requiring Macros NEW POWERPOINT SOCIAL ENGINEERING ATTACK INSTALLS MALWARE WITHOUT REQUIRING MACROS

blog article

Jun 09, 2017

Researchers at Security firm SentinelOne reported that a group of hackers is using malicious PowerPoint files to distribute 'Zusy,' a banking Trojan, also known as 'Tinba' (Tiny Banker). They said in a blog post: "A new variant of a malware called 'Zusy' has been found i...

Read More

Chain Reaction:  The New Wave of Mobile Attacks CHAIN REACTION: THE NEW WAVE OF MOBILE ATTACKS

blog article

Jun 08, 2017

The main purpose of any business is to grow and be more successful – and that applies to criminal organizations just as much as it does to legitimate companies.  Cybercriminals have found that attacks specifically targeting smartphones and tablets, particularly those that incorporate a ra...

Read More

Top Secret NSA Doc Shows Russians Spear-Phishing Election Officials TOP SECRET NSA DOC SHOWS RUSSIANS SPEAR-PHISHING ELECTION OFFICIALS

blog article

Jun 06, 2017

The Intercept reported that the GRU (Russian Military Intelligence, the FSB's counterpart) executed a cyberattack on at least one U.S. voting software supplier and sent spear-phishing emails to more than 100 local election officials just days before last November’s presidential election, a...

Read More

Attack Detection: The Crucial First Step in DDoS Mitigation ATTACK DETECTION: THE CRUCIAL FIRST STEP IN DDOS MITIGATION

blog article

May 31, 2017

At Corero, we understand that early detection is a fundamental part of any security solution. When most people think of distributed denial of service (DDoS) attacks, they think of massive volumetric attacks that crash websites or networks. In reality, the majority of DDoS attacks are small in size a...

Read More

Spear Phishing Fileless Attack with CVE-2017-0199 SPEAR PHISHING FILELESS ATTACK WITH CVE-2017-0199

blog article

May 30, 2017

CVE-2017-0199 is a remote code execution vulnerability that exists in the way that Microsoft Office and WordPad parse specially crafted files. An attacker who successfully exploits this vulnerability can take control of an affected system and then install programs, view, change, or delete data, or c...

Read More

A stolen version of DMA Locker is making the rounds A STOLEN VERSION OF DMA LOCKER IS MAKING THE ROUNDS

blog article

May 29, 2017

Ransomware has become a popular criminal business with a relatively easy entrance. Even the people with little technical knowledge can build their own ransomware-based on open source code, that has been published on the internet some time ago. Nevertheless, cybercriminals keep stealing, not only fro...

Read More

Scam Of The Week: Tech Support Exploits Wanacry Ransomware Fears SCAM OF THE WEEK: TECH SUPPORT EXPLOITS WANACRY RANSOMWARE FEARS

blog article

May 29, 2017

We all know about the infamous WanaCry ransomworm which caused a worldwide 1 billion dollars in damage, targeting mainly un-patched Windows 7 machines. As expected, the bad guys are now exploiting the mass media coverage and have come up with tech support scams that use the fears of people about get...

Read More

REDUCING ATTACK SURFACES, HARDENING CYBERSECURITY REDUCING ATTACK SURFACES, HARDENING CYBERSECURITY

blog article

May 28, 2017

With the WannaCry ransomware still lingering, the threat of a car held for ransom has begun to receive widespread attention beyond the automotive cyber security community. Ransomware attacks provide thieves easy money, and connected cars are potentially lucrative targets. It’s important to tem...

Read More

Cyber-Security in 120 Secs: Preventing The Consequences CYBER-SECURITY IN 120 SECS: PREVENTING THE CONSEQUENCES

blog article

May 26, 2017

This week enSilo issued a free patch in preparation for cyber attackers exploiting ESTEEMAUDIT; WannaCry may have left the headlines, but it still lingers as criminals integrated it in tech-scams;  Subtitles are thoughtlessly downloaded for movies/T.V. shows and now cyber criminals are embeddin...

Read More

New Phishing Emails Deliver Malicious .ISO Files to Evade Detection NEW PHISHING EMAILS DELIVER MALICIOUS .ISO FILES TO EVADE DETECTION

blog article

May 26, 2017

ISO images are typically used as an archive format for the content of an optical disk and are often utilized as the installers for operating system. However, in this case, a threat actor leveraged this archive format as a means to deliver malware content to the recipients of their phishing email. An...

Read More

ISP DDoS Protection May Not Cover All of Bases ISP DDOS PROTECTION MAY NOT COVER ALL OF BASES

blog article

May 25, 2017

Most organizations cannot rely solely on on-premise solutions because of the volumetric aspects of DDoS attacks. Multi gigabit-sized attacks cause on-premise connection lines to fill up, and organizations to go offline. Vulnerabilities with CDNs also has limitations for organizations. On-premise and...

Read More

The Judy Malware: Possibly the largest malware campaign found on Google Play THE JUDY MALWARE: POSSIBLY THE LARGEST MALWARE CAMPAIGN FOUND ON GOOGLE PLAY

blog article

May 25, 2017

Check Point researchers discovered another widespread malware campaign on Google Play, Google’s official app store. The malware, dubbed “Judy”, is an auto-clicking adware which was found on 41 apps developed by a Korean company. The malware uses infected devices to generate large a...

Read More

BROKERS IN THE SHADOWS: Analyzing vulnerabilities and attacks spawned by the leaked NSA hacking tools BROKERS IN THE SHADOWS: ANALYZING VULNERABILITIES AND ATTACKS SPAWNED BY THE LEAKED NSA HACKING TOOLS

blog article

May 25, 2017

Rarely does the release of an exploit have such a large impact across the world. With the recent leak of the NSA exploit methods, we saw the effects of powerful tools in the wrong hands. On April 14, 2017, a group known as the Shadow Brokers released a large portion of the stolen cyber weapons in a ...

Read More

EU GDPR Final Countdown: How to Prepare Your Security Program EU GDPR FINAL COUNTDOWN: HOW TO PREPARE YOUR SECURITY PROGRAM

blog article

May 25, 2017

One year from today, the European Union (EU) General Data Protection Regulation (GDPR) will impose strict data breach disclosure regulations, requiring organizations to notify authorities within 72 hours of becoming aware of a data breach.

Read More

Five unsettling cyberthreats FIVE UNSETTLING CYBERTHREATS

blog article

May 24, 2017

Cyberthreats are typically boring, repetitive, and require a reasonably predictable remediation process. A SQL injection is a SQL injection, no matter who’s trying it.  But what about the outliers? What about threats that impact you, but you can’t remediate, or establish a policy to...

Read More

Is DDoS Protection Right For You? IS DDOS PROTECTION RIGHT FOR YOU?

blog article

May 24, 2017

Recently, Neustar, a provider of real-time information services, released the findings from its fourth annual Worldwide DDoS Attacks and Cyber Insights Research Report. The report documents the frequency and cost of attacks and what measures are being taken to counter these threats.

Read More

WannaCry Highlights an Evolving Threat Landscape WANNACRY HIGHLIGHTS AN EVOLVING THREAT LANDSCAPE

blog article

May 24, 2017

The WannaCry ransomware incident has galvanized global media coverage and dominated discussion among information security professionals since Friday, May 12. The speed with which this malware was able to spread within enterprise networks and how rapidly so many large organizations were impacted is u...

Read More

Kevin Mitnick And I Did The Cyber Investing Summit Keynote At The NYSE KEVIN MITNICK AND I DID THE CYBER INVESTING SUMMIT KEYNOTE AT THE NYSE

blog article

May 24, 2017

The Second Annual Cyber Investing Summit met yesterday at the New York Stock Exchange, and Kevin and I did the keynote, the first time in 5 years that Kevin and I made it on stage together, which was a lot of fun. We showed how easy it is to clone a prox card, to send someone a phishing attack with ...

Read More

Stealing Windows credentials using Google Chrome STEALING WINDOWS CREDENTIALS USING GOOGLE CHROME

blog article

May 23, 2017

Security researcher Bosko Stankovic recently published an article explaining how an attacker could use Chrome, the SMB file sharing protocol, and Windows Explorer Shell Command File to steal victims credentials.

Read More

Prepare for Increasing Frequency of “Nation-State” Cyberattacks with Strategy, not Technology PREPARE FOR INCREASING FREQUENCY OF “NATION-STATE” CYBERATTACKS WITH STRATEGY, NOT TECHNOLOGY

blog article

May 22, 2017

Let me pose a question: “Is it a bad thing to give the average person a hand grenade with the pin pulled?” I think most of us would respond to that question with an emphatic “YES!”  No one in their right mind would think it's a good idea in any possible reality to al...

Read More

The New Ransom Target: Entertainment Files. Who Is The Next Phishing Victim? THE NEW RANSOM TARGET: ENTERTAINMENT FILES. WHO IS THE NEXT PHISHING VICTIM?

blog article

May 21, 2017

First, A few months ago, very much under the radar, attackers used spoofed emails to impersonate an executive of Interscope Records, the record label owned by Universal Music Group.This CEO fraud targeted two music-related businesses: September Management, and Cherrytree Music Company, and social en...

Read More

Threat Profile: Jaff Ransomware THREAT PROFILE: JAFF RANSOMWARE

blog article

May 20, 2017

Last week, a massive wave of spam email that infects victims with a new type of ransomware, dubbed "Jaff", flooded networks across Europe, North America and Australia. Estimates put the number of malicious emails in the tens of millions.

Read More

Scam Of The Week: Massive DocuSign Phishing Attacks SCAM OF THE WEEK: MASSIVE DOCUSIGN PHISHING ATTACKS

blog article

May 20, 2017

DocuSign has admitted they were the victim of a data breach that has led to massive phishing attacks which used exfiltrated DocuSign information. Ouch. So here is your Scam Of The Week.  They discovered the data breach when on May 9, 15, and 17 DocuSign customers were being targeted with phishi...

Read More

WANNACRY, OAUTH PHISHING AND THE ADVENT OF OPPORTUNISTIC, VIRAL CYBERCRIME WANNACRY, OAUTH PHISHING AND THE ADVENT OF OPPORTUNISTIC, VIRAL CYBERCRIME

blog article

May 18, 2017

On Friday, May 12th, a strain of ransomware called Wana Decrypt0r, or WannaCry, spread across the globe, infecting hundreds of thousands of organizations (and counting) in 150 countries within a few short days. It is the fastest spreading and most prolific ransomware attack to date.The attack has be...

Read More

BrickerBot only attacks compromised devices BRICKERBOT ONLY ATTACKS COMPROMISED DEVICES

blog article

May 18, 2017

BrickerBot uses a network of globally distributed devices that are passively detecting exploit attempts from devices infected with IoT bots such as Mirai and Hajime. BrickerBot reacts to an exploit attempt by scanning the source of the exploit for a set number of ports, trying to secure the device (...

Read More

Tales from the Trenches: DocuSign® DELoader Phishing Attack TALES FROM THE TRENCHES: DOCUSIGN® DELOADER PHISHING ATTACK

blog article

May 17, 2017

Over the past several days, the Phishing Defense Center identified and responded to several messages related to an ongoing phishing email campaign spoofing DocuSign to carry out an attack. These messages appear to be official DocuSign emails including links to review the document. Upon clicking the ...

Read More

WannaCry: Are you safe? WANNACRY: ARE YOU SAFE?

blog article

May 16, 2017

A few days ago saw the beginning of the Trojan encryptor WannaCry outbreak. It appears to be pandemic — a global epidemic. We counted more than 45,000 cases of the attack in just one day, but the true number is much higher.What happened?Several large organizations reported an infection simulta...

Read More

Threat Brief: WanaCrypt0r– What We Know THREAT BRIEF: WANACRYPT0R– WHAT WE KNOW

blog article

May 16, 2017

Initial reports said that the WanaCrypt0r attack began as part of a spam/phishing campaign. Unit 42 and other researchers have concluded that these reports are not substantiated. While the initial attack vector for these attacks is unknown, it is certain that the spread of the ransomware occurs thro...

Read More

CRYING IS FUTILE: SandBlast Forensic Analysis of WannaCry CRYING IS FUTILE: SANDBLAST FORENSIC ANALYSIS OF WANNACRY

blog article

May 16, 2017

Using the NSA exploit EternalBlue released by the Shadow Brokers, the WannaCry ransomware developers have added their names to malware lore. Given the number of institutions hit and the amount of media generated, it seemed appropriate to show what the ransomware actually does on a system through our...

Read More

Shadow Brokers Offer New SaaS 0-Day Threat Subscription Model SHADOW BROKERS OFFER NEW SAAS 0-DAY THREAT SUBSCRIPTION MODEL

blog article

May 16, 2017

The mysterious Shadow Brokers – the hackers who leaked the NSA SMB zero-day exploit that powered WanaCry into the world's worst ransomworm – are back, and could cause even more damage.

Read More

Ransomware - Answer with a Solid Cyber Security Strategy RANSOMWARE - ANSWER WITH A SOLID CYBER SECURITY STRATEGY

blog article

May 14, 2017

Last week’s news about cyberattacks was sobering. Cybercrime is rampant and notorious. “WannaCry,” “Jaff,” and “Cerber” - the names of the attacks that got the most publicity - read like names of gangsters from the days of Prohibition, with unique personalit...

Read More

Second WannaCry wave spreads the globe SECOND WANNACRY WAVE SPREADS THE GLOBE

blog article

May 14, 2017

Although a second kill switch has been identified and registered today, there is no certainty that this second kill switch will address all malware variants. Europol continues to recommend that one of the best defenses is to take advantage of the patches released by Microsoft.

Read More

Top 10 Most Dangerous Phishing Attack Of The Week May 14 TOP 10 MOST DANGEROUS PHISHING ATTACK OF THE WEEK MAY 14

blog article

May 14, 2017

KnowBe4 gets thousands of phishing attacks reported weekly through our free Phish Alert Button, and we pick the 10 most tricky ones, defang them, and put these into a phishing campaign you can send to your users. The template category is called Reported Phishes of the Week. Here are this week's ...

Read More

WANNACRY RANSOMWARE-WORM TARGETS UNPATCHED SYSTEMS WANNACRY RANSOMWARE-WORM TARGETS UNPATCHED SYSTEMS

blog article

May 13, 2017

Yesterday, the world saw one of the most significant malware outbreaks for quite some time: our news feeds are full of the news of this cyber attack with institutions in many countries being impacted and reports of whole computer networks being shut down. The malware's ability to self-propagate ...

Read More

VetsinTech: Veterans Eager to Serve in Cybersecurity VETSINTECH: VETERANS EAGER TO SERVE IN CYBERSECURITY

blog article

May 12, 2017

Last month, Palo Alto Networks was honored to host a class for 12 military veterans in partnership with VetsInTech. This program is unique compared to other classes we typically host because the veterans who participate are new to cybersecurity, unlike many of our customer students who have built ca...

Read More

WannaCry Ransomware Attack Wreaks Havoc Across Globe WANNACRY RANSOMWARE ATTACK WREAKS HAVOC ACROSS GLOBE

blog article

May 12, 2017

May 12, 2017 now marks an unwelcome milestone in hacking history; the largest-ever ransomware attackoccurred that day, affecting thousands of private and public sector agencies across 150 countries. No one has claimed responsibility for the attack—dubbed “WannaCry”—but it is ...

Read More

WCry / WannaCry Ransomware Devastates Across the Globe WCRY / WANNACRY RANSOMWARE DEVASTATES ACROSS THE GLOBE

blog article

May 12, 2017

According to the NY Times, the WCry ransomware arrives via a phishing email. Once executed, the exploit, dubbed “EternalBlue” spreads via a Windows network share vulnerability to infect other machines accessible on the same network. A software patch has been available since March of this...

Read More

Raising Cyber Security Awareness Training Doesn’t Have to be Boring RAISING CYBER SECURITY AWARENESS TRAINING DOESN’T HAVE TO BE BORING

blog article

May 12, 2017

You may not be aware that the Wall Street Journal recently created a separate WSJ Pro Cybersecurity newsletter in the form of a regular email with relevant news.Of course I subscribed to it and today, Rob Sloan, cybersecurity research director at WSJ Pro wrote some important observations related to ...

Read More

Why Cyber Security as a Service Models Are Growing More Popular WHY CYBER SECURITY AS A SERVICE MODELS ARE GROWING MORE POPULAR

blog article

May 11, 2017

We recently had Anthony Morrone, DuPont’s Chief Information Security Officer (CISO), speak about the challenges he faces preparing for the merger of his company and Dow Chemical. The union of the two chemical giants, and subsequent creation of three independent technology and innovation-based ...

Read More

SLocker malware is back: over 400 new variants detected by MI:RIAM SLOCKER MALWARE IS BACK: OVER 400 NEW VARIANTS DETECTED BY MI:RIAM

blog article

May 10, 2017

Remember the SLocker malware outbreak you heard about last summer? The one that held Android devices ransom until the user paid whatever the hacker demanded? The threat that seemingly disappeared after only a few weeks?We do.

Read More

New York State Gets Bullish on Cyber Security Programs NEW YORK STATE GETS BULLISH ON CYBER SECURITY PROGRAMS

blog article

May 09, 2017

Last year, New York experienced an unprecedented number of data breaches triggered by hacking, malicious insiders and accidental causes according to the attorney general.  Coincidentally, in late September of 2016, the New York State Department of Financial Services (NYDFS) proposed 23 NYCRR 50...

Read More

5 Essential Qualities to Look for in a DDoS Mitigation Solution 5 ESSENTIAL QUALITIES TO LOOK FOR IN A DDOS MITIGATION SOLUTION

blog article

May 09, 2017

When shopping around for distributed denial of service (DDoS) mitigation services, enterprises would be wise to determine which kind of protection their business needs. Some companies are motivated to look for DDoS protection because they have experienced a volumetric attack; i.e., a large-scale att...

Read More

Warren Buffett: "Cyber Security Is The Number One Problem With Mankind". WARREN BUFFETT: "CYBER SECURITY IS THE NUMBER ONE PROBLEM WITH MANKIND".

blog article

May 07, 2017

Business Insider just wrote: "Warren Buffett sees cyber attacks as a bigger threat to humanity than nuclear weapons."I'm very pessimistic on weapons of mass destruction generally although I don't think that nuclear probably is quite as likely as either primarily biological and mayb...

Read More

Gmail Phishing Attack Strikes at Heart of API Economy GMAIL PHISHING ATTACK STRIKES AT HEART OF API ECONOMY

blog article

May 05, 2017

The phishing attack launched against Gmail accounts this week represents the opening of a new front in the cybersecurity war that strikes at the heart of the API economy.Unlike other phishing attacks that require end user to log into a fake web site to give up their password, the phishing attack lau...

Read More

Ransomware Scum Decide What You Have To Pay By Reading The Economist RANSOMWARE SCUM DECIDE WHAT YOU HAVE TO PAY BY READING THE ECONOMIST

blog article

May 05, 2017

Russian organized cybercrime now has a surprising method of determining how much to ask for – the Big Mac index from The Economist.Security firm Recorded Future blogged that in March, a user of a Russian cybercrime forum promoted a new RaaS (ransomware-as-a-service product) called “Fatbo...

Read More

Increasingly Clever Phishing Attacks like OAuth Are The New Normal INCREASINGLY CLEVER PHISHING ATTACKS LIKE OAUTH ARE THE NEW NORMAL

blog article

May 04, 2017

In the past, an attacker looking to steal credentials would craft a convincing email and landing page that did not trigger any red flags to the user. Attackers could be certain that at least 11% of people, even those who’d had phishing awareness training, would click malicious email links. Loo...

Read More

Radware’s Cyber Ninjas Mitigated a Spoofed-IPs Attack of Several Hundred Gbps RADWARE’S CYBER NINJAS MITIGATED A SPOOFED-IPS ATTACK OF SEVERAL HUNDRED GBPS

blog article

May 04, 2017

This was sophisticated combat, as it turned out. The customer has experienced multi-vector attacks in varying rates and random bursts of hundreds of Gbps each peak. The vector blend was changing and it was clear that the attackers are not only determined to knock the service offline, but keep it dow...

Read More

Google Docs Users Hit with Massive Phishing Attack GOOGLE DOCS USERS HIT WITH MASSIVE PHISHING ATTACK

blog article

May 04, 2017

On Wednesday morning (PST), users of the popular Google Docs software suite were targeted in a comprehensive phishing campaign that allowed attackers to obtain victims’ contact lists while accessing their Gmail accounts to spread spam.

Read More

Massive Google Doc Phishing Attack Propagated Through Social Engineering MASSIVE GOOGLE DOC PHISHING ATTACK PROPAGATED THROUGH SOCIAL ENGINEERING

blog article

May 04, 2017

A very convincing Google Docs phishing scheme raced through the internet yesterday, looking like it came from someone you know. It was almost spreading as fast as a real computer worm, but this was driven by social engineering the end-users instead.

Read More

KONNI: A Malware Under The Radar For Years KONNI: A MALWARE UNDER THE RADAR FOR YEARS

blog article

May 03, 2017

Talos has discovered an unknown Remote Administration Tool that we believe has been in use for over 3 years. During this time it has managed to avoid scrutiny by the security community. The current version of the malware allows the operator to steal files, keystrokes, perform screenshots, and execut...

Read More

DDoS Attacks: The Changing Legal and Regulatory Landscape DDOS ATTACKS: THE CHANGING LEGAL AND REGULATORY LANDSCAPE

blog article

May 03, 2017

In the United States, at least, the public-at-large and the Federal government have begun to see Internet service providers as utilities rather than just another consumer service. In 2015 the Federal Communications Commission (FCC) approved regulations that treated Internet service providers more li...

Read More

Google Doc Phishing Attack Hits Fast and Hard GOOGLE DOC PHISHING ATTACK HITS FAST AND HARD

blog article

May 03, 2017

In the process of managing phishing threats for our customers, our Phishing Defense Center and PhishMe Intelligence teams saw a flood of suspicious emails with subject line stating that someone has “has shared a document on Google Docs with you”, which contained a link to “Open in ...

Read More

Ransomware Causes 90-day Downtime And 700K Damages For Law Firm Who Then Sues Their Insurer RANSOMWARE CAUSES 90-DAY DOWNTIME AND 700K DAMAGES FOR LAW FIRM WHO THEN SUES THEIR INSURER

blog article

May 03, 2017

PROVIDENCE, R.I. — Cybercriminals held a Providence law firm hostage for months by encrypting its files and demanding $25,000 in ransom paid in Bitcoin to restore access, according to a lawsuit filed in U.S. District Court.

Read More

Time for something different because what’s being done isn’t working DDoS Advantage: Attacker TIME FOR SOMETHING DIFFERENT BECAUSE WHAT’S BEING DONE ISN’T WORKING DDOS ADVANTAGE: ATTACKER

blog article

May 02, 2017

Last year we saw some really awful devastation caused by DDoS attacks and a lot had to do with how attackers used resources, IoT devices most notably, to launch some pretty large attacks. The code used to cause these large outages was published openly and soon after, all sorts of attacks and variant...

Read More

How to Identify and Block an Application Attacker HOW TO IDENTIFY AND BLOCK AN APPLICATION ATTACKER

blog article

May 02, 2017

Attacks against applications have become increasingly common. In this post, we explain how you can identify and block an application attacker using A10 Lightning Application Delivery Service (ADS) and A10 Harmony Controller.

Read More

Study: DDoS Attacks Continue to be a Significant Security and Business Concern STUDY: DDOS ATTACKS CONTINUE TO BE A SIGNIFICANT SECURITY AND BUSINESS CONCERN

blog article

May 02, 2017

A study has revealed that distributed denial of service or DDoS attacks continues to have a devastating impact on businesses, costing an organization as much as $2.5 million in revenue on average.

Read More

April Sees Spikes in Geodo Botnet Trojan APRIL SEES SPIKES IN GEODO BOTNET TROJAN

blog article

May 02, 2017

Throughout April, our Phishing Defense Team observed an increase in malicious URLs that deliver the financial crimes and botnet trojan known as Geodo. These emails take a simple approach to social engineering, using just a sentence or two prompting the victim to click on a link to see a report or in...

Read More

Copycat Hacker Group Spreads Panic: ZENEDGE Has Got You Covered COPYCAT HACKER GROUP SPREADS PANIC: ZENEDGE HAS GOT YOU COVERED

blog article

May 01, 2017

A recent series of ransom letters demanding payment in bitcoin to prevent Distributed Denial of Service (DDoS) and other types of attacks have been sent to businesses across the globe in a variety of different sectors. The hacker group responsible claimed to be the Armada Collective, a black hat gro...

Read More

HandBrake hacked to drop new variant of Proton malware HANDBRAKE HACKED TO DROP NEW VARIANT OF PROTON MALWARE

blog article

May 01, 2017

Last year, the Transmission torrent app was hacked not just once, but twice, to install the KeRanger ransomware and, later, the Keydnap backdoor. Now, the same thing has happened to the popular DVD-ripping HandBrake app, which is installing a new variant of the Proton malware.

Read More

The Economist on the Cyber Security Industry THE ECONOMIST ON THE CYBER SECURITY INDUSTRY

blog article

May 01, 2017

A recent copy of the Economist caught my eye with the front page headline of “Why computers will never be safe”.For a non-technical publication they have managed to give some great insight into the reasons why the security industry has a problem.

Read More

Orange is the New Hack? ORANGE IS THE NEW HACK?

blog article

May 01, 2017

One of the most popular Netflix series, Orange is the New Black, scored an early parole due to some bad behavior this weekend. TheDarkOverload, the group claiming responsibility for the hack, already released the season five premier and is threatening to release “a trove of unreleased TV shows...

Read More

Perspective on the New York Cybersecurity Regulations PERSPECTIVE ON THE NEW YORK CYBERSECURITY REGULATIONS

blog article

May 01, 2017

As of March 1st 2017, New York became the first state in the nation to define cybersecurity regulations for financial institutions. These regulations (find them here) applies to financial entities regulated by New York’s Department of Financial Services (DFS), including banks, trusts, budget p...

Read More

The continuing threat of POS malware THE CONTINUING THREAT OF POS MALWARE

blog article

May 01, 2017

Point-of-sale systems have seen numerous changes in recent years. From the shift to chip-card readers and the inclusion of new technology for contactless mobile payments, POS systems aren't just for swiping cards anymore.

Read More

First Ever ‘Major Scale’ Mac Malware Hits Users with Phishing Campaign FIRST EVER ‘MAJOR SCALE’ MAC MALWARE HITS USERS WITH PHISHING CAMPAIGN

blog article

May 01, 2017

Security researchers have discovered a new malware program that targets macOS users and is capable of spying on browsing traffic – even encrypted traffic – to steal users’ sensitive information.Dubbed as OSX/Dok, the malware has been spotted targeting users in Europe via phishing c...

Read More

Facebook and Google Were Victims of 100 Million-Dollar Phishing Scam FACEBOOK AND GOOGLE WERE VICTIMS OF 100 MILLION-DOLLAR PHISHING SCAM

blog article

Apr 29, 2017

We have been reporting on this massive Cyberheist for a while now, but Fortune Magazine decided to unleash their investigative reporters and find out exactly who those two mysterious high-tech companies were that got snookered for a whopping 100 million dollars.

Read More

Cybersecurity Needs to Be Closely Linked to IT Modernization CYBERSECURITY NEEDS TO BE CLOSELY LINKED TO IT MODERNIZATION

blog article

Apr 28, 2017

There’s a direct link between the amount of legacy applications and IT infrastructure any organization has installed and an organization’s overall security posture. The longer applications and IT infrastructure have been deployed the more likely it is that cybercriminals are exploiting s...

Read More

New OSX.Dok malware intercepts web traffic NEW OSX.DOK MALWARE INTERCEPTS WEB TRAFFIC

blog article

Apr 28, 2017

Most Mac malware tends to be unsophisticated. Although it has some rather unpolished and awkward aspects, a new piece of Mac malware, dubbed OSX.Dok, breaks out of that typical mold.OSX.Dok, which was discovered by Check Point, uses sophisticated means to monitor—and potentially alter—al...

Read More

Cybersecurity Knowledge Is Breach Prevention Power: Introducing Cyberpedia CYBERSECURITY KNOWLEDGE IS BREACH PREVENTION POWER: INTRODUCING CYBERPEDIA

blog article

Apr 28, 2017

In cybersecurity, threats are many, varied and constantly evolving – a notion well-understood by vendors, enterprises, small businesses and governments alike. What’s not so clear-cut, however, is precisely how the multitude of cybersecurity technologies, products, concepts and threats ar...

Read More

Phishing Scammer Scams $100 Million out of Facebook and Google PHISHING SCAMMER SCAMS $100 MILLION OUT OF FACEBOOK AND GOOGLE

blog article

Apr 28, 2017

A March indictment by the Department of Justice first revealed news of the arrest of a Lithuanian man to have allegedly conned $100 million in wire transfers from American tech giants. The two companies who wired $100 million to the imposter over a course of two long years are revealed to be none ot...

Read More

Goodware vs. Malware GOODWARE VS. MALWARE

blog article

Apr 27, 2017

In the world of security, you have number of tools to help you make difficult decisions - some built into your security stack and others available as free resources that can be found online. Today, I would like to discuss the latter.

Read More

FalseGuide Botnet Malware Hits 2 Million Android Devices FALSEGUIDE BOTNET MALWARE HITS 2 MILLION ANDROID DEVICES

blog article

Apr 27, 2017

Security researchers have discovered and revealed details about ‘FalseGuide’, a new strain of malware that resides among applications on Google’s official app store, Google Play.Researchers at Check Point have discovered at least 45 Google Play store apps, typically those that prov...

Read More

2017 Data Breach Report Finds Phishing, Email Attacks Still Potent 2017 DATA BREACH REPORT FINDS PHISHING, EMAIL ATTACKS STILL POTENT

blog article

Apr 27, 2017

Phishing of employees and malicious attachments sent in email messages are still the main causes of data breaches, despite warnings, Verizon said in its latest Data Breach Investigation Report.Call it the Cassandra Syndrome. Information security professionals can warn and warn again about the danger...

Read More

H1-B VISAS CRITICAL TO ADDRESS CYBERSECURITY PROFESSIONAL SHORTFALL H1-B VISAS CRITICAL TO ADDRESS CYBERSECURITY PROFESSIONAL SHORTFALL

blog article

Apr 27, 2017

Based on the findings of the 2017 Global Information Security Workforce Study, the world will face a deficit of 1.8 million information security professionals by 2022. With headlines dominated by breaches and cyber threats, we at (ISC)² need to be a strong voice and advocate for the global cybe...

Read More

Northrop Grumman can make a stealth bomber – but falls for W-2 phishing attack NORTHROP GRUMMAN CAN MAKE A STEALTH BOMBER – BUT FALLS FOR W-2 PHISHING ATTACK

blog article

Apr 27, 2017

US military contractor Northrop Grumman notified their employees that hackers managed to gain access to their W-2 tax records.As The Register just reported, the makers of America’s stealth bomber acknowledged in a letter sent to employees and the California Attorney General’s office that...

Read More

How To Sell Endpoint Security to Business Leaders HOW TO SELL ENDPOINT SECURITY TO BUSINESS LEADERS

blog article

Apr 26, 2017

While the world has opened its eyes to the dangers of hacking, leaks and cyber-terrorism, it remains mostly blind to the threat posed by everyday office technology. Despite budgets growing, it’s clear that not enough investment is going into endpoint protection.

Read More