Threats

Study: Canada C-Suite execs say companies prepared for threats

By

A survey of Canadian business execs found that just over a quarter had experienced a cyber attack.

Best practices for removing admin rights: A step-by-step approach

Careful control of administrator rights in the very foundation of IT Security. Allowing admin rights exposes a dangerous security risk, creating an easy entry point for advanced persistent threats, zero-day attacks and sophisticated malware.

Top websites deliver CryptoWall ransomware via malvertising

By

The CryptoWall ransomware being delivered comes with a valid digital signature and initial VirusTotal results showed zero detections.

Insider threat cases on the rise, IC3 warns

By

Disgruntled and former employees have been increasingly engaging in computer network exploitation and disruption.

LogMeIn notifies users of fake emails claiming to be security update

By

Fake emails that appear to come from an authentic LogMeIn address state that the company has released a new security certificate.

More exploits, including Silverlight attack, packed in Nuclear kit

More exploits, including Silverlight attack, packed in Nuclear kit

By

Since the year's start, the number of exploits used by the kit has doubled, Trend Micro found.

Cyber thieves are ready for the holiday shopping season: are you?

Retail organizations have long been the target of financially-motivated crime. According to Verizon, 92% of the retail breaches they've studied were committed by external actors.

WordPress security simplified — Six easy steps for a more secure website

WordPress is the most-used content management system (CMS) in the world. More than 60 million websites, or 22.9% of the internet, use WordPress for content creation.

How to use crowd-sourced threat intelligence to stop malware in its tracks

Threat sharing networks have been around for a long time, however they have typically been "invitation-only", available to only large companies, or those within a particular industry.

Researcher challenges reports that BlackPOS variant struck Home Depot

By

Nuix believes the malware found on Home Depot's systems belongs to a different threat family.

Tapping global threat intelligence to secure enterprise networks

On July 9, 2014, the Cybersecurity Information Sharing Act (CISA) passed the Senate Intelligence Committee in a 12-3 vote. The legislation encourages threat information sharing between government and the private sector

Researchers reveal security issues in Android apps

By

On Monday, the University of New Haven revealed its first video in a series of security findings.

Salesforce warns of Dyre malware possibly targeting users

Salesforce warns of Dyre malware possibly targeting users

By

Salesforce posted a notification that its users are possibly being targeted by Dyre malware and offered some recommendations to avoid the threat.

Phishing continues to be effective, McAfee Labs report shows

Phishing continues to be effective, McAfee Labs report shows

By

Out of 16,000 business users who took the McAfee Phishing Quiz, 80 percent fell for at least one of seven phishing emails.

APT group adapts Windows backdoor to target Mac computers

APT group adapts Windows backdoor to target Mac computers

By

The backdoor, called "XSLCmd," was detected in earlier attacks on Windows systems, FireEye found.

iCloud beefs up security in wake of celebrity nude photo scandal

By

Apple's CEO said the company will begin using email and push notifications to alert users to passwords changes in any iCloud account.

Namecheap.com reveals attack on login systems

By

Late last month a group of attackers targeted the web hosting company's login portal to try and access users' accounts.

Researchers discover two SQL injection flaws in WordPress security plugin

By

High-Tech Bridge discovered two SQL injection vulnerabilities in All In One WordPress Security and Firewall plugin and notified the vendor.

'KorBanker' steals SMS messages, takes authentication codes in the process

'KorBanker' steals SMS messages, takes authentication codes in the process

By

Android devices in Korea have primarily been impacted by the malware.

Researchers observe more than a hundred connections to 'Backoff' sinkhole

By

Researchers with Kaspersky Lab were able to sinkhole two command-and-control servers used by certain Backoff point-of-sale malware samples.

Security foundation also warns of Netis router backdoor

By

Trend Micro first alerted the public to the backdoor affecting Netis and Netcore brand routers.

Protecting email both ways

Protecting email both ways

By

Protecting your organization from attacks brought into the system by email is an ongoing challenge, says Peter Stephenson, technology editor.

In search of intelligence...

In search of intelligence...

By

The interruption of the cyberattack kill chain through the use of intelligence-driven security has been touted as the better way forward.

Smart defense: A talk with industry veteran Gene Fredriksen

Smart defense: A talk with industry veteran Gene Fredriksen

By

Today's CISO must stay ahead of attackers, says Gene Fredriksen, CISO at PSCU. Teri Robinson talks one on one with the industry veteran.

News briefs: The latest on Sony, Android, Backoff malware and more.

News briefs: The latest on Sony, Android, Backoff malware and more.

By

This month's news briefs cover a preliminary settlement Sony will bear for the exposure of 77 million customers, and more.

Threat of the month: SVPENG

Threat of the month: SVPENG

We take a closer look at SVPENG, malware that's capable of launching two different types of attacks.

Catching up to the insider

Catching up to the insider

By

Have effective changes been instituted to protect organizations from other Snowdens or negligent employees?

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

By

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm RAT

By

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.

Malicious ads impact Java.com, TMZ and Photobucket site visitors, firm finds

Malicious ads impact Java.com, TMZ and Photobucket site visitors, firm finds

By

Several high-profile websites were impacted by a malvertising campaign, which Fox-IT helped dismantle.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US