News

December 05, 2019 05 Dec'19
DOJ takes action against Dridex malware group, Evil Corp

The U.S. Justice Department indicts two alleged members of the Russian threat group behind the Dridex banking Trojan, known as Evil Corp, and offers a $5 million bounty.
December 05, 2019 05 Dec'19
Session cookie mishap exposed HackerOne private reports

A security researcher used a mishandled session cookie to access private HackerOne bug reports with an account takeover attack and earned a bug bounty for their efforts.
December 04, 2019 04 Dec'19
NSS Labs drops antitrust suit against AMTSO, Symantec and ESET

NSS Labs dropped its antitrust suit against the Anti-Malware Testing Standards Organization, Symantec and ESET, ending a contentious legal battle in the endpoint security market.
December 02, 2019 02 Dec'19
Exposed Firebase databases hidden by Google search

A security researcher found that Google's search engine hides results for misconfigured Firebase databases that are publicly accessible on the internet.
November 25, 2019 25 Nov'19
Ransomware attacks shaking up threat landscape -- again

Threat actors have employed new techniques and built more sophisticated business models for their ransomware campaigns, which has had devastating consequences.
Sponsored News
- Keep out vulnerable third-party scripts that help steal data from your website
  
  Sponsored by Akamai - Visiting a website today, users gain access to a rich, interactive experience that is often customized to their preferences and enhanced for their convenience. See More
- Part I: Keep the Cloud Your Safe Place
  
  Sponsored by Forcepoint - Organizations of all sizes have been called upon to swiftly support remote work in order to safeguard the health of their workforce and local communities. As businesses are called upon to scale up remote work procedures for the physical safety of employees, IT teams must accelerate the adoption of technology that ensures their people and data are secure—without hurting productivity or morale. See More
- DDoS attacks are growing in frequency and scale during the pandemic. What can businesses do?
  
  Sponsored by Akamai - At a time when many businesses have their resources stretched to the limit, the scourge of distributed denial-of-service (DDoS) attacks has continued unabated and added to the difficulties faced by many during this ongoing pandemic. See More
- Part II: Safeguard Data Everywhere
  
  Sponsored by Forcepoint - As security teams are tasked with the duty of rapidly scaling up protections for remote workers, one of the key considerations they must keep in mind is how to safeguard data no matter where it resides or travels. This is hardly a new problem. However, the vastly broadened scope of remote work today requires security teams to revisit policies and technologies. Some solutions that may have been sufficient for isolated use cases don't adequately protect a completely distributed workforce. See More
View All Sponsored News
November 22, 2019 22 Nov'19
Android Security Rewards program expands, adds $1.5M bounty

Google expanded its Android bug bounty program to include data exfiltration and lock screen bypass and raised its top prize for a full chain exploit of a Pixel device.
November 21, 2019 21 Nov'19
IBM Cloud Pak for Security aims to unify hybrid environments

IBM Security is shifting its strategy with a new Cloud Pak designed specifically to unify data from multiple security tools and vendors through accessing federated data.
November 21, 2019 21 Nov'19
Ohio builds 'Cyber Reserve' to combat cyberattacks

Ohio is building a 'Cyber Reserve,' a civilian cybersecurity force alongside the state's National Guard that will be deployed to help local governments recover from cyberattacks.
November 19, 2019 19 Nov'19
Louisiana ransomware attack hits government systems

A ransomware attack on Louisiana government systems has been contained, according to Governor John Bel Edwards, and experts are praising the state's response.
November 19, 2019 19 Nov'19
CrowdStrike: Incident response times still too long

A CrowdStrike study revealed it takes enterprise security teams almost seven days of nonstop work to detect, investigate and contain the average incident.
November 15, 2019 15 Nov'19
Check Point: Qualcomm TrustZone flaws could be 'game over'

Researchers discovered vulnerabilities in Qualcomm TrustZone that Check Point says could lead to 'unprecedented access' because of the extremely sensitive data stored in mobile secure elements.
November 14, 2019 14 Nov'19
InfoTrax settles FTC complaint, will implement infosec program

InfoTrax settled an FTC complaint over an extensive data breach that lasted two years. Now, it can no longer collect any personal data until it implements its own infosec program.
November 13, 2019 13 Nov'19
Microsoft to apply CCPA protections to all US customers

Microsoft said it will apply the California Consumer Privacy Act across the nation and extend the law's data privacy protections to customers in all fifty states.
November 13, 2019 13 Nov'19
ZombieLoad v2 disclosed, affects newest Intel chips

Researchers disclosed another variant of the ZombieLoad side-channel attack that affects the newest Intel processors, and also discovered a flaw in the original ZombieLoad patch.
November 12, 2019 12 Nov'19
How and why data breach lawsuits are settled

For all of the talk about data breach class action lawsuits, virtually none of them reach a courtroom. Here's why and how data breach lawsuits almost always end in settlements.
November 12, 2019 12 Nov'19
Application Guard to block malicious attachments in Office 365

Microsoft is bringing the Application Guard security container to Office 365 ProPlus this year, which could limit the threat of malicious Office documents for subscribers.
November 08, 2019 08 Nov'19
ConnectWise ransomware attacks affecting Automate customers

ConnectWise warned that ransomware attacks are targeting open ports for its Automate on-premises application, but the company has offered few details about the nature of the attacks.
November 07, 2019 07 Nov'19
Trend Micro insider threat steals, sells customer data

A Trend Micro employee stole and sold customer support data, which was used by a malicious third-party actor to scam consumer customers of the cybersecurity company.
November 07, 2019 07 Nov'19
SSL certificate abuse drives growing number of phishing attacks

Phishing attacks against the United Nations and humanitarian organizations show how threat actors are weaponizing valid SSL certificates and how hard it is to stop the abuse.
November 06, 2019 06 Nov'19
Firefox bug is enabling attackers to freeze out users

A recently reported bug in Firefox allows spammed authentication dialogs to lock users out of their browsers and it is under attack in the wild, despite previous efforts to patch.
November 05, 2019 05 Nov'19
First BlueKeep attacks in the wild may be dark portents

Following months of warnings from law enforcement and the infosec community, the first BlueKeep exploit campaign was discovered in the wild and experts say it won't be the last.
November 04, 2019 04 Nov'19
Assessing the value of personal data for class action lawsuits

Determining the value of consumers' personal data exposed in a breach can be a challenge. Security and legal experts discuss what factors are involved in the equation.
November 01, 2019 01 Nov'19
Threat Stack Application Security Monitoring adds Python support

Now supporting both Python and Node.js, Application Security Monitoring can identify risk throughout the software development lifecycle for both third-party and native code.
October 31, 2019 31 Oct'19
Adsterra still connected to malvertising campaign, despite denials

Despite a pledge of "zero tolerance" for malicious activity, ad network Adsterra was found to be once again connecting with the Master134 malvertising campaign.
October 30, 2019 30 Oct'19
Imperva CEO steps down following breach investigation

Chris Hylen unexpectedly stepped down as CEO of Imperva in the wake of a data breach involving cloud WAF customer data, though it's unclear if the two events are connected.
October 30, 2019 30 Oct'19
Splunk Mission Control launch enables a unified SOC

Mission Control is intended to unify Splunk Enterprise Security, Splunk Phantom and Splunk User Behavior Analytics into the Splunk Security Operations Suite.
October 29, 2019 29 Oct'19
Adobe exposure includes data on 7.5 million users

Adobe exposed data on 7.5 million users and employees and one expert says the incident highlights why production data shouldn't be used in test environments.
October 25, 2019 25 Oct'19
Cyber insurance has changed incident response -- for better or worse

Cyber insurance carriers are assuming greater control over how enterprises conduct incident response, which has caused angst and frustration among some security vendors.
October 23, 2019 23 Oct'19
Another CCleaner attack hits Avast supply chain

Avast was able to stop an attempted supply chain attack targeting its CCleaner software, but experts say all enterprises should be wary of similar supply chain attacks.
October 22, 2019 22 Oct'19
Forcepoint Web Security offering reaches for the edge

Forcepoint has delivered a web-based security tool leveraging elastic cloud gateway technology that allows admins to access content from any remote location.
October 22, 2019 22 Oct'19
Bugcrowd launches Attack Surface Management platform

The new platform provides an extra layer of testing by sending its findings to Bugcrowd's crowdsourced security testing tools.
October 21, 2019 21 Oct'19
Sophos acquisition bid presents potential growth, peril

Private equity firm Thoma Bravo made an offer to acquire Sophos for approximately $3.9 billion. Analysts discuss what the deal might mean for the endpoint security vendor.
October 21, 2019 21 Oct'19
Malware detection methods struggle to keep up with evolving threats

Experts discuss the increasingly complex methods of malware detection needed when dealing with everything from low-level attackers to advanced persistent threat groups.
October 16, 2019 16 Oct'19
Exposed Docker hosts open the door for cryptojacking

Security researchers discovered a new Docker worm that has been targeting exposed hosts in order to spread cryptojacking malware to other containers.
October 14, 2019 14 Oct'19
Imperva breach update puts blame on exposed AWS API keys

Imperva CTO Kunal Anand posted updated information regarding the recent breach affecting Cloud WAF customers and admitted poor security controls led to the compromise.
October 11, 2019 11 Oct'19
Cybersecurity threats on the rise, prey on human nature

Cybersecurity attacks continue to rise, taking advantage of network vulnerabilities -- and human ones. First National Technology Solutions' CISO offers advice.
October 11, 2019 11 Oct'19
Palo Alto Networks launches new version of Demisto SOAR platform

New features to the Demisto platform include a customizable user interface, threat intelligence, database scaling and a mobile app providing chat support and updates for users.
October 09, 2019 09 Oct'19
Twitter 2FA data 'inadvertently' used for advertising

Twitter used two-factor authentication information, including email addresses and phone numbers, to target ads for an unknown number of people over an unknown period of time.
October 08, 2019 08 Oct'19
NSA warns VPN vulnerabilities exploited by nation-state hackers

Nation-state hackers are exploiting previously disclosed vulnerabilities in VPNs from Pulse Secure, Palo Alto Networks and Fortinet, according to a security advisory from the NSA.
October 08, 2019 08 Oct'19
Experts expect hospital ransomware attacks to continue

One week after being hit by a ransomware attack, hospitals in Alabama are turning away patients while working on recovery, and experts warn of similar attacks in the future.
October 04, 2019 04 Oct'19
Risk & Repeat: Trump takes aim at DNC hack and CrowdStrike

This week's Risk & Repeat podcast looks at President Trump's recent comments about CrowdStrike and the DNC 'server' and the misinformation around Russian election interference.
October 03, 2019 03 Oct'19
Zendesk breach in 2016 affected 10,000 customers

Zendesk disclosed a previously undetected security incident from 2016 in which data for 10,000 customer accounts was accessed, but the disclosure is missing some key details.
October 03, 2019 03 Oct'19
Ping Identity launches identity and access management tool

PingCentral aims to streamline the identity and access management processes and bridge the gap between IAM teams and application teams to improve productivity.
October 02, 2019 02 Oct'19
Hospital ransomware attacks lead to patients being turned away

Ransomware attacks hit seven hospitals in Australia and three in Alabama, with the Alabaman hospitals being forced to turn away patients because of the attacks.
October 01, 2019 01 Oct'19
Bulletproof host raided in former NATO bunker

German authorities arrested seven in raid of bulletproof hosting company CyberBunker -- which was housed in a former NATO bunker -- for allegedly hosting dark web marketplaces.
October 01, 2019 01 Oct'19
Sophos launches Managed Threat Response service

The new offering is built on Sophos' endpoint security platform Intercept X Advanced, with capabilities supported by the company's recent acquisition of Rook Security and DarkBytes.
September 27, 2019 27 Sep'19
New York files lawsuit over Dunkin' breach response

The New York attorney general filed a lawsuit against Dunkin' Brands regarding attacks dating back to 2015 and alleges the company failed to respond or notify victims properly.
September 26, 2019 26 Sep'19
After Bugcrowd pilot, Air Force bug bounty program eyes expansion

The U.S. Air Force is eyeing an expansion of its bug bounty efforts after partnering with Bugcrowd on a three-month pilot program for its cloud platform.
September 25, 2019 25 Sep'19
Trump pushes debunked DNC hack conspiracy in call with Ukraine

In a call with the Ukrainian president that is now the focus of an impeachment inquiry, President Trump discussed CrowdStrike and asked for help with finding a 'server.'
September 24, 2019 24 Sep'19
Cloudflare battles malicious bots with 'fight mode'

Cloudflare takes its first steps in keeping malicious bots from attacking customers by using complex challenges to waste a bot's CPU resources in an attempt to disincentivize more bots.
September 20, 2019 20 Sep'19
Sinkholed Magecart domains resurrected for advertising schemes

Security vendor RiskIQ discovered several old Magecart domains that had been sinkholed were re-registered under new owners and are now engaged in fraudulent advertising activity.
September 18, 2019 18 Sep'19
Global cryptomining attacks use NSA exploits to earn Monero

Security researchers tracked a very active threat group launching cryptomining attacks around the world against organizations in banking, IT services, healthcare and more.
September 17, 2019 17 Sep'19
Researcher finds digital certificate fraud used to spread malware

A new certificate fraud scheme involves a threat actor impersonating company execs to purchase certs which are then resold to those looking to spread malware.
September 16, 2019 16 Sep'19
DerbyCon attendees and co-founder reflect on the end

DerbyCon attendees and co-founder Dave Kennedy reflect on the legacy and future of the conference following its final event, which took place in Louisville, Ky.
September 12, 2019 12 Sep'19
DerbyCon panel discusses IT mistakes that need to stop

Common security risks can be mitigated or prevented, according to a panel at DerbyCon. But users need to feel empowered to speak up, and education needs to be better.
September 11, 2019 11 Sep'19
FBI says $26B lost to business email compromise over last 3 years

On the same day that 281 suspects were arrested in business email compromise stings, the FBI said worldwide losses from BEC attacks reached $26 billion over the last three years.
September 10, 2019 10 Sep'19
DerbyCon session tackles cyber attribution, false flag attacks

One expert showed the crowd at DerbyCon that proper attribution of a cyberattack requires multiple indicators in order to avoid being fooled by a false flag attempt.
September 10, 2019 10 Sep'19
Gigamon launches platform to improve application visibility

Application Metadata Intelligence identifies network performance, application performance, operational technology communications and security and threat detection.
September 06, 2019 06 Sep'19
Trustwave security platform provides visibility, control

Trustwave Fusion is a cloud-based cybersecurity platform designed with the goal of giving users better insight into how security resources are provided and monitored.
September 05, 2019 05 Sep'19
Insecure Android provisioning could lead to phishing attacks

Researchers say many -- if not most -- Android smartphones are at risk of SMS-based phishing attacks that trick users into installing malicious OTA provisioning settings.
September 05, 2019 05 Sep'19
Chronicle: Crimeware group takedowns 'increasingly ineffectual'

Law enforcement takedowns of cybercrime operations may not be producing the desired results, according to an extensive, five-year study from Alphabet Inc.'s Chronicle.
September 05, 2019 05 Sep'19
Hackers earn nearly $2M in HackerOne's hacking event

One hundred hackers and 75 hackers in training gathered in Las Vegas for HackerOne's hacking event to find security flaws in organizations, including Verizon Media and GitHub.
September 05, 2019 05 Sep'19
Awake Security adds adversarial model to security platform

The new feature is meant to enable companies to identify attackers faster. Other updates to the security system include extending cloud capabilities to Amazon Web Services.
September 04, 2019 04 Sep'19
USBAnywhere vulnerabilities put Supermicro servers at risk

Security researchers discovered BMC vulnerabilities -- dubbed USBAnywhere -- in Supermicro servers that could put systems at risk of remote attacks via virtualized USB drives.
August 29, 2019 29 Aug'19
Suspect in Capital One breach indicted for additional intrusions

The alleged Capital One hacker, Paige Thompson, was charged with additional counts of fraud and abuse for stealing data from more than 30 other organizations.
August 28, 2019 28 Aug'19
Imperva security incident exposes cloud WAF customer data

Imperva told its cloud WAF customers to change passwords and SSL certificates after a security incident exposed data and potentially put customers at risk for further attacks.
August 28, 2019 28 Aug'19
Breaking into cybersecurity careers through nontraditional paths

Some DEF CON attendees discussed their nontraditional paths into cybersecurity and how networking and being eager to learn can bridge the gap between experience and job requirements.
August 26, 2019 26 Aug'19
Puppet launches its first vulnerability remediation product

Puppet Remediate is a vulnerability remediation product that shares data between security and IT ops, provides risk-based prioritization and offers agentless remediation.
August 23, 2019 23 Aug'19
Carbon Black acquisition bolsters VMware's security play

VMware announced an agreement to acquire endpoint security vendor Carbon Black in an effort to boost its cloud security offerings; the all-cash deal is valued at $2.1 billion.
August 23, 2019 23 Aug'19
DARPA unveils first SSITH prototype to mitigate hardware flaws

DARPA is still in the early prototype stages of its SSITH program, but the aim is to develop an open source chip able to block hardware attacks and reduce the need for software patches.
August 20, 2019 20 Aug'19
KNOB attack puts all Bluetooth devices at risk

Security researchers discovered a way to force Bluetooth devices to use easy-to-crack encryption keys, which could lead to man-in-the-middle attacks and information leaks.
August 20, 2019 20 Aug'19
Why is patch management important?

Borderless networks present new challenges for security pros. Andrew Froehlich explains how this trend makes patch management even more important.
August 19, 2019 19 Aug'19
2020 election security to face same vulnerabilities as in 2016

Confidence in the security of the 2020 election spanned the gamut, depending on who you asked at DEF CON's Voting Village, with local officials more optimistic than technologists.
August 14, 2019 14 Aug'19
Microsoft discovers BlueKeep-like flaws in Remote Desktop Services

Microsoft disclosed four remote code execution flaws in Remote Desktop Services that are similar to BlueKeep, as well as other vulnerabilities in RDP.
August 14, 2019 14 Aug'19
IoT botnets reach new threshold in Q2 of 2019

Defending against the rising number and increasing sophistication of IoT botnet attacks isn't an easy task. Learn about the latest threats and the techniques to mitigate them.
August 14, 2019 14 Aug'19
Latest news from the Black Hat 2019 conference

Learn the latest from this year's Black Hat conference, Aug. 3 to 8. Our team is in Las Vegas to report on what's new in information security risks, trends and defense tactics.
August 13, 2019 13 Aug'19
Google wants Project Zero to be part of an open alliance

After five years of running Project Zero, Google wants to expand the scope to an open alliance of vulnerability researchers all working toward the same goal to 'make 0day hard.'
August 12, 2019 12 Aug'19
Why cyber insurance policies are so 'ridiculously cheap'

The cyber insurance market is growing rapidly and policies are incredibly inexpensive -- but experts at Black Hat 2019 had concerns about those low prices.
August 12, 2019 12 Aug'19
Black Hat 2019 brings out new security, protection offerings

The 22nd Black Hat conference in Las Vegas brought together a slew of vendors in network and data security with a variety of security offerings to pitch.
August 09, 2019 09 Aug'19
Broadcom-Symantec deal troubles cybersecurity experts

Broadcom laid down a $10.7 billion bet in buying Symantec's enterprise security software. While some are optimistic, security experts predict another Intel-McAfee deal.
August 09, 2019 09 Aug'19
ICS security threats rising, targeting oil and gas facilities

In its latest report on industrial control system threats, Dragos said it believes the first major 'destructive' ICS attack will likely occur at an oil and gas facility.
August 08, 2019 08 Aug'19
Apple bug bounty expands to MacOS, offers $1 million iOS reward

Apple announced an expansion of its bug bounty program at Black Hat 2019, including rewards for MacOS vulnerabilities and a $1 million reward for a zero-click iOS exploit.
August 08, 2019 08 Aug'19
CEO on collaboration tool security, insider threats, skills gap

Michael Coates, CEO and co-founder of cloud collaboration security platform Altitude Networks, speaks to industry trends and his transition from CISO to CEO.
August 08, 2019 08 Aug'19
'Dupe' there it is: SAML authentication bypass threatens Microsoft

Micro Focus security researchers demonstrated a new technique, dubbed 'dupe key confusion,' which allows threat actors to bypass Microsoft's SAML token validation.
August 08, 2019 08 Aug'19
Check Point finds RDP vulnerability jeopardizes Microsoft's Hyper-V

Check Point revealed research at Black Hat that showed a previously disclosed vulnerability in Microsoft's remote desktop protocol affects the company's virtualization platform.
August 07, 2019 07 Aug'19
Black Hat 2019 keynote: Software teams must own security

In the keynote for Black Hat 2019, Square's Dino Dai Zovi emphasizes security as a collaborative effort by all software teams that relies on communication, automation and feedback.
August 06, 2019 06 Aug'19
LogicHub introduces automation updates to its SOAR platform

Security vendor LogicHub introduced new features to its SOAR platform that intend to automate tedious threat detection and response processes and save security teams time.
August 05, 2019 05 Aug'19
Capital One hack highlights SSRF concerns for AWS

Infosec pros warn of server-side request forgery vulnerabilities in AWS following the Capital One data breach, which may have revealed an issue regarding the AWS metadata service.
August 05, 2019 05 Aug'19
BlackBerry Intelligent Security enables flexible security policy

BlackBerry launched a new unified endpoint management platform, BlackBerry Intelligent Security, which changes security policies by calculating user risk.
August 05, 2019 05 Aug'19
New features added to Juniper Networks security platform

New features include containerized firewalls and the incorporation of SecIntel into MX Series routers as part of Juniper Networks' effort to provide security throughout a network.
August 02, 2019 02 Aug'19
Capital One breach suspect may have hit other companies

History from a Slack channel run by the Capital One data breach suspect points to data stolen from more organizations, but no evidence of other attacks has been found yet.
August 01, 2019 01 Aug'19
SafeBreach launches new platform to prioritize, mitigate security gaps

SafeBreach has launched SafeBreach GRID, a breach and attack simulation application that helps security teams decide which security gaps to address first.
July 31, 2019 31 Jul'19
Project Zero drops six iOS vulnerabilities ahead of Black Hat

Google Project Zero researchers disclosed six iOS vulnerabilities, including proof-of-concept code that could allow for attacks requiring no user interaction.
July 31, 2019 31 Jul'19
Qualys IOC 2.0 update improves threat detection and response

Qualys IOC 2.0 comes with increased threat detection and response capabilities designed to more accurately detect indicators of compromise and potential cyberattacks.
July 30, 2019 30 Jul'19
FBI charges former AWS engineer in Capital One breach

The FBI arrested a former AWS engineer who allegedly stole data for more than 100 million Capital One customers and credit card applications, thanks to a misconfigured firewall.
July 30, 2019 30 Jul'19
AT&T introduces managed threat detection and response service

Using Alien Labs threat intelligence, AT&T Cybersecurity's Managed Threat Detection and Response service intends to identify and contain cybersecurity threats sooner to reduce data breaches.
July 30, 2019 30 Jul'19
URGENT/11 VxWorks vulnerabilities affect millions of devices

Researchers and developer Wind River disagree over how many devices and users are at risk from the URGENT/11 vulnerabilities in the VxWorks real-time operating system.
July 30, 2019 30 Jul'19
2019 data breach disclosures: 10 of the biggest -- so far

Enterprises have disclosed a number of significant data breaches in the first half of 2019. Here's a look at some of the biggest and most notable breaches so far this year.
July 29, 2019 29 Jul'19
Untangling GDPR fines with Synopsys' Tim Mackey

Tim Mackey of Synopsys tries to clear up some of the mystery around how GDPR regulators determine the fines levied on companies for major data breaches or privacy violations.
July 25, 2019 25 Jul'19
D3 Security's Attackbot integrates Mitre ATT&CK in SOAR 2.0

With the Mitre ATT&CK framework, D3's SOAR 2.0 platform can identify and map security events, predict the kill chain and trigger automated responses to remediate threats.

News

Sponsored News