News

News

• February 25, 2020 25 Feb'20

  Colorado CISO details SamSam ransomware attack, recovery

  At RSA Conference, Colorado CISO Deborah Blyth gave an inside look at the state's response and recovery effort following a devastating SamSam ransomware infection in 2018.

• February 25, 2020 25 Feb'20

  FBI: $144 million in ransomware payments made over 6 years

  In an RSA Conference 2020 session, FBI agent Joel DeCapua revealed how much money has been paid in ransoms, what the most pervasive ransomware variants are and more.

• February 24, 2020 24 Feb'20

  Risk & Repeat: Breaking down RSA Security's sale

  This Risk & Repeat podcast discusses Dell's recent sale of RSA for $2.075 billion, plus insights from experts on where venture capital firms are investing this year.

• February 24, 2020 24 Feb'20

  Cisco launches SecureX platform for integrated security

  At RSA Conference 2020, Cisco unveiled SecureX, which integrates the vendor's security portfolio into a single platform with enhanced visibility and automation.

• February 20, 2020 20 Feb'20

  Voatz, MIT researchers spar over blockchain e-voting app

  MIT researchers contested claims that Voatz's voting app used blockchain technology to provide secure voting. Voatz responded, but questions about the company's technology remain.

• Sponsored News

  • It’s Time to Modernize Your SOC

    Sponsored by Microsoft - With the shift to remote work caused by COVID-19, Security Operations Centers (SOCs) are under more pressure than ever, particularly with many SOC workers also working from home. Today’s reality is that SOCs have to embrace a new way of working in order to keep their analysts and admins effective and to ensure that morale doesn’t collapse under the weight of too much work and pressure. See More

  • 6 Factors to Consider in Building Resilience Now

    Sponsored by Microsoft - COVID-19 has been, and continues to be, a stark reminder of the importance of business resilience. Organizations of all types and sizes have had to adjust to rapidly changing and unpredictable circumstances: A shift to remote work, supply chain disruptions, new digitally driven business models and an environment where uncertainty is the rule, not the exception. See More

  • Why Zero Trust, Why Now

    Sponsored by Microsoft - The concept of a Zero Trust cybersecurity architecture has been around for more than a decade, but adoption didn’t really begin to take hold until the past couple of years. As with many technology innovations, it hasn’t always been clear just what Zero Trust is all about and, more important, how to implement it easily and cost effectively. See More

  • 5 Best Practices To Secure Remote Workers

    Sponsored by Microsoft - The impact of COVID-19 has changed the dynamics and landscape of remote work for at least the foreseeable future and, probably, forever. All of a sudden, organizations across all industries had to scale remote workers at unprecedented intensity and speed. See More

  View All Sponsored News
• February 20, 2020 20 Feb'20

  AT&T bows out of RSA Conference 2020

  AT&T announced it's skipping RSA Conference 2020 due to coronavirus concerns, bringing the total number of exhibitors that have dropped out of this year's conference to 13.

• February 19, 2020 19 Feb'20

  Why ransomware attacks on municipalities spiked in 2019

  Ransomware spread to a number of city, state and local governments across the U.S. in 2019. Threat researchers weigh in on the increased attacks and what to expect in 2020.

• February 18, 2020 18 Feb'20

  Dell sells RSA Security to private equity firm for $2 billion

  With RSA Conference just around the corner, Dell announced it has agreed to sell RSA to private equity firm Symphony Technology Group for approximately $2 billion.

• February 18, 2020 18 Feb'20

  Mapping cybersecurity investments ahead of RSA Conference 2020

  SearchSecurity asked several experts to weigh in on cybersecurity investment trends ahead of RSA Conference 2020 next week. The results featured a wide range of opinions.

• February 17, 2020 17 Feb'20

  Risk & Repeat: Mobile World Congress canceled, RSAC 2020 still on

  This week's Risk & Repeat podcast discusses RSA Conference's decision to move ahead with the show after the cancellation of Mobile World Congress over coronavirus concerns.

• February 13, 2020 13 Feb'20

  Voatz mobile voting app deemed insecure by MIT researchers

  Security researchers at MIT claim a mobile e-voting app piloted in several state elections is insecure, but the vendor has aggressively pushed back on the findings.

• February 12, 2020 12 Feb'20

  Data security, IAM led cybersecurity investments in 2019

  Vendors specializing in data security, risk and compliance, and IAM raised the most funding in 2019, according to Momentum Cyber, a strategic advisor and investment bank for the cybersecurity industry.

• February 11, 2020 11 Feb'20

  SCVX: Cybersecurity industry needs consolidation

  SCVX's Mike Doniger and Hank Thomas discuss why they want to drive vendor consolidation in the cybersecurity industry and how they're planning to accomplish it.

• February 10, 2020 10 Feb'20

  Chinese military personnel charged in Equifax breach

  Four members of China's military have been charged for hacking Equifax following a 2017 breach that compromised nearly 150 million Americans' personal information.

• February 06, 2020 06 Feb'20

  NSS Labs quietly acquired by private equity firm

  Product testing company NSS Labs was acquired by private equity firm Consecutive, Inc., last October but neither company publicly announced the deal.

• February 06, 2020 06 Feb'20

  Forescout acquired by private equity firm for $1.9 billion

  Network security vendor Forescout Technologies was acquired for $1.9 billion by Advent International, a private equity firm looking to increase its cybersecurity investments.

• February 05, 2020 05 Feb'20

  More McAfee leadership changes follow Chris Young's departure

  More executives have departed McAfee in recent months amid the departure of former CEO Chris Young, who was replaced by former BMC Software head Peter Leav last month.

• February 05, 2020 05 Feb'20

  Cisco Discovery Protocol flaws jeopardize 'tens of millions' of devices

  Armis Security disclosed five vulnerabilities, dubbed 'CDPwn,' in Cisco's Discovery Protocol, which impact 'tens of millions' of Cisco devices such as routers and IP phones.

• February 05, 2020 05 Feb'20

  Threat actors combining data exposure with ransomware attacks

  New Cisco Talos research shows an increase in ransomware attacks that double the pressure on victims by threatening them with the exposure of their sensitive data.

• January 30, 2020 30 Jan'20

  Payment cards from Wawa data breach found on dark web

  Payment card information from customers of the convenience store chain Wawa has reportedly gone up for sale on the dark web, though questions about the breach remain.

• January 30, 2020 30 Jan'20

  SCVX launches with $230M IPO, eyes cybersecurity acquisition

  SCVX, a special purpose acquisition company (SPAC), raised $230 million this week in its initial public offering and will look to acquire a major cybersecurity vendor.

• January 28, 2020 28 Jan'20

  'CacheOut': Researchers unveil new attack on Intel chips

  Researchers unveiled a new speculative execution attack that leaks data from most Intel microprocessors and gives attackers greater control over what data is leaked.

• January 28, 2020 28 Jan'20

  3 Magecart suspects arrested in Interpol operation

  Three alleged cybercriminals suspected of being associated with Magecart were arrested in Indonesia via an Interpol-assisted operation called Operation Night Fury.

• January 24, 2020 24 Jan'20

  Citrix patches vulnerability as ransomware attacks emerge

  Citrix rolls out more patches ahead of schedule for CVE-2019-19781, a directory traversal vulnerability that affects Citrix ADC, Gateway and SD-WAN WANOP products.

• January 23, 2020 23 Jan'20

  AWS leak exposes passwords, private keys on GitHub

  UpGuard discovered a public GitHub repository that contained sensitive AWS customer data, including passwords, authentication tokens and private encryption keys.

• January 22, 2020 22 Jan'20

  Netgear under fire after TLS certificates found in firmware -- again

  Security researchers revealed Netgear firmware exposed TLS certificate keys, but SearchSecurity discovered it wasn't the first time the issue had been reported to the vendor.

• January 21, 2020 21 Jan'20

  2019 data breach disclosures: 10 more of the biggest

  Here is a list of 10 of the largest data breaches (mostly) from the second half of 2019, including DoorDash, T-Mobile, Capital One and more.

• January 20, 2020 20 Jan'20

  CyCognito turning tables by using botnets for good

  In this Q&A with CyCognito CEO Rob Gurzeev, he discusses what led to his company, how attack simulations work and how he plans to spend the company's recent round of funding.

• January 17, 2020 17 Jan'20

  McAfee CEO Chris Young steps down, Peter Leav to take over

  Chris Young has stepped down as McAfee CEO, and Peter Leav is taking his place. Young led the company's spin-out from Intel in 2016 after joining the chip maker two years earlier.

• January 17, 2020 17 Jan'20

  Unpatched Citrix vulnerability expands as mitigations fall short

  Citrix discovered another product affected by last month's vulnerability, while security researchers found an attacker blocking exploits of the vulnerability.

• January 15, 2020 15 Jan'20

  NSA reports flaw in Windows cryptography core

  Microsoft patched a critical vulnerability in how Windows validates cryptographic certificates that could lead to dangerous attacks, according to experts, and was originally reported by the NSA.

• January 14, 2020 14 Jan'20

  CrowdStrike: Intrusion self-detection, dwell time both increasing

  The 2019 CrowdStrike Services Cyber Front Lines Report found that while the percentage of organizations that self-detected an intrusion is up, dwell time has gone up as well.

• January 14, 2020 14 Jan'20

  Citrix patches for ADC and Gateway flaw to begin rolling out next week

  Citrix announced security fixes on the way one month after disclosing a vulnerability in its ADC and Gateway appliances, which has already seen preliminary attacks in the wild.

• January 13, 2020 13 Jan'20

  Signal Sciences: Enterprises still overlooking web app security

  Signal Sciences co-founder and CEO Andrew Peterson explains why web application security often gets shortchanged and what his next-gen WAF company is doing to change that.

• January 10, 2020 10 Jan'20

  Threat actors scanning for vulnerable Citrix ADC servers

  Scans for vulnerable Citrix servers were discovered by security researchers following the disclosure of a remote code execution flaw in Citrix ADC and Gateway products.

• January 08, 2020 08 Jan'20

  Experts weigh in on risk of Iranian cyberattacks against U.S.

  Cybersecurity experts weigh in on the risks of potential nation-state cyberattacks from Iran following a DHS warning and heightened tensions between the country and the U.S.

• January 07, 2020 07 Jan'20

  Broadcom sells Symantec Cyber Security Services to Accenture

  Accenture agreed to acquire Symantec's Cyber Security Services business from Broadcom, less than six months after Broadcom acquired Symantec's enterprise business.

• January 07, 2020 07 Jan'20

  Pulse Secure VPN vulnerability targeted with ransomware

  Threat actors appear to be exploiting vulnerable Pulse Secure VPN servers to hit enterprises with ransomware attacks, even though a patch has been available since April 2019.

• January 06, 2020 06 Jan'20

  5 cybersecurity vendors to watch in 2020

  A number of cybersecurity startups earned tens of millions of dollars in venture capital investments last year. Here are five such vendors poised to emerge and grow in 2020.

• December 30, 2019 30 Dec'19

  BigID: New privacy regulations have ended 'the data party'

  New privacy laws are changing data management practices in the enterprise. BigID co-founder Nimrod Vax discusses the importance of being 'data native' in the era of the CCPA.

• December 26, 2019 26 Dec'19

  Siemplify looks to streamline security operations for enterprises

  Siemplify aims to become the security equivalent of Salesforce. Chief strategy officer Nimmy Reichenberg discusses the company's plans for 2020 and the obstacles it faces.

• December 20, 2019 20 Dec'19

  F5 Networks to acquire Shape Security for $1 billion

  F5 Networks is acquiring Shape Security for approximately $1 billion in a move to strengthen its presence in the application security and anti-fraud markets.

• December 19, 2019 19 Dec'19

  Clumio eyes security, BaaS expansion with VC funding

  Clumio CTO Chad Kinney and CSO Glenn Mulvaney discuss their company's roadmap and how Clumio addresses ransomware threats in a way that's different from other backup providers.

• December 19, 2019 19 Dec'19

  Two attacks on Maze ransomware list confirmed

  Another confirmed ransomware attack, this time against Busch's Fresh Food Markets, was added to the Maze gang's ransomware shaming list after the company refused to pay the ransom.

• December 18, 2019 18 Dec'19

  Cyberinsurance is on the rise -- and so is ransomware

  A debate has erupted between the insurance industry and the infosec community over whether cyberinsurance payouts have led to the surge in ransomware attacks this year.

• December 17, 2019 17 Dec'19

  Maze gang outs ransomware victims in shame campaign

  The threat actors behind Maze ransomware started a campaign to pressure victims into paying ransom by publicly listing successful attacks and threatening to leak data.

• December 16, 2019 16 Dec'19

  Latest city ransomware attack: New Orleans

  The city of New Orleans declared a state of emergency as the government tries to get systems back online following a ransomware attack Friday morning.

• December 16, 2019 16 Dec'19

  Siemens ICS flaws could allow remote exploits

  Siemens recommends locking down industrial control systems as security researchers disclose 54 bugs, including remote exploit flaws, but only three patches are available.

• December 13, 2019 13 Dec'19

  Google expands multiple Chrome password protection features

  Chrome's updated, built-in protections are intended to help users protect their passwords and data against malware, data breaches and phishing sites, according to the company.

• December 13, 2019 13 Dec'19

  RSA teams up with Yubico for passwordless authentication

  RSA Security joined forces with Yubico to eliminate passwords within the enterprise. RSA's Jim Ducharme explains what it will take to the reach the 'last mile' of the pursuit.

• December 12, 2019 12 Dec'19

  Pentagon CMMC program to vet contractor cybersecurity

  The U.S. Department of Defense has developed a five-level certification framework designed to vet the cybersecurity posture of potential contractors in an effort to avoid future risks.

• December 10, 2019 10 Dec'19

  City of Pensacola hit by ransomware attack

  A cyberattack, later confirmed to be ransomware, hit the city of Pensacola, Florida on Saturday, and the city is currently in the process of responding.

• December 10, 2019 10 Dec'19

  Ryuk ransomware change breaks decryption tool

  The threat actors behind Ryuk ransomware made changes to their code that have made the official decryption tool unreliable, according to security researchers.

• December 05, 2019 05 Dec'19

  DOJ takes action against Dridex malware group, Evil Corp

  The U.S. Justice Department indicts two alleged members of the Russian threat group behind the Dridex banking Trojan, known as Evil Corp, and offers a $5 million bounty.

• December 05, 2019 05 Dec'19

  Session cookie mishap exposed HackerOne private reports

  A security researcher used a mishandled session cookie to access private HackerOne bug reports with an account takeover attack and earned a bug bounty for their efforts.

• December 04, 2019 04 Dec'19

  NSS Labs drops antitrust suit against AMTSO, Symantec and ESET

  NSS Labs dropped its antitrust suit against the Anti-Malware Testing Standards Organization, Symantec and ESET, ending a contentious legal battle in the endpoint security market.

• December 02, 2019 02 Dec'19

  Exposed Firebase databases hidden by Google search

  A security researcher found that Google's search engine hides results for misconfigured Firebase databases that are publicly accessible on the internet.

• November 25, 2019 25 Nov'19

  Ransomware attacks shaking up threat landscape -- again

  Threat actors have employed new techniques and built more sophisticated business models for their ransomware campaigns, which has had devastating consequences.

• November 22, 2019 22 Nov'19

  Android Security Rewards program expands, adds $1.5M bounty

  Google expanded its Android bug bounty program to include data exfiltration and lock screen bypass and raised its top prize for a full chain exploit of a Pixel device.

• November 21, 2019 21 Nov'19

  IBM Cloud Pak for Security aims to unify hybrid environments

  IBM Security is shifting its strategy with a new Cloud Pak designed specifically to unify data from multiple security tools and vendors through accessing federated data.

• November 21, 2019 21 Nov'19

  Ohio builds 'Cyber Reserve' to combat cyberattacks

  Ohio is building a 'Cyber Reserve,' a civilian cybersecurity force alongside the state's National Guard that will be deployed to help local governments recover from cyberattacks.

• November 19, 2019 19 Nov'19

  Louisiana ransomware attack hits government systems

  A ransomware attack on Louisiana government systems has been contained, according to Governor John Bel Edwards, and experts are praising the state's response.

• November 19, 2019 19 Nov'19

  CrowdStrike: Incident response times still too long

  A CrowdStrike study revealed it takes enterprise security teams almost seven days of nonstop work to detect, investigate and contain the average incident.

• November 15, 2019 15 Nov'19

  Check Point: Qualcomm TrustZone flaws could be 'game over'

  Researchers discovered vulnerabilities in Qualcomm TrustZone that Check Point says could lead to 'unprecedented access' because of the extremely sensitive data stored in mobile secure elements.

• November 14, 2019 14 Nov'19

  InfoTrax settles FTC complaint, will implement infosec program

  InfoTrax settled an FTC complaint over an extensive data breach that lasted two years. Now, it can no longer collect any personal data until it implements its own infosec program.

• November 13, 2019 13 Nov'19

  Microsoft to apply CCPA protections to all US customers

  Microsoft said it will apply the California Consumer Privacy Act across the nation and extend the law's data privacy protections to customers in all fifty states.

• November 13, 2019 13 Nov'19

  ZombieLoad v2 disclosed, affects newest Intel chips

  Researchers disclosed another variant of the ZombieLoad side-channel attack that affects the newest Intel processors, and also discovered a flaw in the original ZombieLoad patch.

• November 12, 2019 12 Nov'19

  How and why data breach lawsuits are settled

  For all of the talk about data breach class action lawsuits, virtually none of them reach a courtroom. Here's why and how data breach lawsuits almost always end in settlements.

• November 12, 2019 12 Nov'19

  Application Guard to block malicious attachments in Office 365

  Microsoft is bringing the Application Guard security container to Office 365 ProPlus this year, which could limit the threat of malicious Office documents for subscribers.

• November 08, 2019 08 Nov'19

  ConnectWise ransomware attacks affecting Automate customers

  ConnectWise warned that ransomware attacks are targeting open ports for its Automate on-premises application, but the company has offered few details about the nature of the attacks.

• November 07, 2019 07 Nov'19

  Trend Micro insider threat steals, sells customer data

  A Trend Micro employee stole and sold customer support data, which was used by a malicious third-party actor to scam consumer customers of the cybersecurity company.

• November 07, 2019 07 Nov'19

  SSL certificate abuse drives growing number of phishing attacks

  Phishing attacks against the United Nations and humanitarian organizations show how threat actors are weaponizing valid SSL certificates and how hard it is to stop the abuse.

• November 06, 2019 06 Nov'19

  Firefox bug is enabling attackers to freeze out users

  A recently reported bug in Firefox allows spammed authentication dialogs to lock users out of their browsers and it is under attack in the wild, despite previous efforts to patch.

• November 05, 2019 05 Nov'19

  First BlueKeep attacks in the wild may be dark portents

  Following months of warnings from law enforcement and the infosec community, the first BlueKeep exploit campaign was discovered in the wild and experts say it won't be the last.

• November 04, 2019 04 Nov'19

  Assessing the value of personal data for class action lawsuits

  Determining the value of consumers' personal data exposed in a breach can be a challenge. Security and legal experts discuss what factors are involved in the equation.

• November 01, 2019 01 Nov'19

  Threat Stack Application Security Monitoring adds Python support

  Now supporting both Python and Node.js, Application Security Monitoring can identify risk throughout the software development lifecycle for both third-party and native code.

• October 31, 2019 31 Oct'19

  Adsterra still connected to malvertising campaign, despite denials

  Despite a pledge of "zero tolerance" for malicious activity, ad network Adsterra was found to be once again connecting with the Master134 malvertising campaign.

• October 30, 2019 30 Oct'19

  Imperva CEO steps down following breach investigation

  Chris Hylen unexpectedly stepped down as CEO of Imperva in the wake of a data breach involving cloud WAF customer data, though it's unclear if the two events are connected.

• October 30, 2019 30 Oct'19

  Splunk Mission Control launch enables a unified SOC

  Mission Control is intended to unify Splunk Enterprise Security, Splunk Phantom and Splunk User Behavior Analytics into the Splunk Security Operations Suite.

• October 29, 2019 29 Oct'19

  Adobe exposure includes data on 7.5 million users

  Adobe exposed data on 7.5 million users and employees and one expert says the incident highlights why production data shouldn't be used in test environments.

• October 25, 2019 25 Oct'19

  Cyber insurance has changed incident response -- for better or worse

  Cyber insurance carriers are assuming greater control over how enterprises conduct incident response, which has caused angst and frustration among some security vendors.

• October 23, 2019 23 Oct'19

  Another CCleaner attack hits Avast supply chain

  Avast was able to stop an attempted supply chain attack targeting its CCleaner software, but experts say all enterprises should be wary of similar supply chain attacks.

• October 22, 2019 22 Oct'19

  Forcepoint Web Security offering reaches for the edge

  Forcepoint has delivered a web-based security tool leveraging elastic cloud gateway technology that allows admins to access content from any remote location.

• October 22, 2019 22 Oct'19

  Bugcrowd launches Attack Surface Management platform

  The new platform provides an extra layer of testing by sending its findings to Bugcrowd's crowdsourced security testing tools.

• October 21, 2019 21 Oct'19

  Sophos acquisition bid presents potential growth, peril

  Private equity firm Thoma Bravo made an offer to acquire Sophos for approximately $3.9 billion. Analysts discuss what the deal might mean for the endpoint security vendor.

• October 21, 2019 21 Oct'19

  Malware detection methods struggle to keep up with evolving threats

  Experts discuss the increasingly complex methods of malware detection needed when dealing with everything from low-level attackers to advanced persistent threat groups.

• October 16, 2019 16 Oct'19

  Exposed Docker hosts open the door for cryptojacking

  Security researchers discovered a new Docker worm that has been targeting exposed hosts in order to spread cryptojacking malware to other containers.

• October 14, 2019 14 Oct'19

  Imperva breach update puts blame on exposed AWS API keys

  Imperva CTO Kunal Anand posted updated information regarding the recent breach affecting Cloud WAF customers and admitted poor security controls led to the compromise.

• October 11, 2019 11 Oct'19

  Cybersecurity threats on the rise, prey on human nature

  Cybersecurity attacks continue to rise, taking advantage of network vulnerabilities -- and human ones. First National Technology Solutions' CISO offers advice.

• October 11, 2019 11 Oct'19

  Palo Alto Networks launches new version of Demisto SOAR platform

  New features to the Demisto platform include a customizable user interface, threat intelligence, database scaling and a mobile app providing chat support and updates for users.

• October 09, 2019 09 Oct'19

  Twitter 2FA data 'inadvertently' used for advertising

  Twitter used two-factor authentication information, including email addresses and phone numbers, to target ads for an unknown number of people over an unknown period of time.

• October 08, 2019 08 Oct'19

  NSA warns VPN vulnerabilities exploited by nation-state hackers

  Nation-state hackers are exploiting previously disclosed vulnerabilities in VPNs from Pulse Secure, Palo Alto Networks and Fortinet, according to a security advisory from the NSA.

• October 08, 2019 08 Oct'19

  Experts expect hospital ransomware attacks to continue

  One week after being hit by a ransomware attack, hospitals in Alabama are turning away patients while working on recovery, and experts warn of similar attacks in the future.

• October 04, 2019 04 Oct'19

  Risk & Repeat: Trump takes aim at DNC hack and CrowdStrike

  This week's Risk & Repeat podcast looks at President Trump's recent comments about CrowdStrike and the DNC 'server' and the misinformation around Russian election interference.

• October 03, 2019 03 Oct'19

  Zendesk breach in 2016 affected 10,000 customers

  Zendesk disclosed a previously undetected security incident from 2016 in which data for 10,000 customer accounts was accessed, but the disclosure is missing some key details.

• October 03, 2019 03 Oct'19

  Ping Identity launches identity and access management tool

  PingCentral aims to streamline the identity and access management processes and bridge the gap between IAM teams and application teams to improve productivity.

• October 02, 2019 02 Oct'19

  Hospital ransomware attacks lead to patients being turned away

  Ransomware attacks hit seven hospitals in Australia and three in Alabama, with the Alabaman hospitals being forced to turn away patients because of the attacks.

• October 01, 2019 01 Oct'19

  Bulletproof host raided in former NATO bunker

  German authorities arrested seven in raid of bulletproof hosting company CyberBunker -- which was housed in a former NATO bunker -- for allegedly hosting dark web marketplaces.

• October 01, 2019 01 Oct'19

  Sophos launches Managed Threat Response service

  The new offering is built on Sophos' endpoint security platform Intercept X Advanced, with capabilities supported by the company's recent acquisition of Rook Security and DarkBytes.

• September 27, 2019 27 Sep'19

  New York files lawsuit over Dunkin' breach response

  The New York attorney general filed a lawsuit against Dunkin' Brands regarding attacks dating back to 2015 and alleges the company failed to respond or notify victims properly.