Research

Network Security, Penetration Testing, Vulnerability Assessment, Risk Assessment, Research, Security News, Vulnerabilities

Metasploit Project publishes exploit for Bluekeep bug

By

Bradley Barth

September 9, 2019

Coders late last week publicly released a working exploit for the dangerous Bluekeep bug that was found and patched earlier this year in Microsoft’s Remote Desktop Protocol implementation. Designated as CVE-2019-0708, BlueKeep is a remote Windows kernel use-after-free vulnerability that could be used to create wormable attacks similar to the WannaCry ransomware incident of May…

Cybercrime, Data Breach, Research, Security News

Data breaches expected to cost $5 trillion by 2024

By

Bradley Barth

August 29, 2019

The annual cost of worldwide data breaches will surpass $5 trillion by 2024, with North American businesses absorbing the highest share, according to a newly published Juniper Research report. Current yearly cost totals sit at $3 trillion, which means the jump to $5 trillion in five years represents an average annual growth of 11 percent.…

Alleged Anonymous members indicted last Thursday led unassuming lives

Cybercrime, Research, Security News

Research: Hacktivism activity and chatter has markedly dropped since 2016

By

Bradley Barth

August 26, 2019

After peaking in 2016, the number of active hacktivist groups have since dipped precipitously, as has overall online chatter regarding hacktivism, according to a new report from researchers at Recorded Future. Furthermore, the researchers found a marked reduction in the frequency of large-scale international hacktivism campaigns. Members of the company’s Insikt Group team theorize that…

IoT, Research, Security News

Lack of cyber investment could spell trouble for smart cities: report

By

Bradley Barth

August 22, 2019

A lack of investment in cybersecurity protections could imperil the future of smart cities and the Internet of Things devices on which they run, a new report from ABI Research warns. ABI anticipates there will be 1.3 billion wide-area network smart city connections by the year 2024. Of the $135 billion projected to be invested…

Malware, Research, Security News

Study: Ransomware generates most interest among underground forum users

By

Bradley Barth

July 26, 2019

An analysis of 3.9 million online posts published on underground forums found that ransomware, crypters and trojans were the most frequently referenced categories of malware and malicious tools – an indication of their popularity among forum visitors and potential cybercriminals. Web shells, remote access trojans, adware, computer viruses, FUD (fully undetectable) crypters, exploit kits and rootkits – in that…

Mobile Security, Privacy & Compliance News and Analysis, Research, Security News, Vulnerabilities, Wireless Security

Researchers devise method to track Bluetooth devices, despite built-in protections

By

Bradley Barth

July 18, 2019

Researchers from Boston University (BU) have discovered a way to circumvent anonymization protections on Bluetooth Low Energy devices, allowing potentially malicious actors to passively track the movements of these devices and their users. BLE devices rely on non-encrypted advertising messages to signal their availability to other devices to pair up. To prevent third-party actors from…

Network Security, Phishing, Research, Security News

What is workforce’s biggest cyber knowledge gap? ID’ing phishing threats, says study

By

Bradley Barth

July 10, 2019

An analysis of workers’ cyber knowledge gaps found that ends users last year struggled most with identifying phishing threats and protecting data throughout its lifecycle, according to a new report from Proofpoint. Titled “Beyond the Phish 2019, the report incorporated data gathered from roughly 130 million answers to questions that were posed to endpoint users…

Cyber gangs battle to take down Xbox and PlayStation gaming networks for Christmas.

Application Security, Cybercrime, Gaming, Research, Security News, Web Services Security, E-Commerce Security

Gaming industry has become popular target of credential stuffing attacks: study

By

Bradley Barth

June 13, 2019

A company’s recent analysis of credential abuse activity over a 17-month period uncovered roughly 55 billion credential stuffing attack attempts against various online services, roughly 12 billion of which targeted the gaming industry. Researchers at Akamai Technologies revealed the data in their latest State of the Internet/Security report, which specifically focuses on web attacks and…

Election 2016 Cybersecurity Insights, Election Coverage, Government, Government/Defense, Network Security, Research, Security News

Russia’s 2016 election interference was highly organized, but fixes for 2020 are possible: reports

By

Bradley Barth

June 6, 2019

The campaign by Russia’s Internet Research Agency to interfere with the 2016 U.S. presidential election using fake Twitter accounts was even organized than many people realize, according to a new report from Symantec Corporation. But another new report from scholars at Stanford University prescribes more than 45 policy recommendations for how the U.S. can prevent…

Cloud Security, Cybercrime, Data Breach, Health Care, Ransomware, Research, Security News

Verizon Breach Report: Attacks on top executives and cloud-based email services increased in 2018

By

Bradley Barth

May 9, 2019

Social engineering attacks against C-level executives, hacks of cloud-based email servers, and compromises of payment card web apps were all notably up last year, according to the newly released 2019 Verizon Data Breach Investigations Report (DBIR). Other key takeaways from the past year included a marked decrease in successful attacks against physical point-of-sale terminals and…

Research

Metasploit Project publishes exploit for Bluekeep bug

Data breaches expected to cost $5 trillion by 2024

Research: Hacktivism activity and chatter has markedly dropped since 2016

Lack of cyber investment could spell trouble for smart cities: report

Study: Ransomware generates most interest among underground forum users

Researchers devise method to track Bluetooth devices, despite built-in protections

What is workforce’s biggest cyber knowledge gap? ID’ing phishing threats, says study

Gaming industry has become popular target of credential stuffing attacks: study

Russia’s 2016 election interference was highly organized, but fixes for 2020 are possible: reports

MOST POPULAR

Want to read more?

DHS warns against ‘password spray’ brute force attacks