News

News

• June 20, 2017 20 Jun'17

  Valerie Plame warns of increased nation-state cyberattacks

  At the 2017 Cloud Identity Summit, former covert CIA officer Valerie Plame discussed the increasing risks of nation-state cyberattacks focused on geopolitical influence.

• June 16, 2017 16 Jun'17

  Router security issues highlighted by CIA's CherryBlossom project

  The latest WikiLeaks release on CIA hacking tools includes the CherryBlossom project, which highlights router security issues, including a lack of firmware signing validation.

• June 16, 2017 16 Jun'17

  Hidden Cobra hackers target U.S. with DeltaCharlie malware

  News roundup: DeltaCharlie malware is a threat to the U.S., according to a US-CERT warning about Hidden Cobra. Plus, a DVR flaw could create a bigger botnet than Mirai, and more.

• June 15, 2017 15 Jun'17

  Microsoft to disable SMBv1 by default in fall Windows updates

  Microsoft claims recent WannaCry attacks did not influence the decision to disable SMBv1 by default in the next major Windows updates.

• June 14, 2017 14 Jun'17

  More Windows XP fixes in June Patch Tuesday release

  Microsoft's June 2017 Patch Tuesday saw another set of Windows XP fixes released in order to secure systems against leaked NSA cyberweapons.

• Sponsored News

  • Keep out vulnerable third-party scripts that help steal data from your website

    Sponsored by Akamai - Visiting a website today, users gain access to a rich, interactive experience that is often customized to their preferences and enhanced for their convenience. See More

  • Part I: Keep the Cloud Your Safe Place

    Sponsored by Forcepoint - Organizations of all sizes have been called upon to swiftly support remote work in order to safeguard the health of their workforce and local communities. As businesses are called upon to scale up remote work procedures for the physical safety of employees, IT teams must accelerate the adoption of technology that ensures their people and data are secure—without hurting productivity or morale. See More

  • DDoS attacks are growing in frequency and scale during the pandemic. What can businesses do?

    Sponsored by Akamai - At a time when many businesses have their resources stretched to the limit, the scourge of distributed denial-of-service (DDoS) attacks has continued unabated and added to the difficulties faced by many during this ongoing pandemic. See More

  • Part II: Safeguard Data Everywhere

    Sponsored by Forcepoint - As security teams are tasked with the duty of rapidly scaling up protections for remote workers, one of the key considerations they must keep in mind is how to safeguard data no matter where it resides or travels. This is hardly a new problem. However, the vastly broadened scope of remote work today requires security teams to revisit policies and technologies. Some solutions that may have been sufficient for isolated use cases don't adequately protect a completely distributed workforce. See More

  View All Sponsored News
• June 14, 2017 14 Jun'17

  Symantec CA remediation plan faces more delays

  The battle over Symantec CA operations continues as the antivirus vendor pushes back against a consensus remediation proposal from the web browser community.

• June 14, 2017 14 Jun'17

  Risk & Repeat: Comey warns of more election hacking

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss former FBI Director James Comey's testimony on election hacking and election interference from Russia.

• June 13, 2017 13 Jun'17

  IPv6 update: A look at the security and privacy improvements

  The recent IPv6 update from the IETF introduces new security and privacy recommendations. Expert Fernando Gont explains these changes and what they mean for organizations.

• June 13, 2017 13 Jun'17

  (ISC)2 CEO on cybersecurity workforce expansion and 2017 Congress

  Recently, SearchSecurity editorial director Robert Richardson checked in with (ISC)2's CEO David Shearer as the organization prepares for its fall Security Congress.

• June 13, 2017 13 Jun'17

  CrashOverride ICS attack targets vulnerable electrical grid

  Researchers discovered new details of a Kiev ICS attack from December using CrashOverride malware that could be used to disrupt an insecure electrical grid.

• June 12, 2017 12 Jun'17

  Q&A: Cyber attribution matters, RSA GM Peter Tran says

  RSA's GM Peter Tran sheds light on the value of cyber attribution, explains why the 'how' and 'why' of an attack may be more important than finding who did it.

• June 09, 2017 09 Jun'17

  Microsoft accused of blocking independent antivirus competition

  News roundup: Kaspersky files a complaint against Microsoft's handling of independent antivirus software for Windows 10. Plus, hackers use Instagram to spread malware, and more.

• June 09, 2017 09 Jun'17

  Black Hat 2017: Special conference coverage

  The SearchSecurity team covers the threats and vulnerabilities at this year's Black Hat USA with news, features, interviews and more from Las Vegas.

• June 08, 2017 08 Jun'17

  Risk & Repeat: Shadow Brokers launch zero-day exploit service

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Shadow Brokers' monthly service for zero-day exploits and how it may affect enterprise security efforts.

• June 08, 2017 08 Jun'17

  Hardcoded passwords could cause full IoT camera compromise

  IoT cameras could be fully compromised due to multiple vulnerabilities, including hardcoded passwords that can be used regardless of user settings.

• June 08, 2017 08 Jun'17

  Researchers port EternalBlue exploit to Windows 10

  The EternalBlue exploit behind the WannaCry ransomware attacks has been successfully ported to an older version of Windows 10, but newer versions of the OS are protected.

• June 07, 2017 07 Jun'17

  Election cyberattack proves people are still the biggest flaw

  A new NSA leak allegedly shows Russian agents engaged in election cyberattacks against local U.S. governments and proves people are still the hardest cybersecurity risk to mitigate.

• June 06, 2017 06 Jun'17

  Symantec certificate authority aims for more delays on browser trust

  Is the Symantec certificate authority operation too big to fail? That seems to be the message the security giant is sending in its latest response to a proposal from the browser community to turn ...

• June 02, 2017 02 Jun'17

  International data privacy laws create inconsistent rules

  A new cybersecurity law in China highlights the trend of inconsistent international data privacy laws being enacted around the world.

• June 02, 2017 02 Jun'17

  Users' SSO information at risk after OneLogin security breach

  News roundup: OneLogin security breach puts SSO data at risk but is vague about the details. Plus, Gmail boosts its phishing detection features, and more.

• June 02, 2017 02 Jun'17

  Risk & Repeat: GDPR compliance clock is ticking

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss GDPR compliance and how the EU law will affect enterprise data privacy and security across the globe.

• June 01, 2017 01 Jun'17

  IT security trends: 2017 prioritizes cloud, network, endpoints

  The 2017 TechTarget IT Priorities Survey reports a number of key IT security trends about where enterprises and infosec professionals place their time and resources.

• May 31, 2017 31 May'17

  Shadow Brokers dump crowdfunding raises ethical questions

  The prospect of monthly NSA cyberweapons leaks in new Shadow Brokers dump raises questions about the ethics of paying criminals for stolen goods.

• May 31, 2017 31 May'17

  GDPR breach notification rule could complicate compliance

  Don't forget the huge fines: When it comes to the new 72-hour GDPR breach notification rule, the cost of compliance must be weighed against harsh GDPR penalties.

• May 30, 2017 30 May'17

  EU GDPR compliance puts focus on data tracking, encryption

  The EU's General Data Protection Regulation is less than a year away. Experts explain why data tracking, encryption and other measures are crucial for GDPR compliance.

• May 26, 2017 26 May'17

  Samba vulnerability brings WannaCry fears to Linux/Unix

  A widespread Samba vulnerability has raised the possibility of attacks similar to WannaCry hitting Linux and Unix systems, but mitigation options are available.

• May 26, 2017 26 May'17

  Target data breach settlement requires security improvements

  News roundup: The Target settlement following the 2013 data beach requires the company to adopt a stronger security program. Plus, experts knock the FCC's DDoS claim, and more.

• May 26, 2017 26 May'17

  Voting machine hacking to be taken on at DEFCON 2017

  Possible voting machine hacking has been a topic of conversation since before the 2016 election and at DEFCON 2017; professional pentesters will find out what damage can be done.

• May 25, 2017 25 May'17

  Risk & Repeat: Microsoft slams NSA over EternalBlue

  In this week's Risk & Repeat podcast, SearchSecurity editors discuss Microsoft's sharp criticism of the NSA over the EternalBlue Windows vulnerability and WannaCry ransomware.

• May 24, 2017 24 May'17

  GDPR compliance help is on the way for Microsoft cloud customers

  With GDPR compliance set to be mandatory in one year, Microsoft will help get its cloud customers ready for the new data protection regulation.

• May 24, 2017 24 May'17

  Seven NSA cyberweapons used in EternalRocks exploit

  Following the worldwide impact of WannaCry, EternalRocks arrived abusing seven NSA cyberweapons but holding back on its malicious intent.

• May 24, 2017 24 May'17

  WannaCry ransomware decryptor brings hope to victims

  Security researchers uncovered more info on how WannaCry spread, and a ransomware decryptor emerged to save files for those affected.

• May 24, 2017 24 May'17

  Q&A: GDPR compliance tips from CSPi's Gary Southwell

  With one year left, it's time to prioritize GDPR compliance; Gary Southwell, CSPi's general manager, offers advice for protecting personal data under the EU's new privacy regulation.

• May 23, 2017 23 May'17

  Risk & Repeat: WannaCry ransomware worm shakes tech industry

  In this week's Risk & Repeat podcast, SearchSecurity editors look at the devastation caused by the WannaCry ransomware worm and discuss how it could have been prevented.

• May 23, 2017 23 May'17

  Q&A: Time to get GDPR compliant, CSPi's Gary Southwell says

  Companies doing business in EU face challenge to get GDPR compliant as enforcement of the strict new General Data Protection Regulation is just one year away.

• May 19, 2017 19 May'17

  Q&A: Juniper's Kevin Walker on data manipulation, ransomware threats

  Juniper's Kevin Walker talks with SearchSecurity about the evolving threat landscape and how some attackers are incorporating data manipulation into their schemes.

• May 19, 2017 19 May'17

  Google Play Protect looks to bolster Android app security

  News roundup: The new Google Play Protect system aims to improve Android app security. Plus, Google Cloud IoT Core adds layer of device security, and more.

• May 18, 2017 18 May'17

  Vulnerability remediation of WannaCry flaw raises concerns

  Between patch delays and NSA disclosure issues, experts said the vulnerability remediation for WannaCry was poorly handled and caused more damage.

• May 18, 2017 18 May'17

  Risk & Repeat: Reviewing Trump's cybersecurity executive order

  This week's Risk & Repeat podcast looks at President Trump's cybersecurity executive order and how it aims to address federal government and critical infrastructure issues.

• May 17, 2017 17 May'17

  Vulnerabilities Equities Process may be law with PATCH Act

  The bipartisan PATCH Act aims to codify the Vulnerabilities Equities Process into law in the wake of a global ransomware attack based on a stolen NSA cyberweapon.

• May 17, 2017 17 May'17

  Q&A: Talking bug bounty programs with Bugcrowd's Casey Ellis

  As bug bounty programs become more mainstream, Bugcrowd founder and CEO Casey Ellis offers insights into rewards, best practices and tips for getting the most bang for the buck.

• May 16, 2017 16 May'17

  Microsoft slams NSA over cyberweapon in WannaCry ransomware

  Microsoft blames the U.S. government for cyberweapon stockpiling as WannaCry ransomware infections continue to spread, though some experts say Microsoft shares responsibility.

• May 15, 2017 15 May'17

  WannaCry ransomware prompts legacy MS17-010 patch

  Microsoft responds to WannaCry ransomware with an MS17-010 patch for legacy systems as new ransomware variants spread to more countries around the globe.

• May 15, 2017 15 May'17

  What is NIST's guidance on lightweight cryptography?

  NIST released a report on lightweight cryptography. Expert Judith Myerson reviews what the report covers and what NIST recommends for standardization.

• May 12, 2017 12 May'17

  How did a Slack vulnerability expose user authentication tokens?

  A Slack vulnerability exposed user authentication tokens and enabled hackers to access private data. Expert Matthew Pascucci explains how and why this hack was successful.

• May 12, 2017 12 May'17

  Trump cyber executive order focuses on cyber-risk management

  The Trump cyber executive order arrived, with a focus on cyber-risk management and reports. But key details are missing in terms of implementing changes.

• May 12, 2017 12 May'17

  Cisco vulnerability from WikiLeaks' Vault 7 dump finally patched

  News roundup: A Cisco vulnerability disclosed in the Vault 7 dump finally has a patch. Plus, Google's fuzzing bot finds over 1,000 bugs in five months, Comey dismissed and more.

• May 11, 2017 11 May'17

  Risk & Repeat: Critical Windows bug triggers disclosure debate

  This week's Risk & Repeat podcast looks at how a simple tweet about a Windows bug from Project Zero researcher Tavis Ormandy sparked a debate about vulnerability disclosure.

• May 11, 2017 11 May'17

  Android clickjacking attacks possible from Google Play apps

  Google implemented clickjacking attack mitigations in Android but left a potential avenue for malicious actors that won't be fixed until Android O is released.

• May 10, 2017 10 May'17

  Windows zero days squashed in May 2017 Patch Tuesday

  Microsoft's May 2017 Patch Tuesday fixed multiple Windows zero-day vulnerabilities, two of which have reportedly been exploited by groups linked to Russia.

• May 09, 2017 09 May'17

  Intel AMT security risk could lead to system access

  Servers may have been at risk of attack for years because of an Intel AMT security risk that was recently disclosed before manufacturers could patch.

• May 09, 2017 09 May'17

  Microsoft out-of-band patch hits the day before Patch Tuesday

  The evening before Patch Tuesday, Microsoft released an emergency out-of-band patch for a dangerous Windows flaw teased by the Google Project Zero team just days earlier.

• May 05, 2017 05 May'17

  New types of ransomware innovate to find opportunity

  There is no shortage of new types of ransomware, many with unique features, and experts say it's an exercise in innovation and finding revenue opportunity.

• May 05, 2017 05 May'17

  TLS client authentication ensures secure IoT connection

  The TLS client authentication protocol has been part of the security standard for years, but it's just now coming into its own in certifying secure IoT connections.

• May 05, 2017 05 May'17

  SS7 vulnerability allows attackers to drain bank accounts

  News roundup: Attackers exploit SS7 vulnerability and drain bank accounts. Plus, Trump signs government IT executive order, an Intel AMT flaw threatens millions and more.

• May 04, 2017 04 May'17

  Risk & Repeat: Symantec offers plan to restore certificate trust

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss Symantec's continued struggles with certificate trust, and what Mozilla and Google are doing about it.

• May 04, 2017 04 May'17

  Google Docs phishing attack grants attacker full Gmail access

  A Google Docs phishing attack abused OAuth to give malicious actors full access to a victim's Gmail account and contacts, but Google claims to have blocked the attacks.

• May 03, 2017 03 May'17

  Verizon DBIR 2017 loses international contributors

  Looking at the overall numbers for the contributors to the Verizon Data Breach Investigations Report (DBIR) from the past five years, it would seem like the amount of partners is hitting a plateau, ...

• May 02, 2017 02 May'17

  NATO cyberwar games show the U.S. needs more practice

  The NATO Locked Shields cyberwar games had the U.S. team winning most improved, but experts say the U.S. still needs more practice.

• May 02, 2017 02 May'17

  Mozilla: Symantec certificate remediation plan not enough

  Mozilla reviews the counterproposal from Symantec and urges the CA giant to opt for Google's recommendation to outsource its certificate activities.

• April 28, 2017 28 Apr'17

  Symantec certificate authority offers counter-proposal to Google

  Symantec certificate authority proposal takes the pain out of sanctions for misissued certs, offers more audits, greater transparency and promise of "continuous improvement."

• April 28, 2017 28 Apr'17

  Verizon DBIR 2017: Basic cybersecurity focus misplaced

  Basic cybersecurity measures like limiting password reuse and implementing multifactor authentication could be big benefits, according to the Verizon DBIR 2017.

• April 28, 2017 28 Apr'17

  Pretexting is a rising threat, according to 2017 Verizon DBIR

  The 2017 Verizon DBIR details threats becoming more popular, like ransomware, and some that are less known, but dangerous, like pretexting.

• April 28, 2017 28 Apr'17

  Still waiting for a cybersecurity executive order from Trump

  News roundup: A cybersecurity executive order overdue, but 'close and nearby.' Plus, the USPTO says it will stop using HTTPS; a teenage hacker sentenced to prison; and more.

• April 28, 2017 28 Apr'17

  Risk & Repeat: More Equation Group cyberweapons leaked

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the latest round of Equation Group cyberweapons and how Microsoft patched them.

• April 27, 2017 27 Apr'17

  AWS promises to be GDPR compliant by May 2018 deadline

  Amazon promises all AWS cloud services will be GDPR compliant before enforcement of the new EU data privacy regulation starts in 2018, offers customers assistance.

• April 25, 2017 25 Apr'17

  Symantec certificate authority issues, answered

  Google and Mozilla weigh the proper response to Symantec certificate authority issues, as the CA giant prepares an alternative proposal for reinstating trust.

• April 25, 2017 25 Apr'17

  NSA spyware found infecting tens of thousands worldwide

  A new security tool will let users scan their systems for the presence of NSA spyware found in the latest Equation Group leak, and tens of thousands are already infected.

• April 21, 2017 21 Apr'17

  Stuxnet worm flaw still the most exploited after seven years

  Security researchers say the vulnerability behind the infamous Stuxnet worm is still the most exploited in the world, seven years after being patched.

• April 21, 2017 21 Apr'17

  Hajime worm fights the forces of evil IoT malware, maybe

  News roundup: The Hajime worm is the nicer, sneakier brother of Mirai malware. Plus, the FBI and CIA hunt for the Vault 7 whistleblower, Symantec adds to Zscaler lawsuit, and more.

• April 21, 2017 21 Apr'17

  Q&A: Software-Defined Secure Networks with Juniper's Kevin Walker

  Juniper's Kevin Walker talks with SearchSecurity about his company's Software-Defined Secure Network platform, improving SDN security, and the evolution of machine learning.

• April 20, 2017 20 Apr'17

  Oracle patches Apache Struts exploits, Equation Group vulnerability

  There were 299 Oracle patches in the April Critical Patch Update, including a fix for the Apache Struts exploits found in the wild and a vulnerability from the Equation Group dump.

• April 19, 2017 19 Apr'17

  Cheap ransomware as a service arrives for malicious actors

  A new type of ransomware as a service has appeared on the dark web, with unique features and an inexpensive price to attract malicious actors.

• April 19, 2017 19 Apr'17

  Risk & Repeat: Mozilla joins the Symantec certificate authority debate

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss mounting pressure on the Symantec certificate authority business to provide answers about its practices.

• April 18, 2017 18 Apr'17

  Shadow Brokers' Windows exploits target unsupported systems

  A new release of NSA cyberweapons falls flat, as Windows exploits from the Shadow Brokers have mostly been patched. But unsupported systems are still at risk.

• April 14, 2017 14 Apr'17

  Shadow Brokers release SWIFT banking and Windows exploits

  The Shadow Brokers released another cache of cyberweapons linked to the Equation Group, including Windows exploits and attack details for the SWIFT banking system.

• April 14, 2017 14 Apr'17

  DARPA's SSITH program takes aim at hardware vulnerabilities

  News roundup: DARPA's SSITH program tackles hardware vulnerabilities for better security. Plus, new risks placed in OWASP Top 10, SWIFT launches new anti-fraud tool, and more.

• April 14, 2017 14 Apr'17

  CLDAP reflection attacks may be the next big DDoS technique

  Security researchers discovered a new reflection attack method using CLDAP that can be used to generate destructive but efficient DDoS campaigns.

• April 13, 2017 13 Apr'17

  Risk & Repeat: Juniper's Kevin Walker on SDN security challenges

  In this episode of SearchSecurity's Risk & Repeat podcast, Kevin Walker, Juniper Networks' security chief technology and strategy officer, talks about SDN security challenges.

• April 13, 2017 13 Apr'17

  U.S. election hacking not an act of cyberwarfare, experts say

  The government needs a better definition for an act of cyberwarfare, says ex-CIA Director Michael Hayden, because he doesn't think the U.S. election hacking applies.

• April 12, 2017 12 Apr'17

  Symantec CA woes debated by browser community

  Compliance with CA/B Forum Baseline Requirements was debated after Symantec CA posted responses to 14 issues raised by Mozilla developers.

• April 12, 2017 12 Apr'17

  Security Update Guide brings growing pains to Patch Tuesday

  Microsoft fundamentally changes how IT pros will consume Patch Tuesday releases with the Security Update Guide and brings fixes for an actively exploited Word zero-day.

• April 11, 2017 11 Apr'17

  CIA Vault 7 tools attributed to hacking group for years

  Security researchers said the CIA Vault 7 tools and techniques are linked to cyberattacks over the past six years targeting various foreign entities.

• April 07, 2017 07 Apr'17

  State Department hack and APT29 prove attacker resilience

  News Roundup: 'Hand-to-hand' combat in State Department hack, APT29 has a stealth backdoor, the creator of the internet backs strong encryption, and more.

• April 07, 2017 07 Apr'17

  CA Strong Authentication offers businesses low-cost MFA and 2FA

  CA Strong Authentication brings inexpensive multi- and two-factor authentication to businesses looking to protect mobile applications and devices and to prevent identity theft.

• April 07, 2017 07 Apr'17

  Windows 10 telemetry data collection details revealed

  Microsoft exposes Windows 10 telemetry practices just a week before Creators Update; may allay privacy concerns over Windows 10 data collection.

• April 06, 2017 06 Apr'17

  Public/private threat intelligence sharing faces roadblocks

  The U.S. government says it wants to improve threat intelligence sharing between the public and private sectors, but experts are unsure that is possible in the current climate.

• April 06, 2017 06 Apr'17

  Chinese hacking group APT10 linked to global trade target

  Evidence points to Chinese hacking group APT10 conducting economic espionage in the breach of a trade policy group prior to U.S.-China trade summit talks in Florida.

• April 05, 2017 05 Apr'17

  Risk & Repeat: Strong encryption under fire again

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the latest round of the encryption debate and what it means for apps that use strong encryption.

• April 05, 2017 05 Apr'17

  Pegasus malware expands from iOS to Android

  One of the more malicious iOS threats -- Pegasus malware -- has made its way to Android devices and it has some dangerous new tricks in its arsenal.

• April 05, 2017 05 Apr'17

  Internet security protocol bodies ISOC, OTA announce merger

  The two leading internet security protocol bodies, Online Trust Alliance and Internet Society, merge to work for improved IoT security and online security.

• April 04, 2017 04 Apr'17

  Symantec certificate authority issues listed by Mozilla developers

  Mozilla developers respond to questionable Symantec certificate authority practices, as the security provider questions Google's proposed solutions.

• March 31, 2017 31 Mar'17

  Risk & Repeat: Google slams Symantec certificates

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss Google's proposed plan to distrust Symantec certificates following more allegations of mis-issuance.

• March 31, 2017 31 Mar'17

  EU encryption backdoor options for messaging apps set for June

  Messaging app developers will be offered 'three or four' legislative and non-legislative options for encryption backdoor access for EU law enforcement.

• March 31, 2017 31 Mar'17

  WikiLeaks' false flag attack allegations against CIA unfounded

  Another set of documents from the Vault 7 CIA cache was released by WikiLeaks, but experts say the allegations of false flag attacks are unfounded and dangerous.

• March 31, 2017 31 Mar'17

  Obama-era cyber executive order extended by Trump

  A cyber executive order from the Obama era has been extended by President Trump to allow sanctions placed on cybercriminals who attack the U.S.

• March 31, 2017 31 Mar'17

  HTTPS traffic has yet to surpass HTTP traffic, Fortinet study shows

  News roundup: HTTPS traffic has yet to surge, despite its security benefits, according to a report. Plus, the latest in the Apple extortion; a Mirai attack lasted 54 hours; and more.

• March 30, 2017 30 Mar'17

  Experts debunk strong encryption claims by FBI's Comey

  FBI Director James Comey clearly laid out his views on strong encryption and urged more conversation, but experts say his arguments fall flat and may even be misleading.

• March 30, 2017 30 Mar'17

  Google's Project Zero Prize uncovers zero Android remote exploits

  After six months, Google's Project Zero Prize competition uncovered zero Android remote exploits: no bugs, no prizes, no entries.

• March 29, 2017 29 Mar'17

  Potential SSL API flaw could reveal private keys

  A researcher claims to have found Symantec SSL API issues with extremely dangerous consequences, but a lack of evidence causes confusion.