News
News
- April 04, 2019
04 Apr'19
Pipdig WordPress plugin accused of DDoS attacks and backdoors
Pipdig, a blog theme and plugin company, was accused of using obfuscated code to gain backdoor access to customer blogs and launch low-scale DDoS attacks on rivals.
- April 03, 2019
03 Apr'19
'Triple threat' malware campaign combines Emotet, TrickBot and Ryuk
Cybereason sounds off on the recently discovered 'triple threat' campaign and highlights interesting features of the attack technique used by cybercriminals.
- April 03, 2019
03 Apr'19
Proof-of-concept Magento exploit used in attacks
Experts are urging users to patch after a proof-of-concept Magento exploit was picked up by malicious actors and used in attempted attacks on e-commerce websites.
-
- March 29, 2019
29 Mar'19
Study: Cybersecurity professionals taking on more data privacy duties
At the SecureWorld Boston conference, ISSA unveils data that shows cybersecurity professionals are taking on more data privacy duties. Experts sound off on what it signifies.
- March 28, 2019
28 Mar'19
NSS Labs CTO discusses advanced endpoint protection testing, challenges
NSS Labs released the results of its new endpoint protection group test at RSA Conference 2019. NSS Labs CTO Jason Brvenik talks about the results, testing challenges and more.
- March 28, 2019
28 Mar'19
Ghidra update squashes serious bugs in NSA reverse-engineering tool
The NSA answered lingering questions around what kind of support it would provide for Ghidra after releasing the tool as open source with a patch that fixed serious bugs.
- March 26, 2019
26 Mar'19
CrowdStrike: Cybercrime groups joining forces to pack more punch
CrowdStrike sounds off on the enhanced partnership between the cybercrime groups behind the TrickBot and BokBot malware and explains what such collaborations signify.
- March 26, 2019
26 Mar'19
2019 RSA Conference bottom line: People are security's strongest asset
People in the security community and beyond are more important and influential than the leading technologies if the talk at the 2019 RSA Conference is any indication.
- March 26, 2019
26 Mar'19
Asus backdoor hits targets with officially signed update
Attackers infected the official Asus Live Updater to install a malicious backdoor on hundreds of thousands of systems, with the intent of targeting a small subset of those users.
- March 25, 2019
25 Mar'19
FEMA data exposure affects 2.3 million disaster victims
FEMA's data exposure is another high-profile example of accidental data disclosures -- a trend that has some security experts calling for more focus on failed security controls.
-
- March 22, 2019
22 Mar'19
Study reveals sale of SSL/TLS certificates on dark web
Security researchers discovered the availability of SSL/TLS certificates for sale on the dark web, which allow cybercriminals to disguise their malicious activity as legitimate.
- March 22, 2019
22 Mar'19
Hundreds of millions of Facebook passwords exposed internally
Facebook learned three months ago that hundreds of millions of passwords were stored internally in plaintext, but it didn't disclose the issue or notify users until the news leaked.
- March 22, 2019
22 Mar'19
Risk & Repeat: RSA Conference 2019 in review
This week's 'Risk & Repeat' podcast looks back at RSA Conference and discusses the show's diversity and inclusion efforts as well as the top trends and sessions from the show.
- March 22, 2019
22 Mar'19
Chris Wysopal talks blockchain hype and realistic uses
While marketers ride the hype train around blockchain, Chris Wysopal says there are realistic uses for the technology. And there are blockchain risks that need to be considered, as well.
- March 20, 2019
20 Mar'19
New Mirai malware variant targets enterprise devices
Researchers from Palo Alto Networks have spotted a new variant of the Mirai botnet that is targeting enterprise presentation systems and digital signage with 11 new exploits.