News

News

• May 01, 2019 01 May'19

  DHS patching directive brings shorter deadlines

  A new DHS directive placed new deadlines on patching critical vulnerabilities for federal agencies and experts are divided on whether the timelines are reasonable and realistic.

• May 01, 2019 01 May'19

  Huawei ban highlights 5G security issues CISOs must tackle

  Why worry over Huawei? A U.S. ban of this Chinese company's products should remind CISOs that now is the time to consider security issues related to the rollout of the 5G network.

• April 30, 2019 30 Apr'19

  A recent history of Facebook security and privacy issues

  Since the start of 2018, Facebook has had a seemingly constant cascade of security issues and privacy scandals. Here's a look back at the social media giant's most serious issues.

• April 30, 2019 30 Apr'19

  Inside 'Master134': Adsterra's history shows red flags, abuses

  Adsterra denied it was involved in the Master134 malvertising campaign, but a review of the company's history reveals many red flags, including activity in a similar campaign.

• April 30, 2019 30 Apr'19

  Inside 'Master134': Ad networks' 'blind eye' threatens enterprises

  Online ad networks linked to the Master134 malvertising campaign and other malicious activity often evade serious fallout and continue to operate unabated.

• Sponsored News

  • It’s Time to Modernize Your SOC

    Sponsored by Microsoft - With the shift to remote work caused by COVID-19, Security Operations Centers (SOCs) are under more pressure than ever, particularly with many SOC workers also working from home. Today’s reality is that SOCs have to embrace a new way of working in order to keep their analysts and admins effective and to ensure that morale doesn’t collapse under the weight of too much work and pressure. See More

  • 6 Factors to Consider in Building Resilience Now

    Sponsored by Microsoft - COVID-19 has been, and continues to be, a stark reminder of the importance of business resilience. Organizations of all types and sizes have had to adjust to rapidly changing and unpredictable circumstances: A shift to remote work, supply chain disruptions, new digitally driven business models and an environment where uncertainty is the rule, not the exception. See More

  • Why Zero Trust, Why Now

    Sponsored by Microsoft - The concept of a Zero Trust cybersecurity architecture has been around for more than a decade, but adoption didn’t really begin to take hold until the past couple of years. As with many technology innovations, it hasn’t always been clear just what Zero Trust is all about and, more important, how to implement it easily and cost effectively. See More

  • 5 Best Practices To Secure Remote Workers

    Sponsored by Microsoft - The impact of COVID-19 has changed the dynamics and landscape of remote work for at least the foreseeable future and, probably, forever. All of a sudden, organizations across all industries had to scale remote workers at unprecedented intensity and speed. See More

  View All Sponsored News
• April 30, 2019 30 Apr'19

  'Master134' malvertising campaign raises questions for online ad firms

  Malvertising and adware schemes are a growing concern for enterprises. Our deep investigation into one campaign reveals just how complicated threats can be to stop.

• April 30, 2019 30 Apr'19

  Inside 'Master134': ExoClick tied to previous malvertising campaigns

  Online ad network ExoClick denied any involvement in the Master134 campaign, but the company has ties to similar malvertising threats.

• April 30, 2019 30 Apr'19

  Inside the 'Master134' malvertising campaign

  This six-part series examines the unique malvertising campaign known as Master134 and the role that various digital advertising networks played in the threat.

• April 30, 2019 30 Apr'19

  Inside 'Master134': More ad networks tied to malvertising campaign

  Check Point's report on the Master134 malvertising campaign implicated five ad networks, but a SearchSecurity investigation revealed more companies were involved.

• April 30, 2019 30 Apr'19

  Inside 'Master134': Propeller Ads connected to malvertising campaign

  A SearchSecurity investigation determined ad network Propeller Ads played a significant role in the early stages of the Master134 malvertising campaign.

• April 26, 2019 26 Apr'19

  FBI report says BEC attacks are increasing, evolving

  According to the FBI's 2018 Internet Crime Report, business email compromise attacks are on the rise. Security experts highlight how BEC scams are evolving.

• April 26, 2019 26 Apr'19

  Carbanak malware was recording video of victims' desktops

  Researchers from FireEye spent hundreds of hours analyzing the Carbanak backdoor malware and its source code and were surprised by some of the features it contained.

• April 24, 2019 24 Apr'19

  Flashpoint responds to evolving dark web threats

  Cybersecurity firm Flashpoint updated its threat intelligence platform to better address evolving techniques and practices on the dark web, such as encrypted chat usage.

• April 24, 2019 24 Apr'19

  Carbanak source code found on VirusTotal 2 years ago

  The source code for the Carbanak backdoor was found in a VirusTotal archive two years ago, and security researchers are now sharing the analysis of the source code publicly.

• April 22, 2019 22 Apr'19

  Marcus 'MalwareTech' Hutchins pleads guilty to Kronos charges

  Marcus 'MalwareTech' Hutchins, known as being an integral player in stopping the WannaCry ransomware outbreak, pleads guilty to conspiring to create and distribute the Kronos banking Trojan.

• April 22, 2019 22 Apr'19

  IoT device testing made possible with BeStorm X

  BeStorm X, a black-box fuzzer by Beyond Security and Ubiquitous AI, tests IoT devices to identify security weaknesses and vulnerabilities before they're exploited.

• April 19, 2019 19 Apr'19

  Forcepoint pushes 'human-centric cybersecurity' approach

  During the launch of the Forcepoint Cyber Experience Center in Boston, Forcepoint execs emphasized the need for adopting a new approach to cybersecurity that focuses on the human factor.

• April 19, 2019 19 Apr'19

  DNS hijacking campaign targets national security organizations

  A DNS hijacking campaign targeting national security organizations and critical infrastructure may be part of a new trend, according to the researchers behind recent attacks.

• April 16, 2019 16 Apr'19

  Microsoft disputes Outlook data breach report

  Microsoft warned Outlook users who may have had data compromised in an attack using customer support login credentials to access account information over the course of months.

• April 15, 2019 15 Apr'19

  Blue Hexagon bets on deep learning AI in cybersecurity

  Cybersecurity startup Blue Hexagon uses deep learning to detect network threats. Security experts weigh in on the limitations of AI technologies in cybersecurity.

• April 15, 2019 15 Apr'19

  New programs released aim to improve Google Cloud security

  With the release of programs like Access Transparency, Virtual Private Cloud and GKE Sandbox, Google aims to improve Google Cloud security and identity protection.

• April 12, 2019 12 Apr'19

  WPA3 flaws found in Dragonfly handshake

  Researchers discovered vulnerabilities in the WPA3 protocol, specifically in the Dragonfly handshake authentication, allowing for multiple exploits branded Dragonblood.

• April 11, 2019 11 Apr'19

  Huawei security questioned around the world

  Troubles continue for Huawei as new bans and government reports put security into question, but the company is attempting to fight back against the criticism.

• April 11, 2019 11 Apr'19

  New Baldr information stealer could target businesses

  Malwarebytes explains why the rapidly evolving info-stealer Baldr could spell trouble for businesses and consumers, and offers pointers on how to defend against such malware.

• April 10, 2019 10 Apr'19

  Nokia: 5G network slicing could be a boon for security

  According to Nokia's Kevin McNamee, the rise of 5G will mean more danger of IoT botnets, but also more options to secure those devices -- including using network slicing for segmentation.

• April 09, 2019 09 Apr'19

  NSS Labs CTO Jason Brvenik talks security testing challenges

  NSS Labs CTO Jason Brvenik talks about his company's relationship with security vendors following the company's antitrust suit against several endpoint protection vendors last year.

• April 05, 2019 05 Apr'19

  Radware: DDoS amplification attacks increasing, evolving

  As DDoS attacks continue to evolve, planning for DDoS attack prevention and mitigation has become a critical business priority. Radware's Daniel Smith offers advice.

• April 04, 2019 04 Apr'19

  Pipdig WordPress plugin accused of DDoS attacks and backdoors

  Pipdig, a blog theme and plugin company, was accused of using obfuscated code to gain backdoor access to customer blogs and launch low-scale DDoS attacks on rivals.

• April 03, 2019 03 Apr'19

  'Triple threat' malware campaign combines Emotet, TrickBot and Ryuk

  Cybereason sounds off on the recently discovered 'triple threat' campaign and highlights interesting features of the attack technique used by cybercriminals.

• April 03, 2019 03 Apr'19

  Proof-of-concept Magento exploit used in attacks

  Experts are urging users to patch after a proof-of-concept Magento exploit was picked up by malicious actors and used in attempted attacks on e-commerce websites.

• March 29, 2019 29 Mar'19

  Study: Cybersecurity professionals taking on more data privacy duties

  At the SecureWorld Boston conference, ISSA unveils data that shows cybersecurity professionals are taking on more data privacy duties. Experts sound off on what it signifies.

• March 28, 2019 28 Mar'19

  NSS Labs CTO discusses advanced endpoint protection testing, challenges

  NSS Labs released the results of its new endpoint protection group test at RSA Conference 2019. NSS Labs CTO Jason Brvenik talks about the results, testing challenges and more.

• March 28, 2019 28 Mar'19

  Ghidra update squashes serious bugs in NSA reverse-engineering tool

  The NSA answered lingering questions around what kind of support it would provide for Ghidra after releasing the tool as open source with a patch that fixed serious bugs.

• March 26, 2019 26 Mar'19

  CrowdStrike: Cybercrime groups joining forces to pack more punch

  CrowdStrike sounds off on the enhanced partnership between the cybercrime groups behind the TrickBot and BokBot malware and explains what such collaborations signify.

• March 26, 2019 26 Mar'19

  2019 RSA Conference bottom line: People are security's strongest asset

  People in the security community and beyond are more important and influential than the leading technologies if the talk at the 2019 RSA Conference is any indication.

• March 26, 2019 26 Mar'19

  Asus backdoor hits targets with officially signed update

  Attackers infected the official Asus Live Updater to install a malicious backdoor on hundreds of thousands of systems, with the intent of targeting a small subset of those users.

• March 25, 2019 25 Mar'19

  FEMA data exposure affects 2.3 million disaster victims

  FEMA's data exposure is another high-profile example of accidental data disclosures -- a trend that has some security experts calling for more focus on failed security controls.

• March 22, 2019 22 Mar'19

  Study reveals sale of SSL/TLS certificates on dark web

  Security researchers discovered the availability of SSL/TLS certificates for sale on the dark web, which allow cybercriminals to disguise their malicious activity as legitimate.

• March 22, 2019 22 Mar'19

  Hundreds of millions of Facebook passwords exposed internally

  Facebook learned three months ago that hundreds of millions of passwords were stored internally in plaintext, but it didn't disclose the issue or notify users until the news leaked.

• March 22, 2019 22 Mar'19

  Risk & Repeat: RSA Conference 2019 in review

  This week's 'Risk & Repeat' podcast looks back at RSA Conference and discusses the show's diversity and inclusion efforts as well as the top trends and sessions from the show.

• March 22, 2019 22 Mar'19

  Chris Wysopal talks blockchain hype and realistic uses

  While marketers ride the hype train around blockchain, Chris Wysopal says there are realistic uses for the technology. And there are blockchain risks that need to be considered, as well.

• March 20, 2019 20 Mar'19

  New Mirai malware variant targets enterprise devices

  Researchers from Palo Alto Networks have spotted a new variant of the Mirai botnet that is targeting enterprise presentation systems and digital signage with 11 new exploits.

• March 20, 2019 20 Mar'19

  Experts praise Norsk Hydro cyberattack response

  Aluminum manufacturer Norsk Hydro was hit with ransomware that forced a switch to manual operations. The company's incident response has experts impressed.

• March 19, 2019 19 Mar'19

  Bobbie Stempfley: Cybersecurity AI has a long way to go

  Many cybersecurity vendors have embraced AI and machine learning, but CERT Division's Bobbie Stempfley says more work is needed around testing algorithms and validating results.

• March 19, 2019 19 Mar'19

  Critical WinRAR bug exploited in targeted attacks

  A critical WinRAR bug that was exposed after 19 years is already being exploited in targeted attacks in the Middle East and United States, despite the availability of patch.

• March 15, 2019 15 Mar'19

  Despite reservations about NSA's Ghidra, experts see value

  The NSA's reverse-engineering tool, Ghidra, was released to the public and despite some initial concerns experts are generally bullish on the prospects for the free software.

• March 13, 2019 13 Mar'19

  Election security threats loom as presidential campaigns begin

  Fragile electronic voting systems and the weaponization of social media continue to menace U.S. election systems as presidential candidates ramp up their 2020 campaigns.

• March 13, 2019 13 Mar'19

  SANS Institute: DNS attacks gaining steam in 2019

  At RSA Conference 2019, experts from the SANS Institute discuss the most dangerous attack techniques they've seen, including DNS manipulation and domain fronting.

• March 13, 2019 13 Mar'19

  Citrix data breach report raises more questions

  Citrix disclosed a potential data breach blamed on poor password security, but a lack of details about the attack leaves only unconfirmed claims from a single cybersecurity firm.

• March 11, 2019 11 Mar'19

  Zscaler charts sharp increase in SSL threats like phishing, botnets

  Threat actors are exploiting encryption protocols to deliver malicious content, according to Zscaler, which found a 400% increase in SSL-based phishing threats last year.

• March 08, 2019 08 Mar'19

  VMware firewall strategy to focus on 'known good' behavior

  VMware is taking a different approach to firewalls by focusing on 'known good' behavior to better police east-west traffic within enterprise environments.

• March 08, 2019 08 Mar'19

  Battling misinformation focus of Facebook, Twitter execs' talk

  Facebook and Twitter executives say finding a pattern of malicious activity is more effective in identifying bad actors on sites than looking at the misleading information itself.

• March 07, 2019 07 Mar'19

  Nation-state threats grow more sophisticated, converge on targets

  Incident response experts say nation-state cyberattacks are so common that they find threat actors from multiple nations operating in the same victim environment.

• March 07, 2019 07 Mar'19

  Microsoft promotes zero-trust security over firewalls

  Microsoft told RSA Conference attendees a zero-trust model is better than firewalls for protecting corporate data -- a stance that some said doesn't go far enough.

• March 07, 2019 07 Mar'19

  RSAC 2019: Coverage of the premiere security gathering

  Find out what's happening at the at the 2019 RSA Conference in San Francisco, the information security industry's biggest event, with breaking news and analysis by the SearchSecurity team.

• March 07, 2019 07 Mar'19

  FBI: How we stopped the Mirai botnet attacks

  FBI Special Agent Elliott Peterson gave RSA attendees a behind-the-scenes look at the investigation into the Mirai botnet following the devastating DDoS attacks in 2016.

• March 07, 2019 07 Mar'19

  Cryptography techniques must keep pace with threats, experts warn

  Cryptographers at RSAC 2019 discussed personal data protection laws and challenges, future threats and the pressure for tech companies to work with law enforcement on decryption.

• March 06, 2019 06 Mar'19

  FBI director calls for public-private cybersecurity partnerships

  At the recent RSA Conference, FBI Director Christopher Wray called for public-private partnerships to fend off cyberadversaries and threats.

• March 06, 2019 06 Mar'19

  Cisco: Network security strategy requires IT, OT to play nice

  Cisco told RSA attendees the need for network security on the factory floor is growing. Cisco says cooperation between IT and operations is key to protecting equipment.

• March 06, 2019 06 Mar'19

  NSA releases Ghidra open source reverse-engineering tool

  The National Security Agency launched its highly anticipated reverse-engineering tool, Ghidra. The free software offers features found in high-end commercial products.

• March 05, 2019 05 Mar'19

  Chronicle dives into security telemetry with 'Backstory'

  Alphabet's Chronicle looks to give enterprises a leg up with a new service called Backstory, which will bring context and insight to vast amounts of security telemetry.

• March 01, 2019 01 Mar'19

  Coinhive shutdown imminent after troubled cryptomining past

  The Coinhive cryptominer is scheduled to be shut down following a troubled history and experts don't think the company gave the full story as to why the shutdown is happening.

• March 01, 2019 01 Mar'19

  Research sparks debate over password manager vulnerabilities

  Researchers found several popular password managers expose master passwords in system memory, but experts recommend consumers and enterprises should still use the products.

• February 28, 2019 28 Feb'19

  Cisco patches persistent Webex vulnerability for a third time

  After two previous attempts, Cisco has issued a third patch for a persistent flaw in its Webex platform, which allows privilege escalation attacks on systems running the software.

• February 27, 2019 27 Feb'19

  MarioNet attack exploits HTML5 to create botnets

  Researchers created a new browser-based attack, called MarioNet, that exploits an HTML5 API and can create botnets even after a browser tab is closed or a target navigates away.

• February 26, 2019 26 Feb'19

  Eclypsium: Bare-metal cloud servers vulnerable to firmware attacks

  Eclypsium found IBM SoftLayer cloud services are vulnerable to what it calls Cloudborne, which allows threat actors to make small, but potentially deadly firmware changes.

• February 26, 2019 26 Feb'19

  Android brings FIDO2 certification to 1 billion devices

  The FIDO Alliance announced Android has received FIDO2 certification, which will bring the ability to sign into websites and apps with biometrics, rather than passwords.

• February 26, 2019 26 Feb'19

  CERT/CC's Art Manion says CVSS scoring needs to be replaced

  Security expert Art Manion discusses what he calls major problems within the Common Vulnerability Scoring System and explains why CVSS needs to be replaced.

• February 25, 2019 25 Feb'19

  WinRAR bug found and patched after 19 years

  A WinRAR bug that affects every version of the app over the past 19 years was discovered and patched. But it's unclear if the millions of the app's users will get the needed fix.

• February 22, 2019 22 Feb'19

  Security automation on display in 2019 RSAC Innovation Sandbox

  Security automation will be a factor when most innovative startup is chosen at this year's RSAC Innovation Sandbox since almost all finalists use automation to improve security.

• February 22, 2019 22 Feb'19

  Supply chain cybersecurity is a hot topic for RSAC 2019

  Following years of AI climbing the hype wheel at RSA Conference, the topic is no longer one of the most prevalent as supply chain and infrastructure fears take focus at RSAC 2019.

• February 21, 2019 21 Feb'19

  CrowdStrike report says breakout time for threat actors is increasing

  CrowdStrike's annual global threat report highlights why speed is critical for cybersecurity defenders. Experts sound off on key findings, including the rise of 'big game hunting.'

• February 20, 2019 20 Feb'19

  ConnectWise plugin flaw exploited in ransomware attacks on MSPs

  GandCrab ransomware infected several managed service providers, thanks to an old a ConnectWise manage plugin vulnerability, but a new decryptor tool is offering relief to victims.

• February 20, 2019 20 Feb'19

  At RSAC 2019, speculative execution threats take a back seat

  The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.

• February 19, 2019 19 Feb'19

  Palo Alto Networks to acquire SOAR vendor Demisto

  Palo Alto Networks announced its plan of acquiring SOAR vendor Demisto for $560 million to accelerate its Application Framework strategy and beef up security operations automation.

• February 15, 2019 15 Feb'19

  Google Play security improved by targeting repeat offenders

  Google this week attributed security improvements in Google Play to both automated processes and human reviewers. The improvements include stopping bad apps from being published.

• February 15, 2019 15 Feb'19

  Astaroth Trojan returns, abuses antivirus software

  Cybereason's Nocturnus Research team has discovered a new strain of the Astaroth Trojan that attacks antivirus software to steal credentials.

• February 15, 2019 15 Feb'19

  Ponemon study: Poor password practices remain rampant

  More than two-thirds of employees share passwords with colleagues, research reveals. Experts sound off on what's fueling poor password practices and how to solve the problem.

• February 13, 2019 13 Feb'19

  Dunkin' security alert warns of new credential-stuffing attacks

  Dunkin' sent a security alert to customers warning of potentially malicious access of accounts due to the second credential stuffing attack in less than three months.

• February 12, 2019 12 Feb'19

  Senators want potential VPN threat investigated by DHS

  Two senators called on the Department of Homeland Security to investigate the possibility that VPNs are allowing valuable information to be routed to foreign adversaries.

• February 12, 2019 12 Feb'19

  MongoDB security head addresses database exposures

  Davi Ottenheimer, MongoDB's head of product security, discusses his company's efforts to prevent accidental database exposures and why so many misconfigurations occur.

• February 08, 2019 08 Feb'19

  Apple releases FaceTime patch and iOS zero-day fixes

  New bug fix releases for both iOS and macOS include the anticipated FaceTime patch for the serious eavesdropping flaw in group chats as well as fixes for two iOS zero-days.

• February 08, 2019 08 Feb'19

  'SpeakUp' backdoor Trojan could spell further trouble for Linux servers

  Check Point Research explains why SpeakUp, the new Trojan targeting Linux servers, has the potential to unleash more harm and offers pointers on how to defend against such malware.

• February 08, 2019 08 Feb'19

  Defense Department eyes behavioral biometrics with new contract

  The Department of Defense awards a $2.4 million contract to Twosense.AI in order to create a behavioral biometrics system that can replace the current ID card system.

• February 08, 2019 08 Feb'19

  Risk & Repeat: Apple restores enterprise certificates for Facebook, Google

  This week's Risk & Repeat podcast looks at Apple's decision to temporarily revoke Facebook's and Google's enterprise certificates following reports of questionable app activity.

• February 07, 2019 07 Feb'19

  Gartner: Expanding SOC capabilities a priority for enterprises

  Reinvesting in SOCs and crafting clear risk appetite statements made the list of Gartner's top security and risk management trends. Experts sound off on what's driving these trends.

• February 06, 2019 06 Feb'19

  Google's Mark Risher: New types of 2FA are 'game changers'

  Google's head of account security, Mark Risher, discusses the various types of 2FA and how new options of WebAuthn and U2F are going to be game changers for enterprise.

• February 06, 2019 06 Feb'19

  Google's Mark Risher discusses 2FA adoption strategies

  Although some types of two-factor authentication have been found to be vulnerable, Google's Mark Risher says 2FA adoption should be the baseline of security for all enterprises.

• February 01, 2019 01 Feb'19

  Google planning warnings for lookalike URLs in Chrome

  Google is planning to add warnings on lookalike URLs in an ongoing effort to ensure internet users experience useful and clear warnings while using the Chrome browser.

• January 31, 2019 31 Jan'19

  Dell unveils endpoint security portfolio with CrowdStrike, Secureworks

  Dell has teamed up with CrowdStrike and Secureworks for SafeGuard and Response, a portfolio of endpoint security technology and services, to tackle the shifting threat landscape.

• January 31, 2019 31 Jan'19

  Facebook and Google exploit Enterprise Certificate loophole on iOS

  Both Facebook and Google were found to be exploiting a loophole in Apple's Developer Enterprise Program for iOS with apps used to gather data on users who installed them.

• January 30, 2019 30 Jan'19

  New DDoS attack technique puts CSPs at risk

  Nexusguard found a new DDoS attack technique that targeted CSPs in which attackers used a bit-and-piece approach to inject junk into legitimate traffic and dodge detection.

• January 29, 2019 29 Jan'19

  Major Apple FaceTime bug allows audio eavesdropping

  A new major FaceTime bug can allow someone to hear the other party's audio before they answer the call and the issue was reported to Apple more than a week ago.

• January 29, 2019 29 Jan'19

  Insecure MongoDB databases expose Russian backdoor access

  A security researcher found more than 2,000 exposed MongoDB databases that revealed a backdoor-access account operated by the Russian government, according to a report from ZDNet.

• January 29, 2019 29 Jan'19

  Dailymotion credential stuffing attacks lasted more than 6 days

  Video-sharing website Dailymotion reset passwords for an unknown number of users following 'large-scale' credential stuffing attacks that lasted for more than six days before being stopped.

• January 25, 2019 25 Jan'19

  SafeRide tackles connected vehicle security with machine learning

  SafeRide's vXRay technology aims to improve security for connected vehicles with unsupervised machine learning. Can it keep hackers out of the driver's seat?

• January 25, 2019 25 Jan'19

  DNS hijack attacks lead to government directive from DHS

  Following a string of DNS hijack attacks around the globe, the Department of Homeland Security has directed federal agencies to harden defenses against DNS tampering.

• January 23, 2019 23 Jan'19

  Google GDPR fine of $57 million sets record

  The Google GDPR fine of $57 million marks the first time a major tech company has been penalized under Europe's new privacy regulations. But the fine is less than the maximum allowable penalty.

• January 23, 2019 23 Jan'19

  Top security initiatives for 2019 include MFA, end-user training

  TechTarget's IT Priorities survey revealed key security initiatives companies plan to implement in 2019. Experts weigh in on best practices to be adopted.

• January 22, 2019 22 Jan'19

  DNC lawsuit claims Russian hackers attacked again after midterms

  A Democratic National Committee lawsuit regarding Russian cyberattacks in the lead-up to the 2016 election now also claims Russia attacked DNC systems after the 2018 midterms.