News

News

• September 18, 2019 18 Sep'19

  Global cryptomining attacks use NSA exploits to earn Monero

  Security researchers tracked a very active threat group launching cryptomining attacks around the world against organizations in banking, IT services, healthcare and more.

• September 17, 2019 17 Sep'19

  Researcher finds digital certificate fraud used to spread malware

  A new certificate fraud scheme involves a threat actor impersonating company execs to purchase certs which are then resold to those looking to spread malware.

• September 16, 2019 16 Sep'19

  DerbyCon attendees and co-founder reflect on the end

  DerbyCon attendees and co-founder Dave Kennedy reflect on the legacy and future of the conference following its final event, which took place in Louisville, Ky.

• September 12, 2019 12 Sep'19

  DerbyCon panel discusses IT mistakes that need to stop

  Common security risks can be mitigated or prevented, according to a panel at DerbyCon. But users need to feel empowered to speak up, and education needs to be better.

• September 11, 2019 11 Sep'19

  FBI says $26B lost to business email compromise over last 3 years

  On the same day that 281 suspects were arrested in business email compromise stings, the FBI said worldwide losses from BEC attacks reached $26 billion over the last three years.

• Sponsored News

  • Part I: Keep the Cloud Your Safe Place

    Sponsored by Forcepoint - Organizations of all sizes have been called upon to swiftly support remote work in order to safeguard the health of their workforce and local communities. As businesses are called upon to scale up remote work procedures for the physical safety of employees, IT teams must accelerate the adoption of technology that ensures their people and data are secure—without hurting productivity or morale. See More

  • Part II: Safeguard Data Everywhere

    Sponsored by Forcepoint - As security teams are tasked with the duty of rapidly scaling up protections for remote workers, one of the key considerations they must keep in mind is how to safeguard data no matter where it resides or travels. This is hardly a new problem. However, the vastly broadened scope of remote work today requires security teams to revisit policies and technologies. Some solutions that may have been sufficient for isolated use cases don't adequately protect a completely distributed workforce. See More

  • Part III: Protect Your People

    Sponsored by Forcepoint - In response to the rapid rise in remote work, cybersecurity teams have increased their efforts to protect their dispersed team’s cyber hygiene. The rapid rise in remote work to protect the health of employees has required cybersecurity teams to scale their efforts to similarly protect the cyber hygiene of these workers as they operate in new conditions. One of the key directives for cybersecurity departments looking to safeguard the people and data within a distributed enterprise is the implementation of cyber defenses that can move with employees and protect them—regardless of their location or device. See More

  View All Sponsored News
• September 10, 2019 10 Sep'19

  DerbyCon session tackles cyber attribution, false flag attacks

  One expert showed the crowd at DerbyCon that proper attribution of a cyberattack requires multiple indicators in order to avoid being fooled by a false flag attempt.

• September 10, 2019 10 Sep'19

  Gigamon launches platform to improve application visibility

  Application Metadata Intelligence identifies network performance, application performance, operational technology communications and security and threat detection.

• September 06, 2019 06 Sep'19

  Trustwave security platform provides visibility, control

  Trustwave Fusion is a cloud-based cybersecurity platform designed with the goal of giving users better insight into how security resources are provided and monitored.

• September 05, 2019 05 Sep'19

  Insecure Android provisioning could lead to phishing attacks

  Researchers say many -- if not most -- Android smartphones are at risk of SMS-based phishing attacks that trick users into installing malicious OTA provisioning settings.

• September 05, 2019 05 Sep'19

  Chronicle: Crimeware group takedowns 'increasingly ineffectual'

  Law enforcement takedowns of cybercrime operations may not be producing the desired results, according to an extensive, five-year study from Alphabet Inc.'s Chronicle.

• September 05, 2019 05 Sep'19

  Hackers earn nearly $2M in HackerOne's hacking event

  One hundred hackers and 75 hackers in training gathered in Las Vegas for HackerOne's hacking event to find security flaws in organizations, including Verizon Media and GitHub.

• September 05, 2019 05 Sep'19

  Awake Security adds adversarial model to security platform

  The new feature is meant to enable companies to identify attackers faster. Other updates to the security system include extending cloud capabilities to Amazon Web Services.

• September 04, 2019 04 Sep'19

  USBAnywhere vulnerabilities put Supermicro servers at risk

  Security researchers discovered BMC vulnerabilities -- dubbed USBAnywhere -- in Supermicro servers that could put systems at risk of remote attacks via virtualized USB drives.

• August 29, 2019 29 Aug'19

  Suspect in Capital One breach indicted for additional intrusions

  The alleged Capital One hacker, Paige Thompson, was charged with additional counts of fraud and abuse for stealing data from more than 30 other organizations.

• August 28, 2019 28 Aug'19

  Imperva security incident exposes cloud WAF customer data

  Imperva told its cloud WAF customers to change passwords and SSL certificates after a security incident exposed data and potentially put customers at risk for further attacks.

• August 28, 2019 28 Aug'19

  Breaking into cybersecurity careers through nontraditional paths

  Some DEF CON attendees discussed their nontraditional paths into cybersecurity and how networking and being eager to learn can bridge the gap between experience and job requirements.

• August 26, 2019 26 Aug'19

  Puppet launches its first vulnerability remediation product

  Puppet Remediate is a vulnerability remediation product that shares data between security and IT ops, provides risk-based prioritization and offers agentless remediation.

• August 23, 2019 23 Aug'19

  Carbon Black acquisition bolsters VMware's security play

  VMWare announced an agreement to acquire endpoint security vendor Carbon Black in an effort to boost its cloud security offerings; the all-cash deal is valued at $2.1 billion.

• August 23, 2019 23 Aug'19

  DARPA unveils first SSITH prototype to mitigate hardware flaws

  DARPA is still in the early prototype stages of its SSITH program, but the aim is to develop an open source chip able to block hardware attacks and reduce the need for software patches.

• August 20, 2019 20 Aug'19

  KNOB attack puts all Bluetooth devices at risk

  Security researchers discovered a way to force Bluetooth devices to use easy-to-crack encryption keys, which could lead to man-in-the-middle attacks and information leaks.

• August 20, 2019 20 Aug'19

  Why is patch management important?

  Borderless networks present new challenges for security pros. Andrew Froehlich explains how this trend makes patch management even more important.

• August 19, 2019 19 Aug'19

  2020 election security to face same vulnerabilities as in 2016

  Confidence in the security of the 2020 election spanned the gamut, depending on who you asked at DEF CON's Voting Village, with local officials more optimistic than technologists.

• August 14, 2019 14 Aug'19

  Microsoft discovers BlueKeep-like flaws in Remote Desktop Services

  Microsoft disclosed four remote code execution flaws in Remote Desktop Services that are similar to BlueKeep, as well as other vulnerabilities in RDP.

• August 14, 2019 14 Aug'19

  IoT botnets reach new threshold in Q2 of 2019

  Defending against the rising number and increasing sophistication of IoT botnet attacks isn't an easy task. Learn about the latest threats and the techniques to mitigate them.

• August 14, 2019 14 Aug'19

  Latest news from the Black Hat 2019 conference

  Learn the latest from this year's Black Hat conference, Aug. 3 to 8. Our team is in Las Vegas to report on what's new in information security risks, trends and defense tactics.

• August 13, 2019 13 Aug'19

  Google wants Project Zero to be part of an open alliance

  After five years of running Project Zero, Google wants to expand the scope to an open alliance of vulnerability researchers all working toward the same goal to 'make 0day hard.'

• August 12, 2019 12 Aug'19

  Why cyber insurance policies are so 'ridiculously cheap'

  The cyber insurance market is growing rapidly and policies are incredibly inexpensive -- but experts at Black Hat 2019 had concerns about those low prices.

• August 12, 2019 12 Aug'19

  Black Hat 2019 brings out new security, protection offerings

  The 22nd Black Hat conference in Las Vegas brought together a slew of vendors in network and data security with a variety of security offerings to pitch.

• August 09, 2019 09 Aug'19

  Broadcom-Symantec deal troubles cybersecurity experts

  Broadcom laid down a $10.7 billion bet in buying Symantec's enterprise security software. While some are optimistic, security experts predict another Intel-McAfee deal.

• August 09, 2019 09 Aug'19

  ICS security threats rising, targeting oil and gas facilities

  In its latest report on industrial control system threats, Dragos said it believes the first major 'destructive' ICS attack will likely occur at an oil and gas facility.

• August 08, 2019 08 Aug'19

  Apple bug bounty expands to MacOS, offers $1 million iOS reward

  Apple announced an expansion of its bug bounty program at Black Hat 2019, including rewards for MacOS vulnerabilities and a $1 million reward for a zero-click iOS exploit.

• August 08, 2019 08 Aug'19

  CEO on collaboration tool security, insider threats, skills gap

  Michael Coates, CEO and co-founder of cloud collaboration security platform Altitude Networks, speaks to industry trends and his transition from CISO to CEO.

• August 08, 2019 08 Aug'19

  'Dupe' there it is: SAML authentication bypass threatens Microsoft

  Micro Focus security researchers demonstrated a new technique, dubbed 'dupe key confusion,' which allows threat actors to bypass Microsoft's SAML token validation.

• August 08, 2019 08 Aug'19

  Check Point finds RDP vulnerability jeopardizes Microsoft's Hyper-V

  Check Point revealed research at Black Hat that showed a previously disclosed vulnerability in Microsoft's remote desktop protocol affects the company's virtualization platform.

• August 07, 2019 07 Aug'19

  Black Hat 2019 keynote: Software teams must own security

  In the keynote for Black Hat 2019, Square's Dino Dai Zovi emphasizes security as a collaborative effort by all software teams that relies on communication, automation and feedback.

• August 06, 2019 06 Aug'19

  LogicHub introduces automation updates to its SOAR platform

  Security vendor LogicHub introduced new features to its SOAR platform that intend to automate tedious threat detection and response processes and save security teams time.

• August 05, 2019 05 Aug'19

  Capital One hack highlights SSRF concerns for AWS

  Infosec pros warn of server-side request forgery vulnerabilities in AWS following the Capital One data breach, which may have revealed an issue regarding the AWS metadata service.

• August 05, 2019 05 Aug'19

  BlackBerry Intelligent Security enables flexible security policy

  BlackBerry launched a new unified endpoint management platform, BlackBerry Intelligent Security, which changes security policies by calculating user risk.

• August 05, 2019 05 Aug'19

  New features added to Juniper Networks security platform

  New features include containerized firewalls and the incorporation of SecIntel into MX Series routers as part of Juniper Networks' effort to provide security throughout a network.

• August 02, 2019 02 Aug'19

  Capital One breach suspect may have hit other companies

  History from a Slack channel run by the Capital One data breach suspect points to data stolen from more organizations, but no evidence of other attacks has been found yet.

• August 01, 2019 01 Aug'19

  SafeBreach launches new platform to prioritize, mitigate security gaps

  SafeBreach has launched SafeBreach GRID, a breach and attack simulation application that helps security teams decide which security gaps to address first.

• July 31, 2019 31 Jul'19

  Project Zero drops six iOS vulnerabilities ahead of Black Hat

  Google Project Zero researchers disclosed six iOS vulnerabilities, including proof-of-concept code that could allow for attacks requiring no user interaction.

• July 31, 2019 31 Jul'19

  Qualys IOC 2.0 update improves threat detection and response

  Qualys IOC 2.0 comes with increased threat detection and response capabilities designed to more accurately detect indicators of compromise and potential cyberattacks.

• July 30, 2019 30 Jul'19

  FBI charges former AWS engineer in Capital One breach

  The FBI arrested a former AWS engineer who allegedly stole data for more than 100 million Capital One customers and credit card applications, thanks to a misconfigured firewall.

• July 30, 2019 30 Jul'19

  AT&T introduces managed threat detection and response service

  Using Alien Labs threat intelligence, AT&T Cybersecurity's Managed Threat Detection and Response service intends to identify and contain cybersecurity threats sooner to reduce data breaches.

• July 30, 2019 30 Jul'19

  URGENT/11 VxWorks vulnerabilities affect millions of devices

  Researchers and developer Wind River disagree over how many devices and users are at risk from the URGENT/11 vulnerabilities in the VxWorks real-time operating system.

• July 30, 2019 30 Jul'19

  2019 data breach disclosures: 10 of the biggest -- so far

  Enterprises have disclosed a number of significant data breaches in the first half of 2019. Here's a look at some of the biggest and most notable breaches so far this year.

• July 29, 2019 29 Jul'19

  Untangling GDPR fines with Synopsys' Tim Mackey

  Tim Mackey of Synopsys tries to clear up some of the mystery around how GDPR regulators determine the fines levied on companies for major data breaches or privacy violations.

• July 25, 2019 25 Jul'19

  D3 Security's Attackbot integrates Mitre ATT&CK in SOAR 2.0

  With the Mitre ATT&CK framework, D3's SOAR 2.0 platform can identify and map security events, predict the kill chain and trigger automated responses to remediate threats.

• July 24, 2019 24 Jul'19

  Citrix breach blamed on poor password security

  An investigation revealed the password spraying attack that gave malicious actors access to Citrix systems resulted in only some business documents being stolen.

• July 23, 2019 23 Jul'19

  Slide deck brings BlueKeep exploit closer to the wild

  After a description for building a remote BlueKeep exploit is posted on GitHub, experts warn that attacks in the wild are becoming more likely and users need to patch.

• July 23, 2019 23 Jul'19

  Researchers fool Cylance AI antimalware with 'simple' bypass

  Security researchers developed a method to make "pure AI" antimalware products classify malware as benign, but it is unclear what antimalware solutions could be considered "pure AI."

• July 22, 2019 22 Jul'19

  Equifax to pay up to $700 million in data breach settlement

  Under the settlement with the FTC and state attorneys general, Equifax will fork over at least $575 million in civil penalties and provide credit monitoring services to consumers.

• July 19, 2019 19 Jul'19

  Enzoic for Active Directory brings continuous password protection

  Updates to Enzoic for Active Directory include NIST-compliant Continuous Password Protection, checking passwords against a live database of common or vulnerable passwords.

• July 19, 2019 19 Jul'19

  CyberArk brings updates to privileged access security offering

  CyberArk introduces CyberArk Alero to its privileged access management product lineup, in addition to other endpoint management and cloud offering updates.

• July 18, 2019 18 Jul'19

  New ransomware threat takes GandCrab's place

  Researchers released GandCrab master decryption keys, and in the wake of GandCrab's shutdown, a new ransomware threat -- called Sodin or Sodinokibi -- has emerged.

• July 17, 2019 17 Jul'19

  BlueKeep blues: More than 800,000 systems still unpatched

  Despite alerts from Microsoft and the U.S. government, more than 800,000 online systems have yet to patch the Windows RDP vulnerability two months after it was disclosed.

• July 17, 2019 17 Jul'19

  Claroty extends platform to include IoT device security

  Claroty has upgraded Continuous Threat Detection to include support for IoT device security, keeping pace with the proliferation of IoT devices in the enterprise.

• July 17, 2019 17 Jul'19

  E-commerce platforms used for domain spoofing against Best Buy

  Despite efforts to flag spoofed domains imitating Best Buy, the sites are still active on e-commerce platforms like Shopify and GearLaunch, which have not taken them down.

• July 16, 2019 16 Jul'19

  Experts: Facebook fine by FTC should be wake-up call for all

  Facebook will reportedly be hit with a $5 billion fine by the FTC following an investigation into multiple privacy issues, and experts said other enterprises should take note.

• July 12, 2019 12 Jul'19

  Zoom vulnerability reveals privacy issues for users

  Companies and users around the world were impacted by a Zoom conferencing software flaw that could allow threat actors to forcibly join a video call without interaction.

• July 09, 2019 09 Jul'19

  OneLogin Desktop Pro for Windows reduces password load

  By eliminating the need for remote workers to sign into Active Directory to access their network, OneLogin's Desktop Pro for Windows aims to make working remotely easier, according to the vendor.

• July 09, 2019 09 Jul'19

  British Airways security incident garners record GDPR fine

  The ICO plans to levy a record GDPR fine of nearly $230 million against British Airways for a security incident that led to 500,000 customers having their data compromised.

• July 08, 2019 08 Jul'19

  Ipsidy's Identity Portal uses biometrics for secure access

  Identity Portal by Ipsidy uses biometric authorization methods to ensure secure account access, enable users to verify changes, protect customers from fraudulent phone calls, and more.

• July 03, 2019 03 Jul'19

  U.S. Cybercom warns Outlook vulnerability under attack

  U.S. Cybercom issued an alert about active exploitation of a 2-year-old Microsoft Outlook flaw, and experts say an Iranian threat group is behind the attacks.

• July 03, 2019 03 Jul'19

  FTC settles lawsuit over D-Link security claims

  D-Link settled a U.S. Federal Trade Commission lawsuit, which alleged the company failed to take basic steps to address security flaws and weaknesses in its products.

• July 02, 2019 02 Jul'19

  Huawei ban may be loosened, but details unclear

  President Donald Trump promised to loosen trade restrictions on Huawei, while respecting national security concerns, but the details of the changes are still unclear.

• July 02, 2019 02 Jul'19

  Phishing-as-a-service threats abusing cloud services

  According to new research, phishing kit providers are increasingly using popular cloud services to host their malicious links in an effort to conceal them from detection.

• June 28, 2019 28 Jun'19

  AI-enabled malware is coming, Malwarebytes warns

  AI-driven threats may not be here yet, but a new report from Malwarebytes predicts they will be here soon and could potentially change the cybersecurity game for good.

• June 26, 2019 26 Jun'19

  JetBlue: Biometrics initiative will improve travel experience

  In this SearchSecurity video, JetBlue's chief digital and technology officer Eash Sundaram talks about the company's biometrics and security initiatives.

• June 26, 2019 26 Jun'19

  Stellar Cyber launches Starlight 3.1 for AI threat detection

  Stellar Cyber, a security analytics vendor, launched Starlight 3.1 as its first unified security analytics platform, using AI and machine learning to detect and thwart attacks.

• June 24, 2019 24 Jun'19

  DHS warns of increased Iranian cyberattacks on enterprises

  The cyberthreat warning from Christopher Krebs, director of the DHS Cybersecurity and Infrastructure Security Agency, follows escalating tension between Iran and the U.S.

• June 20, 2019 20 Jun'19

  Gartner: Application security programs coming up short

  At the 2019 Gartner Security and Risk Management Summit, experts discussed how enterprise application security efforts are falling short and what can be done about it.

• June 19, 2019 19 Jun'19

  BlueKeep warnings having little effect on Windows patching

  DHS issued the latest security advisory for BlueKeep, but it's unclear whether the repeated warnings are being heeded by organizations that have vulnerable systems on the internet.

• June 19, 2019 19 Jun'19

  Fortinet launches new WAN and edge security platform

  Fortinet's Secure SD-Branch platform uses Fortinet security products to converge WAN and security into an integrated platform and protect access edges.

• June 18, 2019 18 Jun'19

  Gartner: Cybersecurity skills shortage requires a new approach

  At the Gartner Security and Risk Management Summit, analysts discuss the challenge of finding skilled cybersecurity professionals and how it can be solved.

• June 18, 2019 18 Jun'19

  ReliaQuest's cybersecurity platform integrates technologies

  ReliaQuest's security analytics platform, GreyMatter, claims to improve threat detection by up to four times and reduce system downtime by 98% by integrating AI and human analysis.

• June 18, 2019 18 Jun'19

  GandCrab decryption tool helps victims recover data

  The No More Ransom initiative released one last GandCrab decryption tool to help victims recover data after the ransomware was allegedly shut down by its authors.

• June 18, 2019 18 Jun'19

  Netskope announces enterprise application security platform

  Netskope for Private Access is a cloud-based platform that secures private enterprise applications on public clouds and in on-premises data centers using zero-trust access.

• June 17, 2019 17 Jun'19

  YubiKey FIPS recalled from government for reduced randomness

  Yubico recalled YubiKey FIPS series devices after discovering an issue leading to reduced randomness in values generated by the keys, which are used by federal agencies.

• June 14, 2019 14 Jun'19

  Dragos: Xenotime threat group targeting U.S. electric companies

  Dragos says Xenotime, the threat group behind a devastating ICS attack in 2017, has been probing the networks of U.S. electric utilities and also attempted network intrusions.

• June 13, 2019 13 Jun'19

  RAMBleed: New Rowhammer attack can steal data from memory

  Security researchers developed a Rowhammer attack variant, called RAMBleed, that can steal data from memory and works even if systems are patched against Rowhammer.

• June 13, 2019 13 Jun'19

  CrowdStrike IPO success puts spotlight on endpoint security

  Cybersecurity firm CrowdStrike made its successful Wall Street debut Wednesday. The company closed its trading with a share price of $58.

• June 12, 2019 12 Jun'19

  Election security threats increasing pressure on state governments

  As local and state governments continue to tackle the evolving threat landscape, experts share tips on how to improve security posture and highlight the resources available for help.

• June 10, 2019 10 Jun'19

  Google: Triada backdoors were pre-installed on Android devices

  Google detailed the discovery and process of removing Triada malware after a supply chain attack led to backdoors being preinstalled on budget phones in overseas markets.

• June 06, 2019 06 Jun'19

  NSA issues BlueKeep warning as new PoC exploit demos

  The NSA issued a rare warning for users to patch against the BlueKeep vulnerability on the same day a security researcher demoed an exploit leading to a full system takeover.

• June 06, 2019 06 Jun'19

  Why larger GDPR fines could be on the horizon

  There haven't been many fines under the General Data Protection Regulation since the EU data privacy law went into effect a year ago. But experts warn that will likely change.

• June 05, 2019 05 Jun'19

  Apple single sign-on option promises privacy for users

  Apple is preparing its own single sign-on offering, called Sign In with Apple, which will focus on user privacy. But experts are split on how well this will work.

• June 04, 2019 04 Jun'19

  Microsoft issues second BlueKeep warning urging users to patch

  Microsoft again urged users to patch against the BlueKeep vulnerability as more potential exploits surface and one researcher discovered almost 1 million vulnerable systems.

• May 31, 2019 31 May'19

  Docker vulnerability with no patch could allow root access

  A security researcher disclosed a Docker bug that could allow an attacker to gain root-level access to a system. Docker signed off on the disclosure, despite a fix not yet being available.

• May 31, 2019 31 May'19

  Ransomware attacks on local and state governments increasing

  State and local governments are experiencing a rise in ransomware attacks. Experts sound off on what's triggering this trend and offer best practices for defense.

• May 31, 2019 31 May'19

  New Sophos endpoint security software releases

  Sophos has released Intercept X for Server with endpoint detection and response to protect users against blended threats and proactively detect stealthy attacks.

• May 30, 2019 30 May'19

  Recorded Future acquired by private equity firm for $780 million

  Recorded Future said the $780 million acquisition agreement with private equity firm Insight Partners affirms the growing importance of threat intelligence for enterprises.

• May 29, 2019 29 May'19

  Tortuga launches Radix-M, new firmware security product

  Tortuga Logic has launched a firmware security platform that automatically performs security validation of firmware on SoC designs using an existing platform from Cadence.

• May 29, 2019 29 May'19

  Hackers scan for MySQL ransomware targets

  A security researcher found that malicious actors have been scanning database servers for MySQL ransomware targets running on Windows, but mitigation should be relatively easy.

• May 28, 2019 28 May'19

  Cylance CSO: Let's name and shame failed security controls

  Malcolm Harkins, the chief security and trust officer at BlackBerry Cylance, says security controls that don't live up to their billing should be taking more blame for data breaches.

• May 24, 2019 24 May'19

  CrowdStrike, NSS Labs settle legal disputes over product testing

  CrowdStrike and NSS Labs have ended their legal dispute with a confidential settlement agreement, which resolves all lawsuits including NSS Labs' antitrust suit against the vendor.

• May 24, 2019 24 May'19

  Barracuda Advanced Bot Protection safeguards web applications

  Advanced Bot Protection is a cloud-hosted platform that defends against automated threats using AI. It is available as both a web application firewall (WAF) and WAF as a service.

• May 23, 2019 23 May'19

  Microsoft bets on ElectionGuard SDK to fortify election security

  Ahead of the 2020 elections, Microsoft unveiled ElectionGuard, an open source SDK designed to provide end-to-end verification of electronic voting machine results.

• May 23, 2019 23 May'19

  'BlueKeep' Windows Remote Desktop flaw gets PoC exploits

  Multiple researchers created proof-of-concept exploits, including remote code execution attacks, targeting the recently patched Windows Remote Desktop flaw called BlueKeep.