Threats News, Articles and Updates

Insiders are bigger threat than perimeter: report

Insiders are bigger threat than perimeter: report

By

Employees falling prey to social engineering ploys or with an agenda pose the "biggest threat to company security," concluded a new report from Ari Kaplan and Nuix.

IoT security forcing business model changes, panel says

IoT security forcing business model changes, panel says

By

To secure the Internet of Things and to build trust with customers, the way that vendors approach manufacturing, distributing and supporting devices and solutions must change.

'Internet of Me' driving IoT security

'Internet of Me' driving IoT security

By

Noting a rapid acceleration of "things" connected to the internet with the pace expected to pick up, panelists at the National Cyber Security Alliance's (NCSA's) Cybersecurity Summit at Nasdaq called for a focus on protecting data, advocated for a framework to guide development and said the personal nature of Internet of Things (IoT) will drive vendors to embrace higher levels of security.

Mexico uptick in government data requests prompts privacy concerns

By

An uptick in government surveillance requests in Mexico has privacy advocates troubled that the country does not have the supervision in place that it needs to keep sensitive information from falling to those who don't have a right to ask for it.

Security Threats are on the Rise: Is Your SAP Data Really Protected?

Security Threats are on the Rise: Is Your SAP Data Really Protected?

Instead of hoping for your end-users to make the right decision or your DLP solution to make the right guess, data protection solutions need to be context-aware.

Fake LinkedIn profiles, 'convincing' network linked to Iran-based group

Fake LinkedIn profiles, 'convincing' network linked to Iran-based group

By

The CTU, the Dell SecureWorks research team, uncovered fake LinkedIn profiles and an extensive, convincing network created by the Iran-based Threat Group 2889.

Malware attacks hit Match.com UK site

Malware attacks hit Match.com UK site

Security researchers have discovered malicious adverts on the UK version of dating site Match.com.

Black Hat 2015 attendees concerned about endpoint risks

Black Hat 2015 attendees concerned about endpoint risks

By

Security professionals are most concerned about the endpoint, citing it as the greatest source of risk in a Bromium survey of more than 100 pros who attended Black Hat USA 2015 in Las Vegas last week.

Yahoo malvertising actors turn attention to AdSpirit

By

Researchers at Malwarebytes uncovered a malvertising campaign against AdSpirit.de, similar to the one used recently on Yahoo.

Cisco warns IOS device customers on attack 'evolution'

Cisco warns IOS device customers on attack 'evolution'

By

Attackers have been observed substituting Cisco's IOS bootstrap with a malicious ROMMON image after first accessing the company's IOS devices.

SEC commissioner urges info sharing, quick action at SINET summit

SEC commissioner urges info sharing, quick action at SINET summit

By

At a SINET Innovation Summit in New York, SEC Commissioner Luis Aguilar said the agency needs to do more and called for more formalized information sharing.

Bitcoin exchange compromised through SendGrid account

By

In an attack very similar to one last year, a SendGrid customer was compromised through its mail service account.

Blend of old and new techniques help attackers dodge detection, report says

Blend of old and new techniques help attackers dodge detection, report says

By

The 2015 Websense Threat Report found that threat actors are employing previously used C&C URLs to launch new threats.

Tsukuba trojan aimed at Japanese banking customers

Tsukuba trojan aimed at Japanese banking customers

By

The Tsukuba trojan like other proxy changers is not technically advanced but uses an interesting social engineering technique, researchers at IBM Trusteer found.

PlugX APT group uses backdoor in India campaign

By

A five-month-long campaign against organizations in India shows the group is active and evolving, SophosLab reports.

Disconnect yawns between CISOs, exec leadership, study says

Disconnect yawns between CISOs, exec leadership, study says

By

A recent survey by Ponemon Institute and Raytheon found senior executives don't fully understand the extent of security threats.

Gogo caught using fake Google SSL certificates

Gogo caught using fake Google SSL certificates

By

On a recent flight, a Google engineer discovered that SSL certificates were being signed by Gogo, not Google.

Spearfishing campaign compromises ICANN systems

By

Staff member credentials were used to access ICANN systems after spearphishing campaign that began in November.

Black market tactics mirror those of legit business

Black market tactics mirror those of legit business

By

A report from DellSecureWorks Counter Threat Unit revealed hacker training tutorials, replacement guarantees and a drop in RAT prices.

Iranian hackers targeting critical infrastructure

Iranian hackers targeting critical infrastructure

By

Researchers at Cylance have been monitoring a group out of Tehran, called Operation Cleaver, that it believes is gearing up for a massive attack on critical infrastructure.

First Stuxnet victims identified

By

Kaspersky Lab researchers are confident they have identified the first five victims, or patient zeroes, of the Stuxnet worm.

Information sharing requires breaking down barriers, White House cyber guru says

Information sharing requires breaking down barriers, White House cyber guru says

By

The White House has advanced an agenda to promote and facilitate information sharing on security threats and vulnerabilities.

Study: Canada C-Suite execs say companies prepared for threats

By

A survey of Canadian business execs found that just over a quarter had experienced a cyber attack.

Best practices for removing admin rights: A step-by-step approach

Careful control of administrator rights in the very foundation of IT Security. Allowing admin rights exposes a dangerous security risk, creating an easy entry point for advanced persistent threats, zero-day attacks and sophisticated malware.

Top websites deliver CryptoWall ransomware via malvertising

By

The CryptoWall ransomware being delivered comes with a valid digital signature and initial VirusTotal results showed zero detections.

Insider threat cases on the rise, IC3 warns

By

Disgruntled and former employees have been increasingly engaging in computer network exploitation and disruption.

LogMeIn notifies users of fake emails claiming to be security update

By

Fake emails that appear to come from an authentic LogMeIn address state that the company has released a new security certificate.

More exploits, including Silverlight attack, packed in Nuclear kit

More exploits, including Silverlight attack, packed in Nuclear kit

By

Since the year's start, the number of exploits used by the kit has doubled, Trend Micro found.

Cyber thieves are ready for the holiday shopping season: are you?

Retail organizations have long been the target of financially-motivated crime. According to Verizon, 92% of the retail breaches they've studied were committed by external actors.

WordPress security simplified — Six easy steps for a more secure website

WordPress is the most-used content management system (CMS) in the world. More than 60 million websites, or 22.9% of the internet, use WordPress for content creation.

RECENT COMMENTS

Sign up to our newsletters

FOLLOW US