Latest News

News

Localized "designer" malware campaigns all the rage, says Sophos

Criminal outfits are increasingly distributing "designer" spam and malware, customized to optimally target victims in specific geographic regions, according to new research from Sophos' research division, SophosLabs.

News

Some U.S. Bancorp workers' W-2 info exposed in ADP data breach

At least one major corporation that uses ADP as its payroll vendor had some of its employees W-2 tax information compromised.

News

Google patches 40 Android security flaws

Google released patches for 40 security vulnerabilities affecting Android devices. Vulnerabilities include remote code execution, elevated privilege, and remote denial of service (DoS) flaws.

News

Tampa airport to conduct major IT security audit following apparent breach

Tampa International Airport has expedited and expanded an audit of its network security, following the resignation of an IT consultant who was allegedly found to have shared system passwords with unauthorized parties.

News

Gozi malware creator cuts deal, gets time served and $7M fine

Gozi banking malware creator Nikita Kuzmin sentenced to time served and a $7 million fine as the U.S. Attorney's office tells judge Kuzmin provided "substantial assistance" to the government.

Data Breach Blog

1,206 Solano Community College employees victimized in W-2 data breach

Solano Community College in Fairfield, Calif. was hit with a spearphishing attack led to the W-2 information for about 1,200 staffers being compromised.

LuckyPet data breach compromises online payment info

Seattle-based pet store LuckyPet notified the California State Attorney General's office of a data breach that compromised online customer information.

18,000 possibly affected by Archdiocese of Denver data breach

Incidents of fraud were reported after an unauthorized person accessed an Archdiocese of Denver database maintained by a third-party and which contained PII on 18,000 former and current employees and their dependents.

Featured News

Action Fraud warns of new wave of Lizard Squad DDoS attacks

Action Fraud warns of new wave of Lizard Squad DDoS attacks

Lizard Squad is back with a vengeance, according to an advisory from Action Fraud UK which is advising organisations to report the attacks, keep detailed records and seek help from their ISPs.

May issue now available!

The Threat Hunter Blog

Next up. A look at Locky Ransomware

Next up. A look at Locky Ransomware

We've been examining some of the newer - or, at least, most currently prevalent - strains of ransomware. This time we look at Locky.

May 2016 Product Reviews

AlienVault Unified Security Management Platform

Significant, mature next-generation blend of SIEM and UTM capabilities at a very reasonable price. Outstanding customer relationship building.

LogRhythm Security Intelligence Platform

Probably the most complete pure-play SIEM we’ve seen with the added benefit of many next-gen features and superlative correlation and analytics.

CorreLog SIEM Correlation Server

Excellent price point for a very flexible SIEM/log correlator with lots of features.

Opinions

Speak the board's language or get fired

Speak the board's language or get fired

A communication gap exists today between CISOs and the board of directors, says Feris Rifai, CEO, Bay Dynamics.

Government surveillance from Caesar to Nixon

Government surveillance from Caesar to Nixon

Government surveillance is, however, not new, says Patrick O'Kane, barrister and compliance counsel.

RECENT COMMENTS

Sign up to our newsletters

FOLLOW US