News
News
- September 28, 2017
28 Sep'17
DDoS defense: Changing the approach to handle new threats
Corero Network Security CEO Ashley Stephenson talks with SearchSecurity about the recent wave of powerful distributed denial-of-service attacks and how DDoS defense has changed.
- September 27, 2017
27 Sep'17
Ransomware attackers using more sophisticated techniques
At the (ISC)2 Security Congress, infosec professionals warned of sophisticated ransomware attackers that are using more advanced techniques to encrypt entire networks.
- September 27, 2017
27 Sep'17
Risk & Repeat: Kaspersky ban turns ugly
In this week's 'Risk & Repeat' podcast, SearchSecurity editors discuss the U.S. government's Kaspersky ban and how competitors like McAfee are trying to capitalize on it.
-
- September 27, 2017
27 Sep'17
Windows digital signature bypassed with two registry edits
The DerbyCon keynote covered why security research is an approachable field, as well as how to bypass a Windows digital signature check to run unwanted code.
- September 25, 2017
25 Sep'17
Freese: Cyber-risk management is the key to good infosec hygiene
Speaking at the (ISC)2 Security Congress, FBI Deputy Assistant Director Don Freese spoke about need for security pros to replace fear and emotion with proper cyber-risk management.
-
Sponsored News
-
It’s Time to Modernize Your SOC
Sponsored by Microsoft - With the shift to remote work caused by COVID-19, Security Operations Centers (SOCs) are under more pressure than ever, particularly with many SOC workers also working from home. Today’s reality is that SOCs have to embrace a new way of working in order to keep their analysts and admins effective and to ensure that morale doesn’t collapse under the weight of too much work and pressure. See More
-
6 Factors to Consider in Building Resilience Now
Sponsored by Microsoft - COVID-19 has been, and continues to be, a stark reminder of the importance of business resilience. Organizations of all types and sizes have had to adjust to rapidly changing and unpredictable circumstances: A shift to remote work, supply chain disruptions, new digitally driven business models and an environment where uncertainty is the rule, not the exception. See More
-
Why Zero Trust, Why Now
Sponsored by Microsoft - The concept of a Zero Trust cybersecurity architecture has been around for more than a decade, but adoption didn’t really begin to take hold until the past couple of years. As with many technology innovations, it hasn’t always been clear just what Zero Trust is all about and, more important, how to implement it easily and cost effectively. See More
-
5 Best Practices To Secure Remote Workers
Sponsored by Microsoft - The impact of COVID-19 has changed the dynamics and landscape of remote work for at least the foreseeable future and, probably, forever. All of a sudden, organizations across all industries had to scale remote workers at unprecedented intensity and speed. See More
-
- September 22, 2017
22 Sep'17
DerbyCon cybersecurity conference is unique and troubling
Walking up to DerbyCon 7.0 cybersecurity conference it immediately has a very different feel from the "major" infosec conferences. Attendees would never be caught loitering outside of the Black Hat ...
- September 22, 2017
22 Sep'17
Users plagued by iOS app security issues, according to new research
News roundup: Researchers uncovered a large number of iOS app security risks. Plus, Viacom exposed its critical data through a misconfigured AWS S3 bucket, and more.
- September 21, 2017
21 Sep'17
Undisclosed SEC breach may have led to illegal stock trades
The U.S. Securities and Exchange Commission admitted a 2016 breach that was previously undisclosed may have enabled threat actors to engage in illegal stock trades.
- September 21, 2017
21 Sep'17
Undocumented Word feature could lead to system information theft
An undocumented Word feature found by Kaspersky Lab could lead to system information theft and affects users on both PCs and mobile devices.
- September 21, 2017
21 Sep'17
Risk & Repeat: Equifax data breach fallout continues
In this week's Risk & Repeat podcast, SearchSecurity editors continue discussing the Equifax data breach and examine new details about an Apache Struts flaw tied to the attack.
-
- September 19, 2017
19 Sep'17
CCleaner malware spread via supply chain attack
CCleaner malware was spread to users via an infected software update for close to one month, highlighting the dangers of supply chain attacks and the need for code signing.
- September 15, 2017
15 Sep'17
Fearmongering around Apple Face ID security announcement
As fears grow over government surveillance, the phrase "facial recognition" often triggers a bit of panic in the public, and some commentators are exploiting that fear to overstate any risks ...
- September 15, 2017
15 Sep'17
DHS banned Kaspersky software from all government systems
News roundup: DHS has banned Kaspersky software from use in government systems. Plus, the commonwealth of Virginia decided to do away with touchscreen voting machines, and more.
- September 15, 2017
15 Sep'17
Apache Struts vulnerability blamed for Equifax data breach
Equifax has confirmed an unpatched critical Apache Struts vulnerability was exploited in the breach that compromised the personal data of 143 million U.S. citizens.
- September 14, 2017
14 Sep'17
BlueBorne Bluetooth vulnerabilities affect billions of devices
A set of eight Bluetooth vulnerabilities, branded together as BlueBorne, affect billions of devices and could be one of the most dangerous issues, according to experts.
- September 13, 2017
13 Sep'17
Equifax breach response deemed insufficient in multiple ways
Experts criticized the Equifax breach response as insufficient, given the size and scope of the data loss, and they said the company was likely not prepared for such an incident.
- September 13, 2017
13 Sep'17
Risk & Repeat: Equifax data breach response called into question
In this week's Risk & Repeat podcast, SearchSecurity editors tackle the massive Equifax data breach and how the credit bureau's response to the security incident is creating more problems.
- September 13, 2017
13 Sep'17
Apple claims iPhone X Face ID has better security than Touch ID
Apple announced the new iPhone X Face ID system, which replaces Touch ID in favor of facial recognition and may offer 20 times fewer false positives than fingerprint scanning.
- September 08, 2017
08 Sep'17
Equifax breach exposes 143 million consumers' personal data
A massive Equifax breach, which was discovered in July, exposed the personal information, including names, birth dates and Social Security numbers, of 143 million Americans.
- September 08, 2017
08 Sep'17
Six new vulnerabilities in Android bootloaders uncovered
News roundup: Researchers used the new BootStomp tool to uncover six vulnerabilities in Android bootloaders. Plus, a new wave of AWS S3 bucket data leaks strikes and more.
- September 08, 2017
08 Sep'17
Apache Struts vulnerability affects versions since 2008
A researcher discovered a remotely exploitable Apache Struts vulnerability being actively exploited in the wild. A patch was released, and users were urged to update software immediately.
- September 07, 2017
07 Sep'17
Dragonfly 2.0 hacker group seen targeting U.S. power grid
Security researchers claim to be tracking a threat group called Dragonfly 2.0 hacker group that has been attacking critical infrastructure and setting up persistent infections on ICS networks.
- September 07, 2017
07 Sep'17
SHA-1 hashes recovered for 320M breached passwords
Security researchers once again proved how easy it can be to recover SHA-1 hashes by cracking the hashes on nearly 320 million passwords related to data breaches.
- September 06, 2017
06 Sep'17
Risk & Repeat: Payment card security a growing concern
In this week's Risk & Repeat podcast, SearchSecurity editors discuss new research from Verizon on payment card security and the effectiveness of PCI DSS compliance for enterprises.
- September 01, 2017
01 Sep'17
Intel kill switch ME code indicates connection to NSA
Researchers discovered an Intel kill switch hiding in one of the chipmaker's software products, along with references to an NSA program focused on secure computing.
- September 01, 2017
01 Sep'17
Enterprise compliance with PCI DSS is up, says Verizon
News roundup: More than half of enterprises are in compliance with PCI DSS, according to a Verizon report. Plus, Turla is on the attack again with a new campaign, and more.
- September 01, 2017
01 Sep'17
Risk & Repeat: Alternative infosec conferences on the rise
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how smaller, more targeted infosec conferences are making a name for themselves in the shadow of much larger events.
- August 31, 2017
31 Aug'17
Spambot email leak compromises 711M records
An email leak containing 711 million records was found in a breach of a spambot list stored in the Netherlands and included both addresses and passwords used to access email accounts.
- August 29, 2017
29 Aug'17
Kaspersky-Russian ties still unclear, despite FBI push
The specter of Kaspersky-Russian ties has reportedly led to an FBI campaign urging private organizations to drop Kaspersky Lab products; experts urge the FBI to share more evidence.
- August 25, 2017
25 Aug'17
Alleged Sakula malware attacker arrested by FBI
The FBI arrested Chinese national Yu Pingan for alleged involvement with cyberattacks using the Sakula malware, the same malware reportedly used in the OPM breach.
- August 25, 2017
25 Aug'17
U.S. government cybersecurity is a mess, according to officials
News roundup: John McCain, NIAC and others called out the administration for not doing enough on U.S. government cybersecurity. Plus, the Ropemaker exploit alters emails, and more.
- August 24, 2017
24 Aug'17
Google Chrome Enterprise adds management options
The Google Chrome Enterprise offering officially allows organizations to manage Google Play Store apps, extensions, Microsoft Active Directory and integrate VMware on Chromebooks.
- August 23, 2017
23 Aug'17
Project Treble is another attempt at faster Android updates
Google has historically had a problem with getting mobile device manufacturers to push out Android updates, which has left hundreds of millions in the Android ecosystem at risk. Google hopes that ...
- August 23, 2017
23 Aug'17
Risk & Repeat: Was the DNC hack an inside job?
In this week's Risk & Repeat podcast, SearchSecurity editors examine claims from intelligence veterans that the DNC hack was an inside job, and not the work of Russian hackers.
- August 21, 2017
21 Aug'17
iPhone Secure Enclave firmware encryption key leaked
Experts and Apple say despite the leak of the iPhone Secure Enclave Processor encryption key that can be used to decrypt firmware code, user data and biometric information are still safe.
- August 18, 2017
18 Aug'17
Valerie Plame: U.S. government cyberdefense must be improved
Former CIA officer Valerie Plame discusses why America's cyberdefense is lagging behind -- and what the government and private sector should do to reverse the trend.
- August 18, 2017
18 Aug'17
Offensive cyberweapons from enemies may be re-engineered
The U.S. Defense Intelligence Agency wants to isolate, study, customize and re-engineer malware from adversaries to be used as its own offensive cyberweapons.
- August 18, 2017
18 Aug'17
Hijacked Chrome extensions infect millions of users
News roundup: Hackers leveraged eight hijacked Chrome extensions to attack 4.8 million browser users. Plus, Cloudflare stopped protecting a neo-Nazi website from DDoS attacks, and more.
- August 17, 2017
17 Aug'17
NotPetya ransomware impact costs Maersk hundreds of millions
Danish shipping giant A.P. Moller-Maersk said the NotPetya ransomware attacks severely damaged business processes and the impact has been estimated at as much as $300 million in lost revenue.
- August 17, 2017
17 Aug'17
Authorities can't force smartphone access in iOS 11
IOS 11 will allow users to avoid authorities attempting to force smartphone access by temporarily disabling biometric unlocking of mobile devices.
- August 16, 2017
16 Aug'17
Risk & Repeat: MalwareTech indictment raises questions
In this week's Risk & Repeat podcast, SearchSecurity editors explore the FBI's case against security researcher Marcus Hutchins, better known as MalwareTech.
- August 15, 2017
15 Aug'17
Mobile data theft a risk from shared app libraries
Researchers claim malicious actors could commit mobile data theft by using shared third-party libraries and abusing elevated privileges that the permissions granted.
- August 11, 2017
11 Aug'17
Microsoft antivirus policy changes under Kaspersky pressure
Microsoft antivirus policy changes for Windows 10 Fall Creators Update in order to avoid further action in an antitrust case brought by Kaspersky.
- August 11, 2017
11 Aug'17
FBI's Next Generation Identification system exempt from Privacy Act
News roundup: The FBI Next Generation Identification biometrics database is exempt from the Privacy Act. Plus, Salesforce fired two top staffers after DEFCON, and more.
- August 11, 2017
11 Aug'17
U.S. attorney: Gathering cybercrime evidence can be difficult
Assistant U.S. attorney says jurors and courts are getting smarter about cybercrime evidence, although digital cases overall may be getting more difficult to prosecute.
- August 11, 2017
11 Aug'17
How threat actors weaponized Mia Ash for a social media attack
Dell SecureWorks researchers detected suspicious activity on social media accounts of Mia Ash. When they dug deeper, they discovered a new, complex social engineering attack.
- August 10, 2017
10 Aug'17
Risk & Repeat: Voting machine hacking brings good and bad news
In this week's Risk & Repeat podcast, SearchSecurity editors look back at DEFCON 2017's voting machine hacking and what it could mean for the future of U.S. election security.
- August 09, 2017
09 Aug'17
Windows 10 Linux subsystem gets first patches
Microsoft's August 2017 Patch Tuesday brought the first Windows 10 Linux subsystem patches, just as a new version of the Linux subsystem is released for Windows Server.
- August 08, 2017
08 Aug'17
The Symantec-Google feud can't be swept under the rug
The Symantec-Google feud regarding the antivirus vendor's web certificate practices appears to be over. But that doesn't mean it should be minimized or ignored.
- August 04, 2017
04 Aug'17
Ransomware recovery goes beyond data loss for enterprises
Enterprises may see paying up as a quick path to ransomware recovery, but experts said there are many issues to consider when making that choice.
- August 04, 2017
04 Aug'17
IoT device security bill mandates security standards
News roundup: U.S. Senators introduce a bipartisan bill to standardize IoT device security for government vendors. Plus, Anthem suffers another data breach, and more.
- August 03, 2017
03 Aug'17
MalwareTech arrested for Kronos banking Trojan connection
The FBI arrested the famed security researcher known as MalwareTech after a two-year investigation into the creation and distribution of the Kronos banking Trojan.
- August 03, 2017
03 Aug'17
Symantec Website Security, certificate authority business sold to DigiCert
DigiCert agrees to buy majority stake in Symantec Website Security just days after Google releases an April 2018 distrust date for Symantec certificates.
- August 02, 2017
02 Aug'17
Hacking voting machines takes center stage at DEFCON
DEFCON attendees were successful in hacking voting machines and now that there is proof the systems are insecure, more work needs to be done to change election laws and practices.
- August 02, 2017
02 Aug'17
Risk & Repeat: Black Hat 2017 highlights
In this week's Risk & Repeat podcast, SearchSecurity editors recap Black Hat 2017 and discuss some of the big news from the event, including the Broadpwn remote exploit.
- August 01, 2017
01 Aug'17
Experts debate Vulnerabilities Equities Process disclosure
Experts debated how the government should weigh disclosure in the Vulnerabilities Equities Process and whether to err on the side of offense or defense.
- July 28, 2017
28 Jul'17
Breaking down the Broadpwn exploit, world's first Wi-Fi worm
At Black Hat 2017, Exodus Intelligence researcher Nitay Artenstein unveiled the Broadpwn exploit, which he called the world's first Wi-Fi worm and which puts billions of iOS and Android devices at risk.
- July 28, 2017
28 Jul'17
Risk & Repeat: Why are Amazon S3 buckets spilling on the web?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the series of enterprise data leaks through misconfigured Amazon S3 buckets and what should be done about them.
- July 28, 2017
28 Jul'17
Adobe's Flash end of life scheduled, finally, for 2020
News roundup: Adobe announced that Flash end of life will happen by the end of 2020. Plus, Microsoft expands its bug bounty program, the 2017 Pwnie Awards winners, and more.
- July 28, 2017
28 Jul'17
Who are the Shadow Brokers? Signs point to an intelligence insider
At Black Hat 2017, security researcher Matt Suiche analyzed the Shadow Brokers dumps, postings and behavior to get to the bottom of one of the infosec industry's biggest questions.
- July 28, 2017
28 Jul'17
Cyber-risk analysis, time are keys to infosec says game theory
Analyzing infosec through the lens of game theory shows that cyber-risk analysis and wasting attacker time may be highly effective cybersecurity strategies.
- July 28, 2017
28 Jul'17
Samsung Knox platform: Can it improve Android device security?
Application security expert Michael Cobb discusses the Samsung Knox platform and its ability to improve Android device security in the enterprise.
- July 27, 2017
27 Jul'17
Phishing research shows troubling trends for enterprise users
Karla Burnett of Stripe presented sobering results of phishing research from her company at Black Hat 2017, suggesting phishing training is ineffective against today's threats.
- July 27, 2017
27 Jul'17
Industroyer malware a turning point for ICS security
Security researchers at Black Hat 2017 analyzed the Industroyer malware, the attack on Ukraine's power grid and what it means for industrial control system security in the U.S.
- July 26, 2017
26 Jul'17
Stamos preaches defensive security research in Black Hat keynote
Facebook's Alex Stamos used his Black Hat 2017 keynote to address a wide variety of issues, including defensive security research and diversity in the infosec community.
- July 26, 2017
26 Jul'17
At Black Hat 2017, an industry hits a milestone and finds new directions
Long a conference that has thrived on technical sophistication and nuanced attacks, Black Hat USA 2017 in Las Vegas also found room for softer themes.
- July 25, 2017
25 Jul'17
Fancy Bear C&C servers taken down by Microsoft lawsuit
Experts applaud Microsoft for clever use of a lawsuit to claim command and control server domains used by malicious Russian APT group Fancy Bear.
- July 21, 2017
21 Jul'17
Dark web markets' shutdown may lead to more arrests
Cooperation between law enforcement from around the world led to the shutdown of the AlphaBay and Hansa dark web markets and potential leads of illegal vendors.
- July 21, 2017
21 Jul'17
Bipartisan group launches effort to improve election security
News roundup: The Defending Digital Democracy project brings together security experts to tackle election security. Plus, government shake-ups could hit cybersecurity, and more.
- July 20, 2017
20 Jul'17
Industry reacts to Symantec certificate authority trust remediation
As the Symantec certificate authority scrambles to transition its certificate-issuance operations to a subordinate certificate authority, the CA industry sharpens its knives.
- July 19, 2017
19 Jul'17
Risk & Repeat: Kaspersky Lab removed from GSA Schedule 70
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Trump administration's removal of Kaspersky Lab from the GSA Schedule 70 for federal IT contracts.
- July 19, 2017
19 Jul'17
Symantec agrees to transfer certificate issuance to third party
Symantec has agreed to a plan that would transfer its certificate issuance and validation operations to as-yet-unnamed third-party partner starting Dec. 1.
- July 18, 2017
18 Jul'17
Another AWS data leakage due to misconfiguration
Dow Jones becomes the latest organization to be affected by an AWS cloud data leakage due to misconfiguration and user error.
- July 14, 2017
14 Jul'17
Google tackles Android app privacy with machine learning
Google will use machine learning and automated peer review scans to improve Android app privacy and limit app permissions overreach.
- July 14, 2017
14 Jul'17
AWS S3 bucket leak exposes millions of Verizon customers' data
News roundup: An AWS S3 bucket leak containing personal data of millions of Verizon customers was exposed to the public. Plus, DNC hack victims are suing the Trump campaign, and more.
- July 13, 2017
13 Jul'17
Petya malware behavior may change based on AV installed
Researchers found changes in malware behavior when Petya detected certain security products, but experts are unsure why these features might exist.
- July 13, 2017
13 Jul'17
Symantec certificate authority business reportedly for sale
As Google and Mozilla prepare plans to reduce trust for Symantec's certificate authority, the antivirus vendor is reported to be seeking a buyer for its web certificate business.
- July 12, 2017
12 Jul'17
Windows NTLM vulnerabilties addressed in July 2017 Patch Tuesday
Client-side security takes the forefront in Microsoft's July 2017 Patch Tuesday, which includes a fix for legacy Windows NTLM authentication processes.
- July 12, 2017
12 Jul'17
Risk & Repeat: Should IAM systems be run by machine learning?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the identity and access management industry and how machine learning algorithms could govern IAM systems.
- July 12, 2017
12 Jul'17
IT diversity and the cyberskills gap Q&A with Jules Okafor
Jules Okafor discusses the skills gap in the cybersecurity industry, how better IT diversity could help, and what is needed to bring in more women and minorities.
- July 12, 2017
12 Jul'17
Q&A: Ping CEO on contextual authentication, intelligent identity
Ping Identity CEO Andre Durand talks with SearchSecurity about the data-driven move toward contextual authentication and intelligent identity and what this means for enterprises.
- July 11, 2017
11 Jul'17
Android Samba app from Google only uses broken SMBv1
Experts said the new Android Samba app from Google supported only unsafe SMBv1 despite susceptibility to WannaCry exploits and unclear demand from users.
- July 10, 2017
10 Jul'17
WoSign CA certificates get end-of-trust date in Chrome
Google to distrust all WoSign CA certificates in Chrome starting in September, as the troubled certificate authority passed a key audit and is seeking a new CEO to help return trust.
- July 07, 2017
07 Jul'17
Tax software backdoor allowed NotPetya ransomware attacks
Researchers analyze the software backdoor used to deliver NotPetya ransomware to Ukraine targets, while the threat actors behind the attacks ask for more money.
- July 07, 2017
07 Jul'17
Flawed Broadcom Wi-Fi chipsets get a fix, but flaw remains a mystery
Broadpwn, a flaw in Broadcom Wi-Fi chipsets, is patched, but Google withholds details. Plus, the latest in the antivirus drama between the U.S. and Russia, and more.
- July 07, 2017
07 Jul'17
Cybersecurity skills gap fixes must support minorities
A new survey shows a majority of organizations are facing a cybersecurity skills gap and experts say more focus on women and minorities could be key to finding talent.
- July 05, 2017
05 Jul'17
Risk & Repeat: NotPetya ransomware raises the stakes
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the NotPetya ransomware, its impact and the growing trend of sophisticated ransomware attacks.
- June 30, 2017
30 Jun'17
The ELSA project enables hackers to track and store geolocation data
News roundup: The ELSA project -- one of the released CIA hacking tools -- can track device locations. Plus, Senators move to ban Kaspersky Lab products from the military, and more.
- June 30, 2017
30 Jun'17
NotPetya ransomware trend moving toward sophistication
NotPetya represented advanced malware compared to its cousin WannaCry, but also showed sophistication that experts worry may be a ransomware trend.
- June 30, 2017
30 Jun'17
Q&A: How the Cyber Threat Alliance solved threat intelligence sharing
Palo Alto Networks CSO Rick Howard talks with SearchSecurity about his experiences with the Cyber Threat Alliance and how the group approaches threat intelligence sharing.
- June 29, 2017
29 Jun'17
Risk & Repeat: RNC voter database left open to the public
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how the Republican National Committee's voter database was accidentally exposed in an Amazon S3 bucket.
- June 28, 2017
28 Jun'17
Petya ransomware scam: Lost files can't be restored
Researchers discovered the rash of Petya-like attacks are nothing more than a ransomware scam, and list files are impossible to restore.
- June 28, 2017
28 Jun'17
Petya-like global ransomware attack can be mitigated
A new global ransomware attack has been spreading quickly using the same exploits as WannaCry, but researchers have already found ways to protect users from the damage.
- June 27, 2017
27 Jun'17
Windows Defender bug could allow full-system takeover
A newly disclosed Windows Defender bug, which could allow an attacker to fully take over a target system and create admin accounts, marks yet another major antivirus vulnerability.
- June 26, 2017
26 Jun'17
Security code reviews by Russian agencies cause concern
Demands for security code reviews by Russia have been on the rise, and not all experts or U.S. companies want to comply with the requests.
- June 23, 2017
23 Jun'17
Brutal Kangaroo USB malware could be reverse-engineered
The Brutal Kangaroo USB malware leaked from the CIA's Vault 7 could pose a threat to air-gapped computers if hackers reverse-engineer it.
- June 23, 2017
23 Jun'17
Privileged user management trips up NSA
News roundup: DOD inspector general found NSA failed to implement secure privileged user management post-Snowden. Plus, Honda hit by WannaCry, Trump met with tech CEOs and more.
- June 22, 2017
22 Jun'17
Malware in encrypted traffic uncovered with machine learning
Cisco claims it can accurately detect malware activity in encrypted traffic using machine learning, but some experts worry about privacy implications.
- June 22, 2017
22 Jun'17
Machine learning in cybersecurity is coming to IAM systems
Machine learning in cybersecurity applications for identity management systems are becoming more common today. But will algorithms be the best option for authenticating and authorizing users?
- June 21, 2017
21 Jun'17
RNC leak of voter database exposes poor cloud security practices
A massive voter database RNC leak underscores the poor cloud security practices in place in the U.S. government and many enterprises.