Steve Zurier SC Media | Page 2 of 5

Steve Zurier

Most recent articles by Steve Zurier

Glupteba malware leverages blockchain as a communications channel

Glupteba malware does something novel: It uses the bitcoin blockchain as a communications channel to receive updated configuration information. That’s important because malware always needs a way to go back to its home base, preferably without being detected, according to a paper released this week by Sophos Labs researchers. The new form of malware sprinkles…

Triangle of network security management requires formalized process, Rodrigue says

Why do we care about cyber hygiene? For starters, security pros want to ensure operating effectiveness of basic controls and put in a system of checks and balances between processes. Companies also want to offer a foundation for more advanced technical security mechanisms, their effectiveness becomes limited otherwise. They also want to detect blind spots…

Cracking the cyber liability code leads to better insurance coverage

The cyber insurance market continues to evolve and mature with coverage enhancements, along with an abundance of carriers. With so many carriers entering the market, it’s more important than ever for companies to take their time and read the fine print. In their session Tuesday at InfoSec World 2020, “Cracking the Cyber Liability Code,” two…

Don’t be the weakest link in a widespread attack

InfoSec World 2020 — Small suppliers and SMBs shouldn’t think they are immune to hacks. In fact, some of the most prolific hacks started with attacks on third-party suppliers, such as HVAC companies and small defense manufacturers. The Target hack quickly comes to mind. In the InfoSec World 2020 session, You’ve Been Pwned…But Your Customers…

Outages draw speculation of DDoS attack on U.S. but reality likely more ‘boring’

A series of outages at mobile providers, ISPs, streaming services, games and social media platforms prompted speculation Monday that the U.S. could be under a massive coordinated DDoS attack, though security experts said that scenario seemed unlikely. Customers at AT&T, Sprint, T-Mobile and Verizon reported cell service disruptions while the Downdetector plotted reports of outages…

Russian hacker releases at least 14,000 Mexican taxpayer IDs

Researchers at Lucy Security recently discovered that a Russian hacker named m1x breached a Mexican government web portal and three days later once the government refused to pay a ransom, publicly-released some 14,000 Mexican taxpayer ID numbers. Colin Bastable, CEO of Lucy Security, said the researchers discovered the case on a hacking forum on the dark web…

M3AAWG issues email authentication advice for security pros

The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) has put out a joint call-to-action with Google and Verizon for the security industry to take more proactive measures to authenticate and secure their sending domains and email addresses by deploying email authentication at scale. Preventing rampant phishing during the COVID-19 period should be a top…

Next post in Security News