News

News

• March 08, 2019 08 Mar'19

  Battling misinformation focus of Facebook, Twitter execs' talk

  Facebook and Twitter executives say finding a pattern of malicious activity is more effective in identifying bad actors on sites than looking at the misleading information itself.

• March 07, 2019 07 Mar'19

  Nation-state threats grow more sophisticated, converge on targets

  Incident response experts say nation-state cyberattacks are so common that they find threat actors from multiple nations operating in the same victim environment.

• March 07, 2019 07 Mar'19

  Microsoft promotes zero-trust security over firewalls

  Microsoft told RSA Conference attendees a zero-trust model is better than firewalls for protecting corporate data -- a stance that some said doesn't go far enough.

• March 07, 2019 07 Mar'19

  RSAC 2019: Coverage of the premiere security gathering

  Find out what's happening at the at the 2019 RSA Conference in San Francisco, the information security industry's biggest event, with breaking news and analysis by the SearchSecurity team.

• March 07, 2019 07 Mar'19

  FBI: How we stopped the Mirai botnet attacks

  FBI Special Agent Elliott Peterson gave RSA attendees a behind-the-scenes look at the investigation into the Mirai botnet following the devastating DDoS attacks in 2016.

• March 07, 2019 07 Mar'19

  Cryptography techniques must keep pace with threats, experts warn

  Cryptographers at RSAC 2019 discussed personal data protection laws and challenges, future threats and the pressure for tech companies to work with law enforcement on decryption.

• March 06, 2019 06 Mar'19

  FBI director calls for public-private cybersecurity partnerships

  At the recent RSA Conference, FBI Director Christopher Wray called for public-private partnerships to fend off cyberadversaries and threats.

• March 06, 2019 06 Mar'19

  Cisco: Network security strategy requires IT, OT to play nice

  Cisco told RSA attendees the need for network security on the factory floor is growing. Cisco says cooperation between IT and operations is key to protecting equipment.

• March 06, 2019 06 Mar'19

  NSA releases Ghidra open source reverse-engineering tool

  The National Security Agency launched its highly anticipated reverse-engineering tool, Ghidra. The free software offers features found in high-end commercial products.

• March 05, 2019 05 Mar'19

  Chronicle dives into security telemetry with 'Backstory'

  Alphabet's Chronicle looks to give enterprises a leg up with a new service called Backstory, which will bring context and insight to vast amounts of security telemetry.

• March 01, 2019 01 Mar'19

  Coinhive shutdown imminent after troubled cryptomining past

  The Coinhive cryptominer is scheduled to be shut down following a troubled history and experts don't think the company gave the full story as to why the shutdown is happening.

• March 01, 2019 01 Mar'19

  Research sparks debate over password manager vulnerabilities

  Researchers found several popular password managers expose master passwords in system memory, but experts recommend consumers and enterprises should still use the products.

• February 28, 2019 28 Feb'19

  Cisco patches persistent Webex vulnerability for a third time

  After two previous attempts, Cisco has issued a third patch for a persistent flaw in its Webex platform, which allows privilege escalation attacks on systems running the software.

• February 27, 2019 27 Feb'19

  MarioNet attack exploits HTML5 to create botnets

  Researchers created a new browser-based attack, called MarioNet, that exploits an HTML5 API and can create botnets even after a browser tab is closed or a target navigates away.

• February 26, 2019 26 Feb'19

  Eclypsium: Bare-metal cloud servers vulnerable to firmware attacks

  Eclypsium found IBM SoftLayer cloud services are vulnerable to what it calls Cloudborne, which allows threat actors to make small, but potentially deadly firmware changes.

• February 26, 2019 26 Feb'19

  Android brings FIDO2 certification to 1 billion devices

  The FIDO Alliance announced Android has received FIDO2 certification, which will bring the ability to sign into websites and apps with biometrics, rather than passwords.

• February 26, 2019 26 Feb'19

  CERT/CC's Art Manion says CVSS scoring needs to be replaced

  Security expert Art Manion discusses what he calls major problems within the Common Vulnerability Scoring System and explains why CVSS needs to be replaced.

• February 25, 2019 25 Feb'19

  WinRAR bug found and patched after 19 years

  A WinRAR bug that affects every version of the app over the past 19 years was discovered and patched. But it's unclear if the millions of the app's users will get the needed fix.

• February 22, 2019 22 Feb'19

  Security automation on display in 2019 RSAC Innovation Sandbox

  Security automation will be a factor when most innovative startup is chosen at this year's RSAC Innovation Sandbox since almost all finalists use automation to improve security.

• February 22, 2019 22 Feb'19

  Supply chain cybersecurity is a hot topic for RSAC 2019

  Following years of AI climbing the hype wheel at RSA Conference, the topic is no longer one of the most prevalent as supply chain and infrastructure fears take focus at RSAC 2019.

• February 21, 2019 21 Feb'19

  CrowdStrike report says breakout time for threat actors is increasing

  CrowdStrike's annual global threat report highlights why speed is critical for cybersecurity defenders. Experts sound off on key findings, including the rise of 'big game hunting.'

• February 20, 2019 20 Feb'19

  ConnectWise plugin flaw exploited in ransomware attacks on MSPs

  GandCrab ransomware infected several managed service providers, thanks to an old a ConnectWise manage plugin vulnerability, but a new decryptor tool is offering relief to victims.

• February 20, 2019 20 Feb'19

  At RSAC 2019, speculative execution threats take a back seat

  The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.

• February 19, 2019 19 Feb'19

  Palo Alto Networks to acquire SOAR vendor Demisto

  Palo Alto Networks announced its plan of acquiring SOAR vendor Demisto for $560 million to accelerate its Application Framework strategy and beef up security operations automation.

• February 15, 2019 15 Feb'19

  Google Play security improved by targeting repeat offenders

  Google this week attributed security improvements in Google Play to both automated processes and human reviewers. The improvements include stopping bad apps from being published.

• February 15, 2019 15 Feb'19

  Astaroth Trojan returns, abuses antivirus software

  Cybereason's Nocturnus Research team has discovered a new strain of the Astaroth Trojan that attacks antivirus software to steal credentials.

• February 15, 2019 15 Feb'19

  Ponemon study: Poor password practices remain rampant

  More than two-thirds of employees share passwords with colleagues, research reveals. Experts sound off on what's fueling poor password practices and how to solve the problem.

• February 13, 2019 13 Feb'19

  Dunkin' security alert warns of new credential-stuffing attacks

  Dunkin' sent a security alert to customers warning of potentially malicious access of accounts due to the second credential stuffing attack in less than three months.

• February 12, 2019 12 Feb'19

  Senators want potential VPN threat investigated by DHS

  Two senators called on the Department of Homeland Security to investigate the possibility that VPNs are allowing valuable information to be routed to foreign adversaries.

• February 12, 2019 12 Feb'19

  MongoDB security head addresses database exposures

  Davi Ottenheimer, MongoDB's head of product security, discusses his company's efforts to prevent accidental database exposures and why so many misconfigurations occur.

• February 08, 2019 08 Feb'19

  Apple releases FaceTime patch and iOS zero-day fixes

  New bug fix releases for both iOS and macOS include the anticipated FaceTime patch for the serious eavesdropping flaw in group chats as well as fixes for two iOS zero-days.

• February 08, 2019 08 Feb'19

  'SpeakUp' backdoor Trojan could spell further trouble for Linux servers

  Check Point Research explains why SpeakUp, the new Trojan targeting Linux servers, has the potential to unleash more harm and offers pointers on how to defend against such malware.

• February 08, 2019 08 Feb'19

  Defense Department eyes behavioral biometrics with new contract

  The Department of Defense awards a $2.4 million contract to Twosense.AI in order to create a behavioral biometrics system that can replace the current ID card system.

• February 08, 2019 08 Feb'19

  Risk & Repeat: Apple restores enterprise certificates for Facebook, Google

  This week's Risk & Repeat podcast looks at Apple's decision to temporarily revoke Facebook's and Google's enterprise certificates following reports of questionable app activity.

• February 07, 2019 07 Feb'19

  Gartner: Expanding SOC capabilities a priority for enterprises

  Reinvesting in SOCs and crafting clear risk appetite statements made the list of Gartner's top security and risk management trends. Experts sound off on what's driving these trends.

• February 06, 2019 06 Feb'19

  Google's Mark Risher: New types of 2FA are 'game changers'

  Google's head of account security, Mark Risher, discusses the various types of 2FA and how new options of WebAuthn and U2F are going to be game changers for enterprise.

• February 06, 2019 06 Feb'19

  Google's Mark Risher discusses 2FA adoption strategies

  Although some types of two-factor authentication have been found to be vulnerable, Google's Mark Risher says 2FA adoption should be the baseline of security for all enterprises.

• February 01, 2019 01 Feb'19

  Google planning warnings for lookalike URLs in Chrome

  Google is planning to add warnings on lookalike URLs in an ongoing effort to ensure internet users experience useful and clear warnings while using the Chrome browser.

• January 31, 2019 31 Jan'19

  Dell unveils endpoint security portfolio with CrowdStrike, Secureworks

  Dell has teamed up with CrowdStrike and Secureworks for SafeGuard and Response, a portfolio of endpoint security technology and services, to tackle the shifting threat landscape.

• January 31, 2019 31 Jan'19

  Facebook and Google exploit Enterprise Certificate loophole on iOS

  Both Facebook and Google were found to be exploiting a loophole in Apple's Developer Enterprise Program for iOS with apps used to gather data on users who installed them.

• January 30, 2019 30 Jan'19

  New DDoS attack technique puts CSPs at risk

  Nexusguard found a new DDoS attack technique that targeted CSPs in which attackers used a bit-and-piece approach to inject junk into legitimate traffic and dodge detection.

• January 29, 2019 29 Jan'19

  Major Apple FaceTime bug allows audio eavesdropping

  A new major FaceTime bug can allow someone to hear the other party's audio before they answer the call and the issue was reported to Apple more than a week ago.

• January 29, 2019 29 Jan'19

  Insecure MongoDB databases expose Russian backdoor access

  A security researcher found more than 2,000 exposed MongoDB databases that revealed a backdoor-access account operated by the Russian government, according to a report from ZDNet.

• January 29, 2019 29 Jan'19

  Dailymotion credential stuffing attacks lasted more than 6 days

  Video-sharing website Dailymotion reset passwords for an unknown number of users following 'large-scale' credential stuffing attacks that lasted for more than six days before being stopped.

• January 25, 2019 25 Jan'19

  SafeRide tackles connected vehicle security with machine learning

  SafeRide's vXRay technology aims to improve security for connected vehicles with unsupervised machine learning. Can it keep hackers out of the driver's seat?

• January 25, 2019 25 Jan'19

  DNS hijack attacks lead to government directive from DHS

  Following a string of DNS hijack attacks around the globe, the Department of Homeland Security has directed federal agencies to harden defenses against DNS tampering.

• January 23, 2019 23 Jan'19

  Google GDPR fine of $57 million sets record

  The Google GDPR fine of $57 million marks the first time a major tech company has been penalized under Europe's new privacy regulations. But the fine is less than the maximum allowable penalty.

• January 23, 2019 23 Jan'19

  Top security initiatives for 2019 include MFA, end-user training

  TechTarget's IT Priorities survey revealed key security initiatives companies plan to implement in 2019. Experts weigh in on best practices to be adopted.

• January 22, 2019 22 Jan'19

  DNC lawsuit claims Russian hackers attacked again after midterms

  A Democratic National Committee lawsuit regarding Russian cyberattacks in the lead-up to the 2016 election now also claims Russia attacked DNC systems after the 2018 midterms.

• January 22, 2019 22 Jan'19

  DerbyCon's Dave Kennedy: The conference 'got too big'

  DerbyCon co-founder Dave Kennedy discusses his decision to close down the conference and what he would have done differently.

• January 18, 2019 18 Jan'19

  Collection #1 breach data includes 773 million unique emails

  Have I Been Pwned added a new trove of 773 million unique emails and 21 million passwords -- known as the Collection #1 breach data -- but there are questions about the freshness of the data.

• January 18, 2019 18 Jan'19

  Experts: A breach response plan is a must in 2019

  During an IT GRC Forum webinar, experts explain the need for shedding legacy security approaches and highlight the gravity of drafting a data breach response plan.

• January 18, 2019 18 Jan'19

  This year's DerbyCon conference will be the last

  Citing an inability to manage 'negativity, polarization, and disruption' at the conference, DerbyCon organizers unexpectedly announced this year's show will be the last.

• January 17, 2019 17 Jan'19

  Shutdown of federal security services puts private sector at risk

  In addition to putting government agencies at risk, the shutdown has impacted federal security services and resources that the private sector relies on to keep enterprises safe.

• January 17, 2019 17 Jan'19

  Government cybersecurity at risk as shutdown lingers

  As the shutdown continues, experts believe government cybersecurity will become more vulnerable, and government IT staff could leave for the private sector.

• January 16, 2019 16 Jan'19

  Enterprises betting on SOAR tools to fill security gaps

  Security experts sound off on the importance and benefits of automating security, and highlight factors to be considered before implementing SOAR tools.

• January 16, 2019 16 Jan'19

  Risk & Repeat: Expired certificates loom amid government shutdown

  This week's Risk & Repeat podcast looks at the expiration of more than 80 TLS certificates for U.S. government websites amid the ongoing government shutdown.

• January 15, 2019 15 Jan'19

  Ryuk ransomware poses growing threat to enterprises

  Cybersecurity vendors CrowdStrike and FireEye both published new research that shows an increase in Ryuk ransomware attacks on enterprises, which have earned hackers $3.7 million.

• January 11, 2019 11 Jan'19

  Iran implicated in DNS hijacking campaign around the world

  FireEye researchers investigating a DNS hijacking campaign against governments and telecom companies said those who are potential targets of Iran should take precautions.

• January 11, 2019 11 Jan'19

  Kaspersky Lab aided NSA hacking tools investigation

  News roundup: According to a new report from Politico, Kaspersky Lab aided the NSA in catching alleged data thief Harold Martin. Plus, telecoms are selling customer data, and more.

• January 10, 2019 10 Jan'19

  UnCAPTCHA attack updated to bypass spoken phrases

  Researchers updated their unCAPTCHA proof of concept to be more efficient in bypassing audio CAPTCHAs and be able to handle spoken phrases and not just strings of numbers.

• January 10, 2019 10 Jan'19

  McAfee casts doubt on Ryuk ransomware connection to North Korea

  New research from McAfee refutes the connection between recent Ryuk ransomware attacks and the North Korean government. Instead, it points the finger at cybercriminals.

• January 10, 2019 10 Jan'19

  Risk & Repeat: What APT10 means for managed service providers

  This week's Risk & Repeat podcast discusses how a Chinese state-sponsored threat group known as APT10 hacked into managed service providers to gain access to their clients.

• January 08, 2019 08 Jan'19

  Marriott data breach exposed 5 million unencrypted passport numbers

  Marriott's data breach affected fewer customers than the hotel giant originally estimated, but the breach exposed millions of unencrypted passport numbers.

• January 08, 2019 08 Jan'19

  NSA to release GHIDRA open source reverse engineering tool

  The National Security Agency plans to release an open source version of its GHIDRA reverse engineering tool during RSA Conference in March, but details about the tool are scarce.

• January 04, 2019 04 Jan'19

  Cloud provider blames Ryuk ransomware for Christmas Eve attack

  News roundup: Data Resolution claimed the Ryuk ransomware attack on its systems originated from North Korea. Plus, the EU is set to launch 14 open source bug bounties, and more.

• January 02, 2019 02 Jan'19

  Tribune Publishing cyberattack raises attribution questions

  Malware hit the Tribune Publishing Company and disrupted the publication of several major newspapers, but the nature of the attack and threat actors remain unclear.

• December 31, 2018 31 Dec'18

  Why dating app security flaws should concern enterprises

  Vulnerable dating apps on BYODs pose risks to more than just individual users. Find out what security flaws are common in these apps and what they mean for enterprises.

• December 28, 2018 28 Dec'18

  Government data requests rise, as does Apple's compliance

  Apple's latest Transparency Report shows government data requests on the rise around the world, as is Apple's compliance in providing the data being requested by law enforcement.

• December 27, 2018 27 Dec'18

  Malwarebytes: Fileless ransomware an emerging threat for U.S.

  A new Malwarebytes report examines Sorebrect, a fileless ransomware threat that's been detected in the U.S. this year, as well as with three other fileless attacks.

• December 27, 2018 27 Dec'18

  NPM security to use automated tools to boost community alerts

  Adam Baldwin, director of security for NPM, talks chains of trust and new NPM security initiatives that will bring automated alerts to help highlight potentially malicious activity.

• December 21, 2018 21 Dec'18

  DOJ indicts two Chinese nationals for APT10 group cyberattacks

  The Department of Justice indicted two alleged members of the Chinese state-sponsored hacking group APT10, which hacked managed service providers to steal data from enterprises.

• December 21, 2018 21 Dec'18

  Microsoft patches Internet Explorer zero-day bug under attack

  News roundup: Microsoft issues an emergency patch for an Internet Explorer bug exploited in the wild. Plus, authorities indict three individuals for 'stresser' services, and more.

• December 20, 2018 20 Dec'18

  McAfee: When quantum computing threats strike, we won't know it

  Quantum computing systems may not be powerful enough to break current encryption protocols, but McAfee CTO Steve Grobman says it will be tough to tell when that day arrives.

• December 20, 2018 20 Dec'18

  NASA data breach included employee Social Security numbers

  Limited details leave questions surrounding a possible NASA data breach that could have compromised Social Security numbers for current and former employees.

• December 20, 2018 20 Dec'18

  Twitter bugs expose user data and direct messages

  Two Twitter bugs led to questions about the platform's user privacy and security, while the company said one of the bugs opened the door to possible state-sponsored attacks.

• December 19, 2018 19 Dec'18

  Risk & Repeat: Lessons from the Equifax breach report

  This week's Risk & Repeat podcast looks at the U.S. House Committee on Oversight and Government Reform report on the Equifax breach and the infosec lessons to be learned from it.

• December 18, 2018 18 Dec'18

  Huawei bans set to continue, despite lack of supporting evidence

  While the number of countries with Huawei bans in place grows and more issue warnings, a German investigation found no evidence of spying to support the fear.

• December 18, 2018 18 Dec'18

  Why McAfee CTO Steve Grobman is wary of AI models for cybersecurity

  Artificial intelligence has become a dominant force in the cybersecurity industry, but McAfee CTO Steve Grobman said it's too easy to make AI models look more effective than they truly are.

• December 17, 2018 17 Dec'18

  Marriott Starwood data breach notification de-values customers

  The Marriott Starwood data breach exposed half a billion customers' data, but the hospitality giant seems to have learned from recent megabreaches that the standard response to a breach can be the ...

• December 14, 2018 14 Dec'18

  Facebook API bug exposed photos of 6.8 million users

  GDPR regulators are already investigating a new Facebook API bug the social media giant announced Friday that might have exposed photos belonging to up to 6.8 million users.

• December 14, 2018 14 Dec'18

  Mozilla distrusts all Symantec certificates with Firefox 64 release

  News roundup: Mozilla finally removes trust for Symantec certificates with Firefox 64. Plus, Supermicro's investigation challenges Bloomberg Businessweek's report, and more.

• December 14, 2018 14 Dec'18

  Initial RSA Conference 2019 keynote lineup released

  RSA Conference 2019's diversity and inclusion initiative appears to be paying off, as the initial keynote speaker lineup has equal representation for men and women speakers.

• December 13, 2018 13 Dec'18

  Project Zero finds Logitech Options app critically flawed

  Tavis Ormandy of Google's Project Zero discovered a serious authentication vulnerability in Logitech's Options application, but the peripheral device maker has yet to address the flaw.

• December 13, 2018 13 Dec'18

  Risk & Repeat: NRCC breach stokes election security fears

  This week's Risk & Repeat podcast looks at the recently disclosed cyberattack on the National Republican Congressional Committee and the questions that remain about it.

• December 13, 2018 13 Dec'18

  Operation Sharpshooter targets infrastructure around the world

  Operation Sharpshooter is a recently discovered global cyberattack campaign targeting critical infrastructure organizations, including nuclear, defense and financial companies.

• December 12, 2018 12 Dec'18

  Equifax breach report highlights multiple security failures

  An Equifax breach report, based on a government investigation, blamed the incident on multiple security failures and concluded the breach was preventable.

• December 11, 2018 11 Dec'18

  Second Google+ data exposure leads to earlier service shutdown

  Another Google Plus data exposure -- this time potentially affecting more than 52 million users -- will cause the service to be shut down four months earlier than scheduled.

• December 07, 2018 07 Dec'18

  Facebook app permissions skirted rules to gather call logs

  New email messages revealed that Facebook app permissions were carefully implemented to avoid alerting users to the fact that the Android app was gathering call log and SMS data.

• December 07, 2018 07 Dec'18

  Risk & Repeat: RSA Conference 2019 eyes diversity improvements

  This week's Risk & Repeat podcast looks at RSA Conference's diversity and inclusion initiatives and discusses what they mean for both the event and the infosec industry.

• December 06, 2018 06 Dec'18

  NRCC email breach confirmed eight months later

  A security company was brought in to investigate a National Republican Congressional Committee breach from April, but little is known about the NRCC email theft.

• December 06, 2018 06 Dec'18

  NSO Group's Pegasus spyware linked to Saudi journalist death

  Soon after the Pegasus spyware was linked to the death of a Mexican journalist, a new lawsuit alleged the NSO Group and its spyware were also linked to the death of a Saudi journalist.

• December 05, 2018 05 Dec'18

  Testing email security products: Results and analysis

  Kevin Tolly of the Tolly Group offers a look at how his company set out to test several email security products and the challenges it faced to come up with sound methodologies.

• December 05, 2018 05 Dec'18

  New VirusTotal hash causes drop in antivirus detection rates

  Questions were raised about how antivirus vendors use the VirusTotal database after a researcher highlighted a significant drop in malware detection rates following an upload of a new VirusTotal hash.

• November 30, 2018 30 Nov'18

  Are US hacker indictments more than Justice Theater?

  New hacker indictments and U.S.Treasury Department sanctions highlight the disconnect between government action and real world consequences for threat actors.

• November 30, 2018 30 Nov'18

  Mitre enters product testing with Mitre ATT&CK framework

  The first round of evaluations using the Mitre ATT&CK framework has gone public, putting on display how different endpoint products detect advanced threat activities.

• November 30, 2018 30 Nov'18

  RSA Conference launches diversity and inclusion initiative

  Following the criticism of the last conference, RSA Conference started a diversity and inclusion initiative that, among many other changes, eliminates all-male panels.

• November 30, 2018 30 Nov'18

  Marriott discloses Starwood data breach affecting 500 million guests

  Marriott International admitted to a Starwood data breach that began in 2014 and affects about 500 million customers. Experts are unsure about the GDPR implications.

• November 30, 2018 30 Nov'18

  Spectre v2 mitigation causes significant slowdown on Linux 4.20

  News roundup: A Spectre v2 mitigation causes significant performance slowdowns in Linux 4.20. Plus, Dell had to reset user passwords after a data breach, and more.

• November 30, 2018 30 Nov'18

  Risk & Repeat: DeepMasterPrints spells trouble for biometrics

  This week's Risk & Repeat podcast looks at the future of biometric authentication after researchers unveiled a new approach that uses neural networks to bypass fingerprint scanners.