Latest Posts

Fa42af438e58b799189dd26386f5870f

European Businesses Fear DDoS Extortion Attacks: Survey

July 07, 2016 Added by:Ionut Arghire

Cyber-extortion is becoming a booming business, at least for criminals who threaten companies with distributed denial of service (DDoS) attacks, a recent survey from DDoS protection company Corero reveals.

Comments  (0)

0133c663c244df033c2eeb2248dfee32

Fighting Alert Fatigue

July 06, 2016 Added by:Mike Paquette

By augmenting their efforts with behavioral analytics and machine learning, teams can be sure they reduce alert noise and fatigue while quickly identifying and addressing the issues that actually matter before they hurt their customers or the bottom line.

Comments  (0)

Fa42af438e58b799189dd26386f5870f

Spyware Targets Office, Mail, and Accounting Applications

June 30, 2016 Added by:Ionut Arghire

A new spyware Trojan aimed at Russian users exclusively was recently observed targeting various accounting applications, as well as instant messaging, email, and Microsoft Office programs, in an attempt to exfiltrate sensitive data.

Comments  (0)

3149cfd3449309d3982042756d81a157

Why Passwords Are the New Exploits

June 28, 2016 Added by:Nick Bilogorskiy

In the age of stolen passwords, compromised credentials are the easiest way in, simpler than phishing, malware or exploits. “Password confirmation” tools are now readily available to find reused passwords matching any website.

Comments  (0)

D36d0936f0c839be7bf2b20d59eaa76d

What a Risk-Based Approach to Security Means for Your Business

June 20, 2016 Added by:Steve Durbin

Executives are familiar with the benefits of cyberspace and how the Internet, and today’s usage of connected devices, increases innovation, collaboration, efficiency, competitiveness and commitment to customers, but many struggle with assessing the risks versus the rewards.

Comments  (0)

F9efacae5ebece2f0f4a7ab9e3f8dbf2

Don't Let the Cure Become the Disease: Granular Control Is the Only Answer to Security Woes Caused By Encryption

June 20, 2016 Added by:Peter Martini

With the proper controls in place, organizations don’t have to fear encryption. Hackers can only succeed in exploiting encryption when organizations lack the right tools to fight back.

Comments  (0)

7d55c20d433dd60022642d3ab77b8efb

SAP Security Notes June 2016 - Review

June 15, 2016 Added by:Alexander Polyakov

SAP's monthly critical patch update for June 2016 closes 21 vulnerabilities in SAP products including 15 SAP Security Patch Day Notes and 6 Support Package Notes.

Comments  (0)

3ca92d8c88e202c2d9e483c539e0899b

Why Your Next Generation Firewall Cannot Prevent Next Generation Threats

June 15, 2016 Added by:Ajit Sancheti

Next generation firewalls had a good ten year run and are still good for the network perimeter. But when it comes to protecting the inside of the enterprise perimeter, they lack significant capabilities.

Comments  (0)

1fec6881fe864bc30369edb548ea22b1

Beyond Phishing: What You Need to Know About Whaling

June 13, 2016 Added by:Dan Lohrmann

Just when you thought you had seen it all regarding online phishing scams, along comes a new round of deceptive emails, phones calls, instant messages and even traditional printouts from your fax machine.

Comments  (0)

Fa42af438e58b799189dd26386f5870f

Android N Deprecating Crypto Provider and SHA1PRNG Algorithm

June 13, 2016 Added by:Ionut Arghire

The Android N operating system version will no longer use the Crypto provider and the SHA1PRNG algorithm, Google announced.

Comments  (0)

41d5440f596e714d7ca33eccabc5fcab

Microsoft Blocks Certain Passwords

June 10, 2016 Added by:Dean Wiech

The steps Microsoft is making are definitely a move in the right direction to protect users from potential social hacking with easily guessable passwords.

Comments  (0)

Ffc4103a877b409fd8d6da8f854f617e

Google Kills SSLv3, RC4 Support in Gmail IMAP/POP

June 07, 2016 Added by:InfosecIsland News

Google announced that Gmail IMAP/POP mail clients will no longer offer support for SSLv3 and RC4 connections after June 16, 2016.

Comments  (0)

Fa42af438e58b799189dd26386f5870f

BadBlock Ransomware Encrypts Windows System Files

June 06, 2016 Added by:Ionut Arghire

Dubbed BadBlock, a new ransomware doesn’t stop at encrypting the user’s photos, videos, and images, but does the same for Windows system files as well, which ultimately results in the computer being no longer usable.

Comments  (0)

3ca92d8c88e202c2d9e483c539e0899b

Why Is There a Shortage of Security Talent?

June 03, 2016 Added by:Ajit Sancheti

Embracing new technologies that help intelligently automate parts of security to provide overwhelmed security teams a hand is a start. But in the long run, bigger changes to security strategies will need to take place. Everyone in a company needs to be responsible for security, not just the CISO.

Comments  (0)

Fa42af438e58b799189dd26386f5870f

Backdoor Abuses TeamViewer to Load Malicious Library

May 30, 2016 Added by:Ionut Arghire

Dubbed BackDoor.TeamViewer.49, the new Trojan was discovered by Dr. Web and Yandex earlier this month being distributed via a fake Flash Player update. The bogus update package, however, turns out to be a different malicious application called Trojan.MulDrop6.39120, which acts as a dropper, Dr. Web researchers say.

Comments  (0)

Ffc4103a877b409fd8d6da8f854f617e

2016 SecurityWeek CISO Forum to Take Place on June 1-2 at Half Moon Bay

May 26, 2016 Added by:InfosecIsland News

SecurityWeek’s 2016 CISO Forum will take place on June 1-2, 2016 at the Ritz Carlton, Half Moon Bay.

Comments  (0)

B261bfcc99f93249e275ddd135ffec57

Avoiding Ransomware with Strong Endpoint Security

May 26, 2016 Added by:Dean Dyche

Ransomware attacks are growing in volume and sophistication. To best defend against ransomware, users must ensure that their machines remain up to date with the latest patches and security updates.

Comments  (0)

7a381426c4258d879207e4550cc28f12

Making the Most of User Entity Behavior Analytics: Expectations, Features and Best Practices

May 24, 2016 Added by:Brian Soldato

User Entity Behavior Analytics (UEBA) platforms are very promising. In the near future, expect to see user behavior analytics platforms integrate more directly with infrastructure and with automated response.

Comments  (0)

Ffc4103a877b409fd8d6da8f854f617e

“EITest” Exploit Kit Redirection Campaign Running Strong

May 22, 2016 Added by:InfosecIsland News

A long-lasting website infection campaign meant to redirect users to exploit kits (EKs) such as Angler and Neutrino continues to run strong roughly one year and a half after being originally discovered.

Comments  (0)

A2f01e8907594a5cc33b21086a702036

Baiting the Phishermen: When Companies Strike Back at Scammers (Do Not Try This at Home)

May 16, 2016 Added by:Steven Rogers

It is never too late to remind employees about phishing emails and where to route suspicious finds.

Comments  (0)