GitHub adds Python support for security alerts

GitHub has announced that its recently introduced feature for alerting developers about known vulnerabilities in software packages that their projects depend on will now also work for Python packages. About Security Alerts The security alerts service depends on the Dependency Graph, which is turned on by default for every public repository and can be set up for private repositories. “GitHub tracks public vulnerabilities in Ruby gems, NPM and Python packages on MITRE’s Common Vulnerabilities and … More

The post GitHub adds Python support for security alerts appeared first on Help Net Security.

Posted on 17 July 2018 | 12:39 pm

Tech giants, civil liberties coalition urges Congress to pass email privacy law

Right now, the government can read your six-month-old emails without a warrant.

Posted on 17 July 2018 | 11:14 am

How's Spear Phishing Different From Plain Old Phishing?

A common ploy is to pose as a technical professional who requests that the target install some malicious software (malware) that's disguised as a ...

Posted on 17 July 2018 | 11:00 am

World powers equip, train other countries for surveillance

Privacy International has released a report that looks at how powerful governments are financing, training and equipping countries with surveillance capabilities. Countries with powerful security agencies are spending literally billions to equip, finance, and train security and surveillance agencies around the world — including authoritarian regimes. This is resulting in entrenched authoritarianism, further facilitation of abuse against people, and diversion of resources from long-term development programmes. Global government surveillance Examples from the report include: In 2001, the US … More

The post World powers equip, train other countries for surveillance appeared first on Help Net Security.

Posted on 17 July 2018 | 10:55 am

RATs Bite Ukraine in Ongoing Espionage Campaign

An ongoing espionage campaign aimed at Ukraine is leveraging three different remote access Trojans (RATs), ESET security researchers warn.

read more

Posted on 17 July 2018 | 10:53 am

Back in Washington, Trump Under Pressure to Reverse Course on Russia

President Donald Trump found himself isolated and under pressure to reverse course Tuesday after publicly challenging the US intelligence conclusion that Russia meddled in the 2016 election during his face-to-face with Vladimir Putin.

read more

Posted on 17 July 2018 | 10:38 am

SoftwareONE launches Security for Microsoft 365

SoftwareONE announced that it has launched Security for Microsoft 365, a managed service that enhances the security of Microsoft 365 environments as well as manages and protects users, devices, applications and information from advanced security threats. In a mobile-first, cloud-first world, the attack surface has expanded past the traditional IT perimeter and enterprises need to manage identities, protect devices, govern and manage Shadow IT, and make sure sensitive information is safeguarded. Security for Microsoft 365 … More

The post SoftwareONE launches Security for Microsoft 365 appeared first on Help Net Security.

Posted on 17 July 2018 | 10:31 am

Many infosec professionals reuse passwords across multiple accounts

Lastline announced the results of a survey conducted at Infosecurity Europe 2018, which suggests that 45 percent of infosec professionals reuse passwords across multiple user accounts – a basic piece of online hygiene that the infosec community has been attempting to educate the general public about for the best part of a decade. The research also suggested that 20 percent of security professionals surveyed had used unprotected public WiFi in the past, and 47 percent … More

The post Many infosec professionals reuse passwords across multiple accounts appeared first on Help Net Security.

Posted on 17 July 2018 | 10:09 am

McAfee MVISION Portfolio as a SaaS-delivered workspace

McAfee announced McAfee MVISION, a portfolio featuring McAfee innovations designed to give customers a defense system that manages their security products based on their needs as they continue to move to device operating systems and to the cloud. MVISION strengthens the device as a control point in security architectures by delivering simplified management, stronger Windows security, behavior analytics, and threat defense for Android and iOS devices. With its single integrated management workspace, MVISION empowers enterprise … More

The post McAfee MVISION Portfolio as a SaaS-delivered workspace appeared first on Help Net Security.

Posted on 17 July 2018 | 9:57 am

Nigerian Stock Exchange Sets To Host 6th Nigerian Capital Market Information Security Forum

The Nigerian Stock Exchange (“NSE” or “The Exchange) is pleased to announce that the 6th edition of its bi-annual Nigerian Capital Market ...

Posted on 17 July 2018 | 9:52 am

Is It Safe To Share The Password To Your Bank Account With An App?

Online security experts have strong thoughts about the wisdom of giving out your personal security information to third parties. It's a game of “who do ...

Posted on 17 July 2018 | 9:52 am

LuminosityLink RAT author pleads guilty

Federal prosecutors accused 21-year-old Colton Ray Grubbs of Stanford, Ky. of conspiring with others to market and distribute the malware for $40 as ...

Posted on 17 July 2018 | 9:52 am

Nearly Half of Security Pros Reuse Passwords

One of the biggest no-no's in password best practices: using the same password across multiple online accounts. But some 45% of information ...

Posted on 17 July 2018 | 9:41 am

McAfee Announces New Mvision Enterprise Cyber-Security Technology

McAfee is refreshing its enterprise cyber-security portfolio with a new vision and lineup of products, announced on July 17. The McAfee Mvision ...

Posted on 17 July 2018 | 9:41 am

Luminosity RAT author pleads guilty to creating & selling hacking tool

However, it turned out to be a dangerous remote access Trojan, which could easily disable anti-malware and anti-virus programs installed on a ...

Posted on 17 July 2018 | 9:41 am

Susquehanna International Group Llp Lifted By $5.07 Million Its Canadian Pac Ry LTD (Call) (CP ...

... 20/04/2018 – Check Point Software Closes Below 50-Day Moving Average; 12/03/2018 – February's Most Wanted Malware: Cryptomining Malware ...

Posted on 17 July 2018 | 9:40 am

Malware Creator Admits to Building and Selling LuminosityLink RAT

A Kentucky man admitted in a U.S. court to developing and distributing the remote access Trojan known as LuminosityLink.

read more

Posted on 17 July 2018 | 9:34 am

'Blackgear' Cyberspies Resurface With New Tools, Techniques

The hackers behind a cyberespionage campaign known as Blackgear are back with improved malware that abuses social media websites, including Facebook, for command and control (C&C) communications.

read more

Posted on 17 July 2018 | 9:22 am

Having a vision to tackle the hackers

In February this year, the World Broadcasting Unions organisation released its WBU Cyber Security Recommendations for Media Vendors' Systems, ...

Posted on 17 July 2018 | 8:56 am

How to Keep Your Employees from Being a Security Risk

Cybersecurity is important. Obviously. Given all the prominent hacks of late, good cyber-hygiene should be top-of-mind in every company across the ...

Posted on 17 July 2018 | 8:45 am

The start of a bright future with the Georgia Cyber Center

Samantha Williams: The Georgia Cyber Center will provide the increasing need for ... Samantha Williams: Now, level four is where all the high security ...

Posted on 17 July 2018 | 8:45 am

How Cloud Migration Impacts Network Infrastructure

How Cloud Migration Impacts Network Infrastructure ... the enterprise's ability to deliver on-demand capacity, while ensuring data integrity, security, ...

Posted on 17 July 2018 | 8:33 am

KnowBe4 Analysis: Lack of Security Awareness Training Allowed Russians to Hack American ...

Kevin Mitnick, internationally recognized computer security expert and KnowBe4's Chief Hacking Officer, helped design KnowBe4's training based on ...

Posted on 17 July 2018 | 8:22 am

Government, Finance Will See Increased Attacks

According to the report, individuals were the primary victims of malware, which was used in five out of six attacks, often in combination with social ...

Posted on 17 July 2018 | 8:22 am

Downward Trend in Healthcare Ransomware Attacks May be Temporary

Confirming a trend noted by other researchers, a new report from network security firm Cryptonite notes that ransomware incidents have declined over the last six months.

read more

Posted on 17 July 2018 | 8:13 am

Codebook

... with the U.S. Its only active threat is in cyber and information operations. ... Trump backed Putin's disavowals of any kind of hacking campaign in the ...

Posted on 17 July 2018 | 8:11 am

Decade of research shows little improvement in websites' password guidance

The study, published in Computer Fraud and Security, examined the password practices of Google, Facebook, Wikipedia, Reddit, Yahoo, Amazon, ...

Posted on 17 July 2018 | 8:00 am

Charitable Hackers Collaborate in Deep Web Forums

Through Multiple Methods and Collaborations, Many Hackers Donate Money to Good Causes

read more

Posted on 17 July 2018 | 7:51 am

Irish Silk Road Suspect Extradited to US: Prosecutors

A 30-year-old Irish man accused of working for now defunct "dark web" marketplace Silk Road has been extradited to the United States to face charges in New York, four years after his arrest, prosecutors announced Friday.

read more

Posted on 17 July 2018 | 7:47 am

BTC-e Operator, Accused of Laundering $4 Billion, to be Extradited to France

In a legal extradition tug-of-war between the United States and Russia, it seems France has won the game, surprisingly. A Greek court has ruled to extradite the Russian cybercrime suspect and the former operator of now-defunct BTC-e crypto exchange to France, instead of the United States or to his native Russia, according to multiple Russian news outlets. Alexander Vinnik, 38, has been

Posted on 17 July 2018 | 7:43 am

Hide 'N Seek: what can we learn from an evolving botnet

IoT botnets share their history with Linux malware. Most of the vulnerable IoT devices run a stripped version of Linux, the same operating system that is ...

Posted on 17 July 2018 | 7:26 am

Security Instrumentation Firm Verodin Raises $21 Million

Verodin, a Virginia-based company that helps organizations assess the effectiveness of their cybersecurity controls, on Tuesday announced that it has raised $21 million in a Series B funding round.

read more

Posted on 17 July 2018 | 7:22 am

Data security is everybody's business

Partner at Werksmans Attorneys Ahmore Burger-Smidt, gives advice on how to protect your company's data and which process to follow when hit by a ...

Posted on 17 July 2018 | 7:15 am

Why cybersecurity incidents are up 32% from last year

The greatest increase was the use of malware in attacks, up 75% since Q1 last year. In fact, the report found that malware was used in 63% of all ...

Posted on 17 July 2018 | 6:52 am

McAfee ePolicy Orchestrator now available on AWS

McAfee announced the availability of McAfee ePolicy Orchestrator (ePO) on AWS. This AWS deployment option provides organizations time to focus on security concerns by eliminating the hardware, networking and database maintenance tasks associated with private, server-based solutions. With infrastructure as a service, customers will experience the benefits of a shared responsibility model with AWS and still have complete control over the data and deployment configurations. “With such a simple and fast deployment, we are removing … More

The post McAfee ePolicy Orchestrator now available on AWS appeared first on Help Net Security.

Posted on 17 July 2018 | 6:33 am

ClearDATA launches healthcare compliant cloud offering on Microsoft Azure

ClearDATA has launched a healthcare compliant offering for Microsoft Azure. The offering helps healthcare organizations operating on Azure to innovate and scale while maintaining compliance with changing laws and regulations affecting privacy and data collection of protected health information (PHI). As a result of ClearDATA’s healthcare offering, including Automated Safeguards and a Compliance Dashboard, healthcare organizations – including payers and providers – have another option for native access to Azure without running the risk of … More

The post ClearDATA launches healthcare compliant cloud offering on Microsoft Azure appeared first on Help Net Security.

Posted on 17 July 2018 | 6:30 am

Increasing Healthcare Cloud Security with Bring-Your-Own-Key

The tool gives organizations more precise control over their cloud security as more healthcare data is being stored and accessed via the cloud.

Posted on 17 July 2018 | 6:30 am

Optiv Security launches Privileged Access Managed Service

Optiv Security announced its Privileged Access Managed Service. A remotely delivered, managed offering, this service is designed to help public and private entities protect privileged credentials, the link in the security chain and the source of a number of breaches. Optiv’s Privileged Access Managed service includes: management of availability and performance optimization, release management, administration, and reporting. These capabilities combine with Optiv’s consulting services – as well the company’s technology resale, implementation and integration services … More

The post Optiv Security launches Privileged Access Managed Service appeared first on Help Net Security.

Posted on 17 July 2018 | 6:24 am

Darktrace Cloud protects cloud computing models and SaaS applications

Darktrace has announced that Darktrace Cloud can protect cloud computing models, applications, and devices with its cyber AI technology. The announced capability comes in response to demand for Darktrace Cloud and the adoption of cloud architectures, such as edge computing and IoT data stored in the cloud. Over 500 Darktrace customers use Darktrace Cloud to defend cloud environments and SaaS applications including Addivant, Innovating Capital, TruWest Credit Union, and City of Las Vegas. “With Darktrace … More

The post Darktrace Cloud protects cloud computing models and SaaS applications appeared first on Help Net Security.

Posted on 17 July 2018 | 6:21 am

LabCorp's Network Security Breach May Have Exposed PHI of Millions

LabCorp's Network Security Breach May Have Exposed PHI of Millions ... is now facing a network security breach that forced the North Carolina-based ...

Posted on 17 July 2018 | 6:18 am

LabCorp's Network Security Breach May Have Exposed PHI of Millions

LabCorp's Network Security Breach May Have Exposed PHI of Millions ... is now facing a network security breach that forced the North Carolina-based ...

Posted on 17 July 2018 | 6:18 am

21-Year-Old Woman Charged With Hacking Selena Gomez's Email Account

A 21-year-old New Jersey woman has been charged with hacking into the email accounts of pop star and actress Selena Gomez, stealing her personal photos, and then leaked them to the Internet. Susan Atrach of Ridgefield Park was charged Thursday with 11 felony counts—five counts of identity theft, five counts of accessing and using computer data to commit fraud or illegally obtain money,

Posted on 17 July 2018 | 6:18 am

A deep dive down the Vermin RAThole

NET malware in these campaigns: Quasar RAT, Sobaken RAT, and a custom-made RAT called Vermin. All three malware strains have been in active ...

Posted on 17 July 2018 | 6:07 am

Symantec Launches Email Threat Isolation Solution

Symantec on Tuesday unveiled a new solution designed to help protect enterprises against email-based attacks using threat isolation.

According to the security firm, the new Email Threat Isolation technology can block advanced email attacks, including spear phishing, credential theft and account takeover attempts, and ransomware.

read more

Posted on 17 July 2018 | 6:03 am

Flowmon Networks to Bring Predictability and Security to US Datacenters via Advanced Network ...

This information is crucial to ensure fast and effective troubleshooting, enhancing network security, monitoring of users and services, network capacity ...

Posted on 17 July 2018 | 5:56 am

CloudLinux's Imunify360 Proactive Defense™ Preemptively Protects Linux Web Servers Against ...

Proactive Defense continuously analyses running scripts and recognizes dangerous behaviors in them in real time. It prevents malware, both new and ...

Posted on 17 July 2018 | 5:56 am

CloudLinux's Imunify360 Proactive Defense™ Preemptively Protects Linux Web Servers Against ...

The Proactive Defense feature delivers a significant improvement in anti-malware effectiveness and is the first solution of its kind for Linux web servers ...

Posted on 17 July 2018 | 5:56 am

Consumers Own Their Data, Not the Industry, Says TRAI

As the Justice BN Srikrishna Committee is also set to table the draft of the Data Protection Bill, the Telecom Regulatory of India (TRAI) is of the opinion ...

Posted on 17 July 2018 | 5:56 am

Sophos Intercept X for Server Blocks Cyber Attackers from Hitting the Business Bullseye

SophosLabs research indicates that 75 percent of malware found in an organization is unique to that organization, indicating the majority of malware ...

Posted on 17 July 2018 | 5:56 am

Change Healthcare Gives Payers and Providers the Keys to Cloud Security

"Hospitals, payers, and providers are under constant attack from a global network of cybercriminals using advanced and evasive techniques to ...

Posted on 17 July 2018 | 5:56 am

The Cybersecurity 202: Russia hacking tactics exposed in special counsel Mueller indictment still a ...

But experts say they're as big a threat now as they were two years ago. Russian agents are likely to continue using the same simple techniques such ...

Posted on 17 July 2018 | 5:33 am

Crypto-Mining Malware Has Increased 50% Since Last Year

A new report from Check Point suggests that the number of companies who have fallen victim to malware which focuses on crypto-mining has double ...

Posted on 17 July 2018 | 5:22 am

Crypto-Mining Malware Has Increased 50% Since Last Year

A new report from Check Point suggests that the number of companies who have fallen victim to malware which focuses on crypto-mining has double ...

Posted on 17 July 2018 | 5:22 am

Security Researchers Discover Malware Targeting Samsung Service Centers

Two security research companies have released reports that detail a malware campaign and exploit chain meant for Samsung service centers.

Posted on 17 July 2018 | 5:22 am

Rain Capital: Venture fund seeks to back cybersecurity companies led by women and minorities

A new venture fund that will focus on providing capital, strategy, critical resources and unique insights to early-stage cybersecurity companies in Silicon Valley has been officially launched last month. Headed by security technologist Dr. Chenxi Wang and with Amena Zhang, a VC with a strong track record of funding successful startups in Asia, as operating partner, Rain Capital has one other goal in mind: to boost funding to companies led by women and minorities. “Two … More

The post Rain Capital: Venture fund seeks to back cybersecurity companies led by women and minorities appeared first on Help Net Security.

Posted on 17 July 2018 | 5:15 am

CyberMDX Raises $10 Million Series A to Expand Medical Cybersecurity to Hospitals Worldwide

“The expedited growth of connected medical devices poses exceptional challenges for hospital network security. Connected devices have become an ...

Posted on 17 July 2018 | 5:11 am

An insider's look into the dark web

Chester Wisniewski's job at Sophos is unlike that of his colleagues in the cyber security company's product teams. Instead of spending extended ...

Posted on 17 July 2018 | 5:11 am

Decentralization Helps Us Reimagine Employee Workstation Access

Going further, most devices have hardware-backed security areas isolated from the main operating system where sensitive information can be stored ...

Posted on 17 July 2018 | 5:11 am

An insider's look into the dark web

Chester Wisniewski's job at Sophos is unlike that of his colleagues in the cyber security company's product teams. Instead of spending extended ...

Posted on 17 July 2018 | 5:11 am

Metropolitan School District of Wayne Township Combats Ransomware with SecurityIQ

Pairing SecurityIQ with the district's personalized learning techniques and an internally-developed network of trained security champions, MSD Wayne ...

Posted on 17 July 2018 | 5:11 am

Bridge by Instructure Partners with Enterprise Risk Management, Inc. (ERM) to Deliver Information ...

MIAMI--(BUSINESS WIRE)--Enterprise Risk Management, Inc. (ERM), a leading Information Security & Training company, today announced an ...

Posted on 17 July 2018 | 5:10 am

Global IT Services Provider Quantum Business Advisory Partners with BIO-key to Support Growing ...

QB Advisory focuses on IT infrastructure, software, and information security and support services across multiple industry verticals. The company's ...

Posted on 17 July 2018 | 5:00 am

Cryptojacking: Has cryptocurrency-mining malware already reached its peak?

Cryptojacking malware is already losing its appeal to cyber criminals as some users of the illicit cryptocurrency-mining software begin to realise that it ...

Posted on 17 July 2018 | 5:00 am

Balbix Named Four-Time Winner in 2018 Network Products Guide Awards

SAN JOSE, Calif., July 17, 2018 (GLOBE NEWSWIRE) -- Balbix Inc., provider of the security industry's first system built for avoiding breaches, ...

Posted on 17 July 2018 | 5:00 am

Cryptominers plateau while backdoors shoot up

“Since this malware uses exploit technology, a system or network may become infected with little or no interaction from users,” the report said.

Posted on 17 July 2018 | 5:00 am

It's cool: The special Trump-Kim summit USB fans don't contain any malware

They took the fan apart and found no malware. That lines up with what Sergei Skorobogatov, a University of Cambridge security researcher, ...

Posted on 17 July 2018 | 5:00 am

Remove TaRoNiS Ransomware – Restore .TaRoNiS Files

TaRoNiS on your computer system and demands a ransom to be paid to allegedly ... This is a Security Bloggers Network syndicated blog from How to, ...

Posted on 17 July 2018 | 4:48 am

Move Over, Ransomware: Why Cybercriminals Are Shifting Their Focus to Cryptojacking

As a result, these new coins can be mined with general-purpose computers — triggering the rapid growth of mining malware across the globe.

Posted on 17 July 2018 | 4:37 am

Types of IoT threats to enterprises

Unlike regular computers and mobile devices, IoT devices don't have much virus or malware protection, so it is easy to spread malware through IoT ...

Posted on 17 July 2018 | 4:37 am

Passwords Rendered Obsolete by New Security Technology

In a recent survey 1 of 2,000 adults, FICO, a data analytics company, ... with deep roots in the U.S. intelligence community and information security.

Posted on 17 July 2018 | 4:26 am

At Summit, Trump Refuses to Confront Putin on Vote Row

President Donald Trump refused to confront Vladimir Putin over meddling in the US election at their first face to face summit, publicly challenging the findings of the US intelligence community and triggering bipartisan outrage at home.

read more

Posted on 17 July 2018 | 4:07 am

Information Security Consulting Market Segmentation Application, Technology and Market Analysis ...

With this Information Security Consulting market report, all the participants and the vendors will be in aware of the growth factors, shortcomings, threats ...

Posted on 17 July 2018 | 4:03 am

Cyber Re:coded – a new cyber security recruitment event

The Cyber Security Challenge UK has announced a new cyber security recruitment fair – Cyber Re:coded. The recruitment fair is being touted as ...

Posted on 17 July 2018 | 4:03 am

Softworld, Inc. Announces Launch of Pelta Cyber Security

Led by a team of Fortune 50 security industry experts, Pelta Cyber Security provides consultative and security monitoring services for commercial ...

Posted on 17 July 2018 | 4:03 am

North Korean Hackers Launch New ActiveX Attacks

Watering Hole Attacks Target South Korean Users With ActiveX Exploits

read more

Posted on 17 July 2018 | 3:53 am

Alert Logic Transforms Container Security with Industry's First Network Intrusion Detection for ...

NEW YORK--(BUSINESS WIRE)--Alert Logic, the leading provider of Security-as-a-Service solutions, today announced at the AWS Summit, New York, ...

Posted on 17 July 2018 | 3:52 am

5 Inherent Risks of Cryptocurrency

Each node (a computer connected to the network) gets a copy of the blockchain, ... Investors must rely upon the strength of their own computer security ...

Posted on 17 July 2018 | 3:52 am

Compliance-Focused Cybersecurity Firm A-LIGN Raises $54.5 Million

A-LIGN, a provider of cybersecurity and compliance solutions, announced this week that it has raised $54.5 million from growth equity firm FTV Capital. 

read more

Posted on 17 July 2018 | 3:43 am

A third of organisations do not have a security expert, survey shows

Just over a third (35%) of global organisations do not have a cyber security expert in-house despite almost all (95%) CIOs expecting cyber security ...

Posted on 17 July 2018 | 3:41 am

US lawmakers urge Google, Facebook to resist Vietnam cybersecurity law

HANOI (Reuters) - Seventeen U.S. lawmakers have urged the CEOs of Facebook and Google to resist changes stipulated by a new cybersecurity law ...

Posted on 17 July 2018 | 3:41 am

A third of organisations do not have a security expert, survey shows

Just over a third (35%) of global organisations do not have a cyber security expert in-house despite almost all (95%) CIOs expecting cyber security ...

Posted on 17 July 2018 | 3:41 am

If Your Weapons Aren't Cyber-Hardened, Expect to Lose Pentagon Contracts

“We have to develop a way that we evaluate people's capability in cyber security almost as a go, no-go versus it's a comparison between cost, ...

Posted on 17 July 2018 | 3:12 am

Cryptocurrency-Mining Malware Rapidly Increased from 2017, New Data Shows

The number of world organizations affected by cryptocurrency mining malware nearly tripled from the second half of last year to the first half of 2018, ...

Posted on 17 July 2018 | 3:07 am

How Google's Safe Browsing Helped Build a More Secure Web

But setting up such a massive vetting system at the scale of the web isn't easy. And Safe Browsing has always grappled with a core security ...

Posted on 17 July 2018 | 3:00 am

5 Things to know Tuesday: Cybersecurity for Maine voters, Amazon crashes, and more

MORE CYBER-SECURITY FOR MAINE VOTERS. Maine Secretary of State Matt Dunlap is asking for more than $3 million in federal funding to help ...

Posted on 17 July 2018 | 2:56 am

Bringing cybersecurity to the DNC

When Raffi Krikorian joined the Democratic National Committee (DNC) as chief technology officer, the party was still reeling from its devastating loss in ...

Posted on 17 July 2018 | 2:56 am

Bringing cybersecurity to the DNC

At the DNC, the cyberattack served as a wake-up call. “If you've been here for a while, you probably still have PTSD from 2016,” Krikorian said.

Posted on 17 July 2018 | 2:56 am

Cyber security workshops aim to protect small West Virginia businesses

“I'm very big on the education around cyber security,” said Chris May, ... In previous years, corporations were the main focus for cyber criminals.

Posted on 17 July 2018 | 2:56 am

Hacking campaign targets iPhones

Now new mobile malware campaign that is "gaining access to iPhones by tricking users to download an open-source mobile device management ...

Posted on 17 July 2018 | 2:56 am

21-Year-Old Creator of LuminosityLink Hacking Tool Pleads Guilty

As it was speculated that the author of LuminosityLink RAT was arrested last year, a plea agreement made available to the public today confirmed the news. Back in September last year, Europol’s European Cybercrime Centre (EC3) and National Crime Agency began the crackdown on the LuminosityLink RAT, targeting sellers and users of the malware, which resulted in the seizure of a considerable

Posted on 17 July 2018 | 2:51 am

Dark Web Security Tips

Often interchanged for one another, the dark web is not the deep web. The dark web comprises of the part of the internet which is “hidden” and can ...

Posted on 17 July 2018 | 2:22 am

Sound Off

They need to just go home and stop making such a fuss about it. ... Trump said Putin was “strong in his denial” of the cyber-attack and “I don't see why ...

Posted on 17 July 2018 | 2:12 am

The cybersecurity incident response team: the new vital business team

In an age where businesses falling victim to cyberattacks is a daily occurrence, it's essential that firms have proactive incident response teams that can ...

Posted on 17 July 2018 | 2:10 am

The cybersecurity incident response team: the new vital business team

In an age where businesses falling victim to cyberattacks is a daily occurrence, it's essential that firms have proactive incident response teams that can ...

Posted on 17 July 2018 | 2:10 am

Personal details of Movistar's customers exposed in Telefonica data breach

Telefonica, a large telecommunications provider, has suffered a data breach, exposing the personal and financial information for millions of Spanish ...

Posted on 17 July 2018 | 2:00 am

Stolen Code-Signing Certificate Used in Malware Attack

Stolen Code-Signing Certificate Used in Malware Attack ... Chief cybersecurity officer at Venafi, Kevin Bocek told Computer Business Review: “If you ...

Posted on 17 July 2018 | 1:59 am

Editorial: States must do more to secure election systems

... to verify results, one that presents a far-lower risk from the threat of hackers. The ballots themselves are carefully guarded by county election offices.

Posted on 17 July 2018 | 1:37 am

Editorial: States must do more to secure election systems

The security efforts extend to the state voter registration database and its election information system. And the upgrades continue. As part of the federal ...

Posted on 17 July 2018 | 1:37 am

Protecting a Mobile Workforce with Hybrid DNS Security

If true, this prediction is likely to cause a few sleepless nights for the teams traditionally responsible for managing network security on-premise.

Posted on 17 July 2018 | 1:26 am

Samsung Service Centers in Italy Targeted in Malware Campaign

The entire malware delivery system and exploit chain is described in a detailed report published by Italian cyber-security firm TG Soft and is near ...

Posted on 17 July 2018 | 1:03 am

Thousands of patient records held for ransom in Ontario home care data breach, attackers claim

The detailed medical histories and contact information of possibly tens of thousands of home-care patients in Ontario are allegedly being held for ...

Posted on 17 July 2018 | 12:52 am

Rain Capital: Venture fund seeks to back cybersecurity companies led by women and minorities

A new venture fund that will focus on providing capital, strategy, critical resources and unique insights to early-stage cybersecurity companies in ...

Posted on 17 July 2018 | 12:41 am

Cyber Security Briefing: $10 airport security system access!

They say that flying is safer than travelling by road – but you may want to review that following recent research by McAfee. The firm's security ...

Posted on 17 July 2018 | 12:41 am

Fake phone mast threat to big business

Recent research from American mobile security firm Lookout counted 22 phone-hacking efforts in the first five months of 2018 – all of which appeared ...

Posted on 17 July 2018 | 12:07 am

Data exposed during cyberattack at Algonquin College

Algonquin College is warning the personal data of some students, staff and alumni may have been exposed during a cyberattack this Spring. But in a ...

Posted on 16 July 2018 | 11:45 pm

Algonquin College reporting data breach

OTTAWA — Algonquin College in eastern Ontario says it is advising students and alumni that hackers have infiltrated a server infected with malware.

Posted on 16 July 2018 | 11:11 pm

Cybersecurity Job Seekers: Go West (or South)

Job seekers looking to get into the cybersecurity field: Now is the time. Talented cybersecurity candidates are in such high demand that hiring ...

Posted on 16 July 2018 | 11:00 pm

Why Australian business can't afford cyberthreat inertia

Family Planning NSW was recently hit with a cyberattack which exposed and compromised the personal information of up to 8000 clients.

Posted on 16 July 2018 | 10:37 pm

US Intel Chief: Cyber Attack to US Infrastructure Possible

Dan Coats, Director of National Intelligence issued a warning that there were strong signs of a potential cyber-attack on vital U.S. infrastructure and ...

Posted on 16 July 2018 | 8:56 pm

Local election systems secure during increased hacking threat; Trump sides with Putin on election ...

Local election officials stressed that voting systems in the Twin Counties are safe and secure after the nation's top intelligence officer warned ...

Posted on 16 July 2018 | 8:45 pm

Local election systems secure during increased hacking threat; Trump sides with Putin on election ...

The state is well ahead in preventing cyber attacks, Columbia County Board of ... The U.S. needs to find an unbreakable “lock” to stop cyberattacks, ...

Posted on 16 July 2018 | 8:45 pm

Alert! One of the largest blood testing labs in the US hacked

They handle payment information - credit cards, Social Security numbers and insurance records - and, most worrying, they handle information about ...

Posted on 16 July 2018 | 8:36 pm

GameStop Reaches Deal In Class Action Over Data Breach

Law360 (July 16, 2018, 10:35 PM EDT) -- A putative class of consumers asked a Delaware federal judge Monday to approve a settlement that could ...

Posted on 16 July 2018 | 7:37 pm

Worst States For Cybersecurity

Your data is under constant attack from hackers. Unless you take steps to protect your personal and account information, you're at a high risk for ...

Posted on 16 July 2018 | 7:03 pm

LabCorp investigating breach, 'no evidence of misuse of data'

Burlington, NC, based LabCorp, the world's largest healthcare diagnostics company, confirms that it is investigating suspicious activity on its ...

Posted on 16 July 2018 | 6:41 pm

Yahoo Email Users Seek Class Cert. In Data Breach MDL

Law360 (July 16, 2018, 8:58 PM EDT) -- A putative class of Yahoo users sought certification Friday in multidistrict litigation over three data breaches ...

Posted on 16 July 2018 | 5:56 pm

Data breach threatens Bozeman utility customers

A data breach could've targeted thousands of Bozeman residents who paid utility bills through the city's Click2Gov system. The Click2Gov system is ...

Posted on 16 July 2018 | 5:56 pm

New California law requires voter data breach reporting

Journalists, researchers and political campaigns that receive voter data must tell California officials if it may have been stolen under a new law Gov.

Posted on 16 July 2018 | 5:41 pm

IMB data breach prompts 'comprehensive response'

RICHMOND, Va. (BP)—A data breach occurred at the International Mission Board that may have exposed personal information of current and former ...

Posted on 16 July 2018 | 5:33 pm

Internet privacy — how to protect your home and home office: NCET Biz Tips

NCET explores business and technology. Hacking. Data breaches. Phishing. Scams. It seems like every day we learn of another attack on our privacy ...

Posted on 16 July 2018 | 5:11 pm

Bitcoin, Malware and Luck: Behind the 2016 DNC Hack

Email Hacking: A Constant Threat to Political AspirationsMueller Charges 12 Russians for 2016 Election Hacking. Two days later, the Russian cyber ...

Posted on 16 July 2018 | 5:11 pm

Data breaches are here to stay

Data breaches will be a news staple for the foreseeable future with Dixon's Carphone admitting last month that millions of payment cards and personal ...

Posted on 16 July 2018 | 5:11 pm

Putin's Attack on the US Is Our Pearl Harbor

The attack happened without a declaration of war and without explicit .... The risk of a “crippling cyberattack on our critical infrastructure” by a foreign ...

Posted on 16 July 2018 | 5:00 pm

Pennsylvania Department of Health System Taken Offline Following Security Incident

Pennsylvania's Department of Health took its vital records system offline for six days late last month, after unauthorized cosmetic changes were made ...

Posted on 16 July 2018 | 4:48 pm

Will Russia hacking indictment have any impact on future campaigns?

The indictment into the alleged hacking of Democratic National Committee servers by Russian Military officers falls short of proving Russia had any ...

Posted on 16 July 2018 | 4:37 pm

New California Law Requires Voter Data Breach Reporting

Journalists, researchers and political campaigns that receive voter data must tell California officials if it may have been stolen in a data breach under a ...

Posted on 16 July 2018 | 4:21 pm

Senators dispute Trump's assessment of election hacking

A bipartisan pair of prominent U.S. senators objected to President Donald Trump's ambiguity on the extent of Russian interference in the 2016 election ...

Posted on 16 July 2018 | 4:15 pm

New California law requires voter data breach reporting

SACRAMENTO, Calif. (AP) — A new law requires journalists, researchers and political campaigns that receive voter data to tell California officials if it ...

Posted on 16 July 2018 | 4:03 pm

Trump-Putin meeting rekindles ridiculed cyber plan

It also renewed some people's worries that Trump might appease the ... “The fact that President Putin and I discussed a Cyber Security unit doesn't ...

Posted on 16 July 2018 | 4:02 pm

Cyber criminal interest in electrical utilities on the rise

A 2010 cyber attack, dubbed Stuxnet, raised alarm bells among computer security and risk professionals about the vulnerability of SCADA systems to ...

Posted on 16 July 2018 | 3:41 pm

We've had a data breach… let's not tell anyone

It's a basic question in the face of a data breach: do we fix it and keep quiet? Or do we tell the world and risk the consequences. A major fuel company ...

Posted on 16 July 2018 | 3:41 pm

Augusta continues to see economic growth from cybersecurity and IT-related positions

AUGUSTA, Ga. ((WRDW/WAGT))-- Augusta University research shows cybersecurity and IT-related jobs have contributed almost one billion dollars to ...

Posted on 16 July 2018 | 3:18 pm

Delaney, Harris Propose Bipartisan Bill To Prevent Foreign Ownership Of Election Vendors

The integrity and security of our elections transcends partisanship and I thank Congressman Harris for working with me on this important legislation.”.

Posted on 16 July 2018 | 3:18 pm

Augusta continues to see economic growth from cybersecurity and IT-related positions

AUGUSTA, Ga. ((WRDW/WAGT))-- Augusta University research shows cybersecurity and IT-related jobs have contributed almost one billion dollars to ...

Posted on 16 July 2018 | 3:18 pm

Rubio, Warner Stress Election Security After Trump-Putin Summit

"[Director of National Intelligence] Dan Coats came to me and others and said I think it's Russia. I have President Putin. He said it's not Russia.

Posted on 16 July 2018 | 3:07 pm

Connected Vehicles Raise Cybersecurity Concerns

Connecting vehicles to the Internet is no longer a far-fetched, futuristic idea. ... Connected vehicles have four main cybersecurity risks for drivers:.

Posted on 16 July 2018 | 3:07 pm

Donald Trump is not delusional

For example, despite what aides are selling, we know Trump knows what a “cyberattack” is. He's proven he gets that it is not the same as “collusion.”.

Posted on 16 July 2018 | 3:02 pm

The Pentagon is gearing up to red team industry cybersecurity

FARNBOROUGH, England – The Pentagon is considering a process that will alow the Department of Defense to challenge the cyber security of its ...

Posted on 16 July 2018 | 2:56 pm

Putin proposes a joint cybersecurity group with the US to investigate Russian election meddling

Nonetheless, the Russian president revived talks of a joint group between the U.S. and Russia dedicated to cybersecurity matters. For anyone with the ...

Posted on 16 July 2018 | 2:56 pm

The Pentagon is gearing up to red team industry cybersecurity

FARNBOROUGH, England – The Pentagon is considering a process that will alow the Department of Defense to challenge the cyber security of its ...

Posted on 16 July 2018 | 2:56 pm

Putin proposes a joint cybersecurity group with the US to investigate Russian election meddling

Nonetheless, the Russian president revived talks of a joint group between the U.S. and Russia dedicated to cybersecurity matters. For anyone with the ...

Posted on 16 July 2018 | 2:56 pm

Telefonica breach leaves data on millions exposed

Hackers exploited a flaw at Spanish operator Telefonica early Monday and likely exposed all the personal data of millions of the company's customers.

Posted on 16 July 2018 | 2:45 pm

GameStop Agrees to Settle Data Breach Class Action

GameStop Corp. has reached a settlement agreement in a class action lawsuit from customers whose personal information was compromised in a ...

Posted on 16 July 2018 | 2:45 pm

Female Network Will Deter Cybersecurity Threats

Without women to pave the way for other women, the cybersecurity industry will continue to suffer from a limited talent pool. Women are less likely to ...

Posted on 16 July 2018 | 2:33 pm

Emsisoft Anti-Malware offers 4-layered protection to Windows

... new threats every day, and advanced malware removal capabilities. Today we take a look at the features that this antivirus software brings to you.

Posted on 16 July 2018 | 2:33 pm

Female Network Will Deter Cybersecurity Threats

Without women to pave the way for other women, the cybersecurity industry will continue to suffer from a limited talent pool. Women are less likely to ...

Posted on 16 July 2018 | 2:33 pm

Trump's refusal to call out Russian hacking provokes swift, sharp backlash

President Donald Trump drew sharp criticism Monday from former intelligence officials and lawmakers after refusing to acknowledge or condemn ...

Posted on 16 July 2018 | 2:11 pm

President under fire from Connecticut senators for alleged lack of action against Russia

Spent a great deal of time talking about it, and President Putin may very ... The indictment claims that the cyber-attacks continued until about a month ...

Posted on 16 July 2018 | 2:08 pm

Cybersecurity experts worry about Census data

With approaches to election security still up in the air, a group of former cybersecurity officials are concerned about the cybersecurity of another ...

Posted on 16 July 2018 | 2:00 pm

Cybersecurity experts worry about Census data

With approaches to election security still up in the air, a group of former cybersecurity officials are concerned about the cybersecurity of another ...

Posted on 16 July 2018 | 2:00 pm

VPNFilter Attack Hits Chlorine Plant in Ukraine

What's clear is that the cyberattack involved VPNFilter, a sophisticated modular malware program that infects routers and which the SBU attributes to ...

Posted on 16 July 2018 | 1:48 pm

Trump believes Putin's election hacking denial

Helsinki — US President Donald Trump emerged from a meeting with Vladimir Putin on Monday saying he saw no reason to believe Russia had ...

Posted on 16 July 2018 | 1:48 pm

Less Than Half of Cyberattacks Detected via Antivirus: SANS

Traditional tools are no longer sufficient to detect cyberattacks, the data shows: Antivirus systems only detected endpoint compromise 47% of the time; ...

Posted on 16 July 2018 | 1:48 pm

Mentioning trade secrets in a 10-K heightens cyberattack risk

Companies that refer to trade secrets in their Form 10-K annual reports are at greater risk of cyberattacks from criminals who are intent on uncovering ...

Posted on 16 July 2018 | 1:47 pm

Trump second-guessed DNI Coats on cybersecurity before sit-down with Putin

Even before his one-on-one with Russian President Vladimir Putin, President Donald Trump expressed skepticism of Director of National Intelligence ...

Posted on 16 July 2018 | 1:44 pm

Trump second-guessed DNI Coats on cybersecurity before sit-down with Putin

Even before his one-on-one with Russian President Vladimir Putin, President Donald Trump expressed skepticism of Director of National Intelligence ...

Posted on 16 July 2018 | 1:44 pm

Thousands of Mega logins dumped online, exposing user files

Exclusive: Email addresses, passwords, and lists of file names were exposed.

Posted on 16 July 2018 | 1:39 pm

SoftwareONE Launches Security for Microsoft 365

Shadow IT Security Assessment – Discover Shadow IT across the organization and provide insights on usage and security posture.Rapid Cyberattack ...

Posted on 16 July 2018 | 1:37 pm

Russian hackers used US online infrastructure against itself

WASHINGTON (AP) — Exactly seven months before the 2016 presidential election, Russian government hackers made it onto a Democratic ...

Posted on 16 July 2018 | 1:37 pm

What Do You Do Now, US National Security Leaders?

“For the President of the United States to stand next to Vladimir Putin — who personally ordered one of the largest state-sponsored cyber-attacks in ...

Posted on 16 July 2018 | 1:35 pm

Russian hackers used US online infrastructure against itself

WASHINGTON — Exactly seven months before the 2016 presidential election, Russian government hackers made it onto a Democratic committee's ...

Posted on 16 July 2018 | 1:26 pm

CUNA's Noggle participates in cybersecurity panel

Representing CUNA at the event, hosted by Center Forward, was Lance Noggle, CUNA senior director advocacy for payments and cybersecurity.

Posted on 16 July 2018 | 1:26 pm

CUNA's Noggle participates in cybersecurity panel

Representing CUNA at the event, hosted by Center Forward, was Lance Noggle, CUNA senior director advocacy for payments and cybersecurity.

Posted on 16 July 2018 | 1:26 pm

FTC Issues Alert on Tech Support Scams

Original release date: July 16, 2018

The Federal Trade Commission has released an alert on tech support scams. Scammers use pop-up messages, websites, emails, and phone calls to entice users to pay for fraudulent tech support services to repair problems that don’t exist. Users should not pay or give control of their devices to any stranger offering to fix problems. 

NCCIC encourages users and administrators to refer to the FTC Alert and the NCCIC Tip on Avoiding Social Engineering and Phishing Attacks for more information. If you believe you are a victim of a tech support scam, file a complaint at www.FTC.gov/complaint.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 16 July 2018 | 1:24 pm

Campaign manager has emails exposed by 'IckyLeaks' in new video promoting cybersecurity

(CNN) A bipartisan pair of campaign veterans who want 2018 campaigns to take cybersecurity more seriously are releasing a new video depicting the ...

Posted on 16 July 2018 | 1:15 pm

Campaign manager has emails exposed by 'IckyLeaks' in new video promoting cybersecurity

(CNN) A bipartisan pair of campaign veterans who want 2018 campaigns to take cybersecurity more seriously are releasing a new video depicting the ...

Posted on 16 July 2018 | 1:15 pm

Trump-Putin meeting: VT delegation slams president over denial of Russia election hacking

The meeting took place just days after the Justice Department indicted 12 Russian intelligence officers on charges of hacking into the Democratic ...

Posted on 16 July 2018 | 1:03 pm

'Disgraceful' and 'disgusting': How anchors reacted to Trump's denial of Russian hacking

After President Trump cast doubt on U.S. intelligence findings on Russia's 2016 election interference, network news anchors were flabbergasted, ...

Posted on 16 July 2018 | 1:03 pm

New sextortion scheme uses victims' real password for blackmailing

The primary purpose of this scam campaign is to convince users that the “hacking threat is real.” Krebs also highlighted the fact that within the past 72 ...

Posted on 16 July 2018 | 1:03 pm

Faso, Delgado concur indictment of 12 Russians for hacking is serious matter, not product of a 'with ...

U.S. Rep. John Faso and Democratic challenger Antonio Delgado agree the indictment of 12 Russian intelligence officers for hacking Democratic ...

Posted on 16 July 2018 | 1:03 pm

Lake County Clerk: No local results from 2016 election were hacked, but 'we're being vigilant'

Lake County's electronic voter records and the county's results in the 2016 general election were unaffected by apparent Russian hacking of the ...

Posted on 16 July 2018 | 12:52 pm

A Good, Hard Look at Cost Can Help Bolster Healthcare Cybersecurity Funding

It is impossible to separate cybersecurity efforts from dollars-and-cents concerns. Healthcare organizations have limited resources available for ...

Posted on 16 July 2018 | 12:41 pm

Former US officials call for transparency in cybersecurity of 2020 census

Nearly a dozen former U.S. officials who dealt with cybersecurity and intelligence are calling on the Census Bureau to open up about how it plans to ...

Posted on 16 July 2018 | 12:41 pm

Former US officials call for transparency in cybersecurity of 2020 census

Nearly a dozen former U.S. officials who dealt with cybersecurity and intelligence are calling on the Census Bureau to open up about how it plans to ...

Posted on 16 July 2018 | 12:41 pm

A Good, Hard Look at Cost Can Help Bolster Healthcare Cybersecurity Funding

It is impossible to separate cybersecurity efforts from dollars-and-cents concerns. Healthcare organizations have limited resources available for ...

Posted on 16 July 2018 | 12:41 pm

Twitter suspends Guccifer and DCLeaks after Mueller links them to Russian hacking operation

Mueller's investigation found that Guccifer 2.0 and DCLeaks were digital fronts created by the intelligence officers to launder hacked information.

Posted on 16 July 2018 | 12:18 pm

‘LuminosityLink RAT’ Author Pleads Guilty

A 21-year-old Kentucky man has pleaded guilty to authoring and distributing a popular hacking tool called "LuminosityLink," a malware strain that security experts say was used by thousands of customers to gain unauthorized access to tens of thousands of computers across 78 countries worldwide.

Posted on 16 July 2018 | 12:09 pm

Maine Secretary of State Looking To Beef Up Cybersecurity For Voter Registration System

The state hopes to use the funds to improve cybersecurity of the state's central voter registration system while training municipal election officials.

Posted on 16 July 2018 | 12:07 pm

Maine Secretary of State Looking To Beef Up Cybersecurity For Voter Registration System

The state hopes to use the funds to improve cybersecurity of the state's central voter registration system while training municipal election officials.

Posted on 16 July 2018 | 12:07 pm

The Dangers of Perceived Anonymity: Russian Hackers' Bitcoin Trail

The cryptocurrencies' potential to facilitate money laundering and financing illicit activities has long informed Bitcoin-insecure politicians' hawkish ...

Posted on 16 July 2018 | 11:56 am

The Dangers of Perceived Anonymity: Russian Hackers' Bitcoin Trail

The hacking of Democratic National Committee's and Hillary Clinton campaign's servers, as well as widely publicized leaks of sensitive information ...

Posted on 16 July 2018 | 11:56 am

New Jersey woman charged with hacking Selena Gomez's email

A 21-year-old woman has been charged with 11 felonies stemming from the hacking of the email of Selena Gomez and one of the Back To You ...

Posted on 16 July 2018 | 11:45 am

Pres. Trump: Putin made 'incredible offer' in Russian hacking case

Putin has long insisted that the Kremlin had nothing to do with the hacking, and Trump said the Russian leader repeated his denials during their ...

Posted on 16 July 2018 | 11:43 am

How Russian hackers stole information from Democrats, in 3 simple diagrams

The hack was described in FBI special counsel Robert Mueller's indictment against 12 Russian intelligence officers. The indictment describes how ...

Posted on 16 July 2018 | 11:33 am

Virginia Wells Fargo customers still in dark about fraudulent Amazon charges | Cybersecurity column

Wells Fargo customers who had fraudulent charges from Amazon Prime appear on their debit card accounts have filed complaints with state Attorney ...

Posted on 16 July 2018 | 11:33 am

This is how prioritization can save us from the shortage of cybersecurity professionals

A 2018 report from the Enterprise Strategy Group (ESG) found that 51 percent of respondents reported shortages of cybersecurity skills as an area of ...

Posted on 16 July 2018 | 11:33 am

We Knew Russian Hackers Infiltrated Americans' Inboxes. Now We Know How.

The 12 GRU members allegedly hacked the computer networks of the Democratic Congressional Campaign Committee (DCCC), the Democratic ...

Posted on 16 July 2018 | 11:11 am

CCBC prepares students to fill cybersecurity specialist job gap

So, when it comes to CCBC's cybersecurity associate degree program, the college has learned some of its best lessons participating in the National ...

Posted on 16 July 2018 | 11:11 am

Trump and Putin could be reigniting talks to create a cybersecurity task force, an idea experts shot ...

Putin said he and Trump could respond to election meddling "through a working group on cybersecurity." Experts slammed the idea when Trump first ...

Posted on 16 July 2018 | 11:11 am

Trump: Putin Made 'Incredible Offer' in Russian Hacking Case

Trump told reporters Monday that Putin said American investigators who have charged 12 Russian hackers with hacking the 2016 presidential ...

Posted on 16 July 2018 | 10:37 am

Kremlin hacking crew went on a 'Roman Holiday' – researchers

Researchers have claimed the infamous APT28 Kremlin-linked hacking group was behind a new cyber-espionage campaign they believe was ...

Posted on 16 July 2018 | 10:15 am

Putin kindly offers to help investigate Russian meddling in the US election

They were charged in connection with the hacking into the email server of the Democratic National Committee (DNC) and the publishing of hacked ...

Posted on 16 July 2018 | 10:10 am

Trump, at Putin's Side, Questions US Intelligence on 2016 Election

“I will say this: I don't see any reason why it would be” Russia that was responsible for the election hacking, Mr. Trump added. “I have great confidence ...

Posted on 16 July 2018 | 10:07 am

Global Mobile Antivirus Market Research Key Players, Industry Overview, Supply Chain and ...

The Mobile Antivirus Market Report Provides details about recent product innovations and gives an overview on potential regional market shares ...

Posted on 16 July 2018 | 10:03 am

L3 Buys Cybersecurity Shops

L3 Technologies is acquiring two cybersecurity companies to fill in capabilities that match the defense and aerospace services sector's new demands.

Posted on 16 July 2018 | 9:57 am

5 of the best antivirus software for small businesses

That's why we've carried out some research to find out the best small business antivirus software. The software we list have been reviewed well and ...

Posted on 16 July 2018 | 9:30 am

Malicious ESLint Packages Steal Software Registry Login Tokens

Following the compromise of an ESLint maintainer’s account last week, malicious packages that attempted to steal login tokens from the npm software registry were published without authorization.

read more

Posted on 16 July 2018 | 9:27 am

Tampa cybersecurity firm A-LIGN raises $54.4 million

TAMPA — Tampa-based cybersecurity company A-LIGN raised a $54.5 million investment from FTV Capital, the company announced Monday.

Posted on 16 July 2018 | 9:18 am

Researchers Stealthily Manipulate Road Navigation Systems

A team of researchers from Virginia Tech, the University of Electronic Science and Technology of China, and Microsoft Research has discovered a new and stealthy GPS spoofing method that has been proven to be highly effective against road navigation systems.

read more

Posted on 16 July 2018 | 9:18 am

Startup Cofounded by Ehud Barak Raises $12.5 Million for Cybersecurity

Startup cofounded by Ehud Barak raises $12.5 million for cybersecurity. Toka, a startup backed by former Prime Minister Ehud Barak, said Monday it ...

Posted on 16 July 2018 | 9:07 am

Salvini attacks EU, hails Putin and calls for cybersecurity cooperation with Russia

Italy's hardline interior minister has given his most enthusiastic backing yet for President Putin, with an attack on EU sanctions and a push for ...

Posted on 16 July 2018 | 9:07 am

EC holds cyber security meeting for Southern states

The need to protect data of the voters and importance of being computer literate was stressed at a cyber security convened by Election Commission ...

Posted on 16 July 2018 | 8:56 am

Russia Hacking Issue Makes Cybersecurity Stocks Look Like a Great Buy

"Cybersecurity firms have surged year to date (22% vs. 5% for the S&P 500 ) but the industry remains below 2015 highs (relative to the S&P 500)," ...

Posted on 16 July 2018 | 8:56 am

Global Antivirus Software Market 2018 — Trending Industry Research Report

Team Market desk Researched the latest report “Antivirus Software Market: Global Industry Analysis (2013 – 2023)” gives a point by point prospect on ...

Posted on 16 July 2018 | 8:11 am

Russia's National Vulnerability Database Slow, Incomplete

Russia’s national vulnerability database is slow, incomplete and it focuses on security flaws that could pose a threat to the country’s IT systems, according to an analysis conducted by threat intelligence firm Recorded Future.

read more

Posted on 16 July 2018 | 7:12 am

Proposed EU Cybersecurity Product Certification Scheme Has Global Effects

The European Union is active in passing cybersecurity legislation ostensibly for the European Union but with worldwide ramifications.

read more

Posted on 16 July 2018 | 7:12 am

Russia Targeted by Almost 25 Million Cyber-Attacks During World Cup: Putin

Russia was the target of almost 25 million cyber-attacks during the World Cup, President Vladimir Putin said, though he did not indicate who may have been behind the attacks.

read more

Posted on 16 July 2018 | 6:53 am

Student's code could've stopped the Equifax hack

Polyscripting makes it impossible for hackers to take advantage of computer ... A hacker uses code injection to exploit vulnerabilities in programming ...

Posted on 16 July 2018 | 5:00 am

Global Antivirus Software Market | Share by 2018-2023: ESET, Bitdefender, Fortinet, Avast ...

“The Global Antivirus Software Market report is made up of the best advice concerning the market.” The comprehensive report can aid end customers ...

Posted on 16 July 2018 | 4:26 am

Supplemental Annuity Collective Trust Of Nj Has Cut Its Microsoft (MSFT) Stake; Steadfast Capital ...

... and Supplier Onboarding for Microsoft Dynamics GP Clients now offered thro; 08/05/2018 – Microsoft Patch Tuesday, May 2018 Edition; 16/04/2018 ...

Posted on 16 July 2018 | 4:22 am

Oracle (ORCL) Stock Price Declined While Tiverton Asset Management Has Decreased Position ...

... and Director; 10/04/2018 – Atrio Systems Announces Rebranding to NuSoft Solutions; 08/05/2018 – Microsoft Patch Tuesday, May 2018 Edition.

Posted on 16 July 2018 | 4:03 am

Global Internet Security Market by 2023: Market by Solution (IAM, Encryption, DLP, UTM, Antivirus ...

The analysts forecast for this Internet Security market is expected to grow worth of USD +231 billion and also the market is likely to exhibit a strong ...

Posted on 16 July 2018 | 3:41 am

Global Antivirus Software Market Research Report 2018 – Qihoo, Symantec, AhnLab and Fortinet

The “Global Antivirus Software Market Research Report 2018” is the latest comprehensive analysis document assists the reader to build effective ...

Posted on 16 July 2018 | 3:18 am

The Best Password Managers 2018: How to Secure Your Online Accounts

The massive list ahead will give all the gritty details on why we like each password manager, but our favorite pick, overall, is Dashlane. Individual ...

Posted on 16 July 2018 | 1:42 am

Doozy of a Patch Tuesday As Microsoft, Adobe Clean House

Microsoft released 53 updates on Tuesday, classifying 18 as critical, while Adobe fixed 107 bugs, nearly half of which are also classified as critical.

Posted on 15 July 2018 | 11:11 pm

BEC Scam Losses Top $12 Billion: FBI

The losses and potential losses reported as a result of business email compromise (BEC) and email account compromise (EAC) scams exceed $12 billion globally, according to an alert published last week by the FBI.

read more

Posted on 15 July 2018 | 10:28 pm

US Lifts Export Ban on Suppliers to China's ZTE

The United States on Friday formally lifted a crippling ban on exports to China's ZTE, rescuing the smartphone maker from the brink of collapse after it was denied key components.

The US Commerce Department said it would continue to monitor the company to prevent further violations of US sanctions on Iran and North Korea.

read more

Posted on 15 July 2018 | 8:33 pm

Trump Says 'Might' Ask Putin to Extradite Accused Russian Hackers

Donald Trump has said he may ask Vladimir Putin during their upcoming summit meeting to extradite to the US 12 Russian intelligence officers accused of attempting to interfere with the 2016 presidential election.

read more

Posted on 15 July 2018 | 5:47 am

12 Russian Intelligence Agents Indicted For Hacking DNC Emails

The US Justice Department has announced criminal indictments against 12 Russian intelligence officers tied to the hack of the Democratic National Committee (DNC) during the 2016 US presidential election campaign. The charges were drawn up as part of the investigation of Russian interference in the 2016 US presidential election by Robert Mueller, the Special Counsel, and former FBI director.

Posted on 15 July 2018 | 12:49 am

IC3 Warns of Business Email Compromise Scams

Original release date: July 13, 2018

The Internet Crime Complaint Center (IC3) has released an alert on business email compromise scams. This type of scam targets businesses and individuals by using social engineering or computer intrusion to compromise legitimate email accounts and conduct unauthorized fund transfers or obtain personally identifiable information.

NCCIC encourages businesses and individuals to refer to the IC3 Alert and the NCCIC Tip on Avoiding Social Engineering and Phishing Attacks.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 13 July 2018 | 3:41 pm

PirateBay Like Best Torrent Sites — Free Movie Download Websites

There's no doubt that PirateBay (TPB) is one of the world's most famous and widely used torrent download website, but it has again been caught mining cryptocurrency by using its visitors' CPU processing power. This is the second time when The Pirate Bay has been caught mining digital coins. In September last year, PirateBay was found quietly running CoinHive JavaScript code to mine Monero

Posted on 13 July 2018 | 12:38 pm

Justice Dept. indicts 12 Russian spies over 2016 DNC hack

The 12 indictments were sought by US special counsel Robert Mueller.

Posted on 13 July 2018 | 9:06 am

Ukraine blocks VPNFilter attack against core country water system

Russia has been blamed for the cyberattack.

Posted on 13 July 2018 | 4:41 am

Hackers Used Malicious MDM Solution to Spy On 'Highly Targeted' iPhone Users

Security researchers have uncovered a "highly targeted" mobile malware campaign that has been operating since August 2015 and found spying on 13 selected iPhones in India. The attackers, who are also believed to be operating from India, were found abusing mobile device management (MDM) protocol—a type of security software used by large enterprises to control and enforce policies on devices

Posted on 13 July 2018 | 4:01 am

Juniper Networks Releases Security Updates

Original release date: July 12, 2018

Juniper Networks has released security updates to address vulnerabilities affecting multiple Junos OS versions. An attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review the Juniper Security Advisories website and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 12 July 2018 | 10:20 am

Business E-mail Compromise The 12 Billion Dollar Scam

Posted on 12 July 2018 | 10:00 am

Google Enables 'Site Isolation' Feature By Default For Chrome Desktop Users

Google has by default enabled a security feature called "Site Isolation" in its web browser with the release of Chrome 67 for all desktop users to help them protect against many online threats, including Spectre and Meltdown attack. Site Isolation is a feature of the Google Chrome web browser that adds an additional security boundary between websites by ensuring that different sites are always

Posted on 12 July 2018 | 7:57 am

Sextortion Scam Uses Recipient’s Hacked Passwords

Here's a clever new twist on an old email scam that could serve to make the con far more believable. The message purports to have been sent from a hacker who's compromised your computer and used your webcam to record a video of you while you were watching porn. The missive threatens to release the video to all your contacts unless you pay a Bitcoin ransom. The new twist? The email now references a real password previously tied to the recipient's email address.

Posted on 12 July 2018 | 7:19 am

IBM: A data breach will now cost your organization $3.86 million, if you're lucky

There are hidden costs over time which make the bill far larger than you may expect.

Posted on 12 July 2018 | 5:30 am

Another hack rocks cryptocurrency trading: Bancor loses $13.5 million

The alleged hack has raised questions over the validity of the start-up's "decentralized" system.

Posted on 12 July 2018 | 2:54 am

ISC Releases Security Advisory for Kea DHCP

Original release date: July 12, 2018

The Internet Systems Consortium (ISC) has released a security advisory that addresses a memory leak vulnerability in Kea DHCP 1.4.0. A remote attacker could exploit this vulnerability to cause a denial-of-service condition.

NCCIC encourages users and administrators to review ISC Knowledge Base Article AA-01626 and apply the necessary update or workaround.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 12 July 2018 | 12:12 am

Hacker Sold Stolen U.S. Military Drone Documents On Dark Web For Just $200

You never know what you will find on the hidden Internet 'Dark Web.' Just about an hour ago we reported about someone selling remote access linked to security systems at a major International airport for $10. It has been reported that a hacker was found selling sensitive US Air Force documents on the dark web for between $150 and $200. <!-- adsense --> Cybercrime tracker Recorded Future today

Posted on 11 July 2018 | 1:33 pm

Cisco Releases Security Updates

Original release date: July 11, 2018

Cisco has released updates to address vulnerabilities affecting Cisco products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 11 July 2018 | 1:08 pm

Hacker Puts Airport's Security System Access On Dark Web Sale For Just $10

If you can't find it on Google, you will definitely find it on the Dark Web. Black markets on the Dark web are not known for just buying drugs, it is a massive hidden network where you can buy pretty much anything you can imagine—from pornography, weapon, and counterfeit currencies, to hacking tools, exploits, malware, and zero-days. One such type of underground marketplace on Dark Web is

Posted on 11 July 2018 | 12:23 pm

​The return of Spectre

Two new ways to assault computers using Spectre-style attacks have been discovered. These can be used against any operating system running on AMD, ARM, and Intel processors. UPDATED: July 13, AMD comments on issue.

Posted on 11 July 2018 | 11:48 am

Notorious ‘Hijack Factory’ Shunned from Web

Score one for the good guys: Bitcanal, a Portuguese Web hosting firm long accused of helping spammers hijack large swaths of dormant Internet address space over the years, was summarily kicked off the Internet this week after a half-dozen of the company's bandwidth providers chose to sever ties with the company.

Posted on 11 July 2018 | 10:19 am

Facebook Faces £500,000 Fine in U.K. Over Cambridge Analytica Leak

Facebook has been fined £500,000 ($664,000) in the U.K. after the country's data protection watchdog concluded that its data-sharing scandal broke the law, making it as the social network's first fine over the Cambridge Analytica scandal. Yes, £500,000—that's the maximum fine allowed by the UK's Data Protection Act 1998, and equals to what Facebook earns every 8 minutes. Facebook has been

Posted on 11 July 2018 | 8:33 am

Two New Spectre-Class CPU Flaws Discovered—Intel Pays $100K Bounty

Intel has paid out a $100,000 bug bounty for new processor vulnerabilities that are related to Spectre variant one (CVE-2017-5753). The new Spectre-class variants are tracked as Spectre 1.1 (CVE-2018-3693) and Spectre 1.2, of which Spectre 1.1 described as a bounds-check bypass store attack has been considered as more dangerous. Earlier this year, Google Project Zero researchers disclosed

Posted on 11 July 2018 | 4:45 am

Adobe fixes over 100 vulnerabilities in latest security patch update

The massive security update covers Flash, Acrobat, Connect, Experience Manager, and Reader.

Posted on 11 July 2018 | 3:25 am

Malicious Software Packages Found On Arch Linux User Repository

Yet another incident which showcases that you should not explicitly trust user-controlled software repositories. One of the most popular Linux distros Arch Linux has pulled as many as three user-maintained software repository AUR packages after it was found hosting malicious code. Arch Linux is an independently developed, general-purpose GNU/Linux distribution composed predominantly of free

Posted on 11 July 2018 | 1:56 am

Patch Tuesday, July 2018 Edition

Microsoft and Adobe each issued security updates for their products today. Microsoft's July patch batch includes 14 updates to fix more than 50 security flaws in Windows and associated software. Separately, Adobe has pushed out an update for its Flash Player browser plugin, as well as a monster patch bundle for Adobe Reader/Acrobat.

Posted on 10 July 2018 | 7:34 pm

Microsoft Releases July 2018 Security Updates

Original release date: July 10, 2018

Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review Microsoft’s July 2018 Security Update Summary and Deployment Information and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 10 July 2018 | 12:27 pm

USB Accessory Can Defeat iOS's New "USB Restricted Mode" Security Feature

With the release of iOS 11.4.1, Apple has finally rolled out a new security feature designed to protect your devices against USB accessories that connect to the data port, making it harder for law enforcement and hackers to break into your iPhone or iPad without your permission. Dubbed USB Restricted Mode, the feature automatically disables data connection capabilities of the Lightning port on

Posted on 10 July 2018 | 11:58 am

Microsoft Releases Patch Updates for 53 Vulnerabilities In Its Software

It's time to gear up your systems and software for the latest July 2018 Microsoft security patch updates. Microsoft today released security patch updates for 53 vulnerabilities, affecting Windows, Internet Explorer (IE), Edge, ChakraCore, .NET Framework, ASP.NET, PowerShell, Visual Studio, and Microsoft Office and Office Services, and Adobe Flash Player. Out of 53 vulnerabilities, 17 are

Posted on 10 July 2018 | 11:53 am

Apple fixes iPhone crash bug whenever Taiwan was mentioned

The bug is now fixed in iOS 11.4.1.

Posted on 10 July 2018 | 11:22 am

Adobe Releases Security Patch Updates For 112 Vulnerabilities

Adobe has released security patches for a total 112 vulnerabilities in its products, most of which have a higher risk of being exploited. The vulnerabilities addressed in this month's patch Tuesday affect Adobe Flash Player, Adobe Experience Manager, Adobe Connect, Adobe Acrobat, and Reader. None of the security vulnerabilities patched this month were either publicly disclosed or found being

Posted on 10 July 2018 | 10:24 am

Adobe Releases Security Updates

Original release date: July 10, 2018

Adobe has released security updates to address vulnerabilities in Adobe Acrobat and Reader, Adobe Flash Player, Adobe Connect, and Adobe Experience Manager. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.   

NCCIC encourages users and administrators to review Adobe Security Bulletins APSB18-21, APSB18-24, APSB18-22, and APSB18-23 and apply the necessary updates.

 


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 10 July 2018 | 9:40 am

Gaza Cybergang Returns With New Attacks On Palestinian Authority

Security researchers from Check Point Threat Intelligence Team have discovered the comeback of an APT (advanced persistent threat) surveillance group targeting institutions across the Middle East, specifically the Palestinian Authority. The attack, dubbed "Big Bang," begins with a phishing email sent to targeted victims that includes an attachment of a self-extracting archive containing two

Posted on 10 July 2018 | 7:30 am

BlackTech threat group steals D-Link certificates to spread backdoor malware

The same certificate was used to sign legitimate D-Link software.

Posted on 10 July 2018 | 3:16 am

Ticketmaster breach was part of a larger credit card skimming effort, analysis shows

The breach wasn't a one-off event, as believed, but part of a massive credit card skimming operation.

Posted on 10 July 2018 | 3:00 am

Apple Releases Multiple Security Updates

Original release date: July 09, 2018

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review Apple security pages for the following products and apply the necessary updates:


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 9 July 2018 | 4:29 pm

This new feature will make it tougher for cops and hackers to unlock your iPhone

Restrictions on the USB port will make it tougher for police to get access to your data.

Posted on 9 July 2018 | 12:00 pm

Stolen D-Link Certificate Used to Digitally Sign Spying Malware

Digitally signed malware has become much more common in recent years to mask malicious intentions. Security researchers have discovered a new malware campaign misusing stolen valid digital certificates from Taiwanese tech-companies, including D-Link, to sign their malware and making them look like legitimate applications. As you may know, digital certificates issued by a trusted certificate

Posted on 9 July 2018 | 7:57 am

Looking For Secure VPN Services? Get a Lifetime Subscription

PRIVACY – a bit of an Internet buzzword nowadays, because the business model of the Internet has now shifted towards data collection. Today, most users surf the web unaware of the fact that websites and online services collect their personal information, including search histories, location, and buying habits and make millions by sharing your data with advertisers and marketers. If this is

Posted on 9 July 2018 | 6:54 am

DomainFactory Hacked—Hosting Provider Asks All Users to Change Passwords

Besides Timehop, another data breach was discovered last week that affects users of one of the largest web hosting companies in Germany, DomainFactory, owned by GoDaddy. The breach initially happened back in last January this year and just emerged last Tuesday when an unknown attacker himself posted a breach note on the DomainFactory support forum. It turns out that the attacker breached

Posted on 9 July 2018 | 5:38 am

User data exposed in Domain Factory hosting security breach

Customers are being urged to change their passwords as soon as possible.

Posted on 9 July 2018 | 3:46 am

Timehop Hacked — Hackers Stole Personal Data Of All 21 Million Users

And the hacks just keep on coming. Timehop social media app has been hit by a major data breach on July 4th that compromised the personal data of its more than 21 million users. Timehop is a simple social media app that collects your old photos and posts from your iPhone, Facebook, Instagram, Twitter and Foursquare and acts as a digital time machine to help you find—what you were doing on

Posted on 9 July 2018 | 3:20 am

Fitness app Polar exposed locations of spies and military personnel

Location data revealed the home addresses of intelligence officers -- even when their profiles were set to private.

Posted on 8 July 2018 | 6:00 am

CIS Releases 2017 Year in Review

Original release date: July 06, 2018

The Center for Internet Security (CIS) has released its 2017 Year in Review. CIS is home to the Multi-State Information Sharing and Analysis Center (MS-ISAC), an NCCIC partner focused on cyber threat prevention, protection, response, and recovery for U.S. state, local, tribal, and territorial government entities. The review highlights CIS's role in improving cyber defense and MS-ISAC's advances in membership, monitoring, cyber education, and information sharing with partners.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 6 July 2018 | 3:02 pm

Apple Releases Security Update for Boot Camp

Original release date: July 06, 2018

Apple has released a security update to address vulnerabilities in Wi-Fi for Boot Camp 6.4.0. An attacker could exploit these vulnerabilities to obtain access to sensitive information.

NCCIC encourages users and administrators to review Apple’s security page for Wi-Fi Update for Boot Camp 6.4.0 and apply the necessary update.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 6 July 2018 | 12:51 pm

Most LokiBot samples in the wild are "hijacked" versions of the original malware

Hacker himself got hacked. It turns out that most samples of the LokiBot malware being distributed in the wild are modified versions of the original sample, a security researcher has learned. Targeting users since 2015, LokiBot is a password and cryptocoin-wallet stealer that can harvest credentials from a variety of popular web browsers, FTP, poker and email clients, as well as IT

Posted on 6 July 2018 | 10:23 am

ExxonMobil Bungles Rewards Card Debut

Energy giant ExxonMobil recently sent snail mail letters to its Plenti rewards card members stating that the points program was being replaced with a new one called Exxon Mobil Rewards+. Unfortunately, the letter includes a confusing toll free number and directs customers to a parked page that tries to foist Web browser extensions on visitors.

Posted on 6 July 2018 | 8:53 am

Former NSO employee steals, flogs Pegasus mobile hacking tool for $50 million

The staff member stole Pegasus spyware code and attempted to sell it in the Dark Web.

Posted on 6 July 2018 | 5:08 am

Critical ADB router, modem firmware vulnerabilities finally fixed

Patches for three bugs impacting Advanced Digital Broadcast broadband equipment have now been released.

Posted on 6 July 2018 | 3:42 am

Password-Guessing Was Used to Hack Gentoo Linux Github Account

Maintainers of the Gentoo Linux distribution have now revealed the impact and "root cause" of the attack that saw unknown hackers taking control of its GitHub account last week and modifying the content of its repositories and pages. The hackers not only managed to change the content in compromised repositories but also locked out Gentoo developers from their GitHub organisation. As a result

Posted on 5 July 2018 | 11:01 pm

Ex-NSO Employee Caught Selling Stolen Phone Hacking Tool For $50 Million

A former employee of one of the world's most powerful hacking companies NSO Group has been arrested and charged with stealing phone hacking tools from the company and trying to sell it for $50 million on the Darknet secretly. Israeli hacking firm NSO Group is mostly known for selling high-tech malware capable of remotely cracking into Apple's iPhones and Google's Android devices to

Posted on 5 July 2018 | 12:29 pm

WordPress 4.9.7 Security and Maintenance Release

WordPress 4.9.7 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. WordPress versions 4.9.6 and earlier are affected by a media issue that could potentially allow a user with certain capabilities to attempt to delete files outside the uploads […]

Posted on 5 July 2018 | 10:00 am

New Virus Decides If Your Computer Good for Mining or Ransomware

Security researchers have discovered an interesting piece of malware that infects systems with either a cryptocurrency miner or ransomware, depending upon their configurations to decide which of the two schemes could be more profitable. While ransomware is a type of malware that locks your computer and prevents you from accessing the encrypted data until you pay a ransom to get the decryption

Posted on 5 July 2018 | 8:07 am

Japan issues first-ever prison sentence in cryptojacking case

The 24-year-old has been sentenced despite making only $45 from his antics.

Posted on 5 July 2018 | 5:04 am

UK announces creation of London cybercrime court

It might be a long time before any cases are heard, however.

Posted on 5 July 2018 | 3:15 am

This keyboard attack steals passwords by reading heat from your fingers

Thermanator harvests thermal energy to steal passwords directly from your fingertips.

Posted on 5 July 2018 | 2:06 am

Beware! Fortnite Cheat Hijacks Gamers’ PCs to Intercept HTTPS Traffic

If you are looking for Fortnite v-bucks generator, aimbot or any other game cheats—then beware—you might end up installing malware on your PC! Web-based game-streaming platform Rainway is reporting that tens of thousands of Fortnite players have inadvertently infected their systems with a piece of malware that hijacks their encrypted HTTPS web sessions to inject fraudulent ads into every

Posted on 4 July 2018 | 3:11 am

German police raid homes of Tor-linked group's board members

One board member described the police's justification for the raids as a "tenuous" link between the privacy group, a blog, and its email address.

Posted on 4 July 2018 | 2:00 am

Plant Your Flag, Mark Your Territory

Many people, particularly older folks, proudly declare they avoid using the Web to manage various accounts tied to their personal and financial data -- from utilities and mobile phones to retirement benefits and online banking services. The reasoning behind this strategy is as simple as it is alluring: What's not put online can't be hacked. But increasingly, adherents to this mantra are finding out the hard way that if you don't plant your flag online, fraudsters and identity thieves may do it for you.

Posted on 28 June 2018 | 10:50 am

How to Avoid Card Skimmers at the Pump

Previous stories here on the proliferation of card-skimming devices hidden inside fuel pumps have offered a multitude of security tips for readers looking to minimize their chances of becoming the next victim, such as favoring filling stations that use security cameras and tamper-evident tape on their pumps. But according to police in San Antonio, Texas, there are far more reliable ways to avoid getting skimmed at a fuel station.

Posted on 26 June 2018 | 10:59 am

Supreme Court: Police Need Warrant for Mobile Location Data

The U.S. Supreme Court today ruled that the government needs to obtain a court-ordered warrant to gather location data on mobile device users. The decision is a major development for privacy rights, but experts say it may have limited bearing on the selling of real-time customer location data by the wireless carriers to third-party companies.

Posted on 22 June 2018 | 1:30 pm

AT&T, Sprint, Verizon to Stop Sharing Customer Location Data With Third Parties

In the wake of a scandal involving third-party companies leaking or selling precise, real-time location data on virtually all Americans who own a mobile phone, the four major wireless carriers have responded to requests from a U.S. senator for more details about how the carriers are managing access to this extremely sensitive information. While three out of four providers said they had cancelled data sharing agreements with some of the offending companies, only one -- Verizon -- pledged to terminate all of them and initiate a wholesale review of their location data-sharing practices.

Posted on 19 June 2018 | 11:03 am

Google to Fix Location Data Leak in Google Home, Chromecast

Google in the coming weeks is expected to fix a location privacy leak in two of its most popular consumer products. New research shows that Web sites can run a simple script in the background that collects precise location data on people who have a Google Home or Chromecast device installed anywhere on their local network.

Posted on 18 June 2018 | 7:04 am

Business Email Compromise Contributes To Large Scale Business Losses Nationwide

Posted on 11 June 2018 | 7:30 am

Foreign Cyber Actors Target Home and Office Routers and Networked Devices Worldwide

Posted on 25 May 2018 | 6:00 am

Video: Creating Graph Visualizations With Gephi

I wanted to create a how-to blog post about creating gephi visualizations, but I realized it’d probably need to include, like, a thousand embedded screenshots. So I made a video instead.

Posted on 24 May 2018 | 12:50 am

Pr0nbots2: Revenge Of The Pr0nbots

A month and a half ago I posted an article in which I uncovered a series of Twitter accounts advertising adult dating (read: scam) websites. If you haven’t read it yet, I recommend taking a look at it before reading this article, since I’ll refer back to it occasionally. To start with, let’s recap. In my […]

Posted on 4 May 2018 | 3:03 am

Oracle Critical Patch Update Advisory - April 2018

Posted on 17 April 2018 | 12:30 pm

WordPress 4.9.5 Security and Maintenance Release

WordPress 4.9.5 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. WordPress versions 4.9.4 and earlier are affected by three security issues. As part of the core team's ongoing commitment to security hardening, the following fixes have been implemented […]

Posted on 3 April 2018 | 12:56 pm

Tech Support Fraud

Posted on 28 March 2018 | 10:00 am

Marketing “Dirty Tinder” On Twitter

About a week ago, a Tweet I was mentioned in received a dozen or so “likes” over a very short time period (about two minutes). I happened to be on my computer at the time, and quickly took a look at the accounts that generated those likes. They all followed a similar pattern. Here’s an […]

Posted on 16 March 2018 | 2:49 am

How To Get Twitter Follower Data Using Python And Tweepy

In January 2018, I wrote a couple of blog posts outlining some analysis I’d performed on followers of popular Finnish Twitter profiles. A few people asked that I share the tools used to perform that research. Today, I’ll share a tool similar to the one I used to conduct that research, and at the same […]

Posted on 27 February 2018 | 4:07 am

Improving Caching Strategies With SSICLOPS

F-Secure development teams participate in a variety of academic and industrial collaboration projects. Recently, we’ve been actively involved in a project codenamed SSICLOPS. This project has been running for three years, and has been a joint collaboration between ten industry partners and academic entities. Here’s the official description of the project. “The Scalable and Secure […]

Posted on 26 February 2018 | 12:11 am

Increase in W-2 Phishing Campaigns

Posted on 21 February 2018 | 10:00 am

Searching Twitter With Twarc

Twarc makes it really easy to search Twitter via the API. Simply create a twarc object using your own API keys and then pass your search query into twarc’s search() function to get a stream of Tweet objects. Remember that, by default, the Twitter API will only return results from the last 7 days. However, […]

Posted on 16 February 2018 | 6:33 am

Impersonation of the Internet Crime Complaint Center

Posted on 1 February 2018 | 10:00 am

NLP Analysis Of Tweets Using Word2Vec And T-SNE

In the context of some of the Twitter research I’ve been doing, I decided to try out a few natural language processing (NLP) techniques. So far, word2vec has produced perhaps the most meaningful results. Wikipedia describes word2vec very precisely: “Word2vec takes as its input a large corpus of text and produces a vector space, typically of several […]

Posted on 30 January 2018 | 4:37 am

NLP Analysis And Visualizations Of #presidentinvaalit2018

During the lead-up to the January 2018 Finnish presidential elections, I collected a dataset consisting of raw Tweets gathered from search words related to the election. I then performed a series of natural language processing experiments on this raw data. The methodology, including all the code used, can be found in an accompanying blog post. […]

Posted on 30 January 2018 | 4:35 am

How To Get Tweets From A Twitter Account Using Python And Tweepy

In this blog post, I’ll explain how to obtain data from a specified Twitter account using tweepy and Python. Let’s jump straight into the code! As usual, we’ll start off by importing dependencies. I’ll use the datetime and Counter modules later on to do some simple analysis tasks. from tweepy import OAuthHandler from tweepy import […]

Posted on 26 January 2018 | 12:35 am

Fraudulent Online Vehicle Sales

Posted on 17 January 2018 | 10:00 am

How To Get Streaming Data From Twitter

I occasionally receive requests to share my Twitter analysis tools. After a few recent requests, it finally occurred to me that it would make sense to create a series of articles that describe how to use Python and the Twitter API to perform basic analytical tasks. Teach a man to fish, and all that. In […]

Posted on 17 January 2018 | 4:50 am

WordPress 4.9.2 Security and Maintenance Release

WordPress 4.9.2 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. An XSS vulnerability was discovered in the Flash fallback files in MediaElement, a library that is included with WordPress. Because the Flash files are no longer needed for […]

Posted on 16 January 2018 | 3:00 pm

Oracle Critical Patch Update Advisory - January 2018

Posted on 16 January 2018 | 11:30 am

Further Analysis Of The Finnish Themed Twitter Botnet

In a blog post I published yesterday, I detailed the methodology I have been using to discover “Finnish themed” Twitter accounts that are most likely being programmatically created. In my previous post, I called them “bots”, but for the sake of clarity, let’s refer to them as “suspicious accounts”. These suspicious accounts all follow a […]

Posted on 12 January 2018 | 5:52 am

Someone Is Building A Finnish-Themed Twitter Botnet

Finland will hold a presidential election on the 28th January 2018. Campaigning just started, and candidates are being regularly interviewed by the press and on the TV. In a recent interview, one of the presidential candidates, Pekka Haavisto, mentioned that both his Twitter account, and the account of the current Finnish president, Sauli Niinistö had […]

Posted on 11 January 2018 | 7:27 am

Some Notes On Meltdown And Spectre

The recently disclosed Meltdown and Spectre vulnerabilities can be viewed as privilege escalation attacks that allow an attacker to read data from memory locations that aren’t meant to be accessible. Neither of these vulnerabilities allow for code execution. However, exploits based on these vulnerabilities could allow an adversary to obtain sensitive information from memory (such […]

Posted on 9 January 2018 | 6:46 am

Don’t Let An Auto-Elevating Bot Spoil Your Christmas

Ho ho ho! Christmas is coming, and for many people it’s time to do some online shopping. Authors of banking Trojans are well aware of this yearly phenomenon, so it shouldn’t come as a surprise that some of them have been hard at work preparing some nasty surprises for this shopping season. And that’s exactly […]

Posted on 18 December 2017 | 7:48 am

WordPress 4.9.1 Security and Maintenance Release

WordPress 4.9.1 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. WordPress versions 4.9 and earlier are affected by four security issues which could potentially be exploited as part of a multi-vector attack. As part of the core team's […]

Posted on 29 November 2017 | 12:33 pm

Necurs’ Business Is Booming In A New Partnership With Scarab Ransomware

Necurs’ spam botnet business is doing well as it is seemingly acquiring new customers. The Necurs botnet is the biggest deliverer of spam with 5 to 6 million infected hosts online monthly, and is responsible for the biggest single malware spam campaigns. Its service model provides the whole infection chain: from spam emails with malicious […]

Posted on 23 November 2017 | 6:16 am

Oracle Security Alert for CVE-2017-10269 - 13 November 2017

Posted on 13 November 2017 | 11:30 am

RickRolled by none other than IoTReaper

IoT_Reaper overview IoT_Reaper, or the Reaper in short, is a Linux bot targeting embedded devices like webcams and home router boxes. Reaper is somewhat loosely based on the Mirai source code, but instead of using a set of admin credentials, the Reaper tries to exploit device HTTP control interfaces. It uses a range of vulnerabilities […]

Posted on 3 November 2017 | 5:39 am

WordPress 4.8.3 Security Release

WordPress 4.8.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.8.2 and earlier are affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to […]

Posted on 31 October 2017 | 7:20 am

Facebook Phishing Targeted iOS and Android Users from Germany, Sweden and Finland

Two weeks ago, a co-worker received a message in Facebook Messenger from his friend. Based on the message, it seemed that the sender was telling the recipient that he was part of a video in order to lure him into clicking it. The shortened link was initially redirecting to Youtube.com, but was later on changed […]

Posted on 30 October 2017 | 11:19 am

Oracle Security Alert for CVE-2017-10151 - 27 October 2017

Posted on 27 October 2017 | 12:30 pm

The big difference with Bad Rabbit

Bad Rabbit is the new bunny on the ransomware scene. While the security community has concentrated mainly on the similarities between Bad Rabbit and EternalPetya, there’s one notable difference which has not yet gotten too much attention. The difference is that Bad Rabbit’s disk encryption works. EternalPetya re-used the custom disk encryption method from the […]

Posted on 26 October 2017 | 11:41 pm

Following The Bad Rabbit

On October 24th, media outlets reported on an outbreak of ransomware affecting various organizations in Eastern Europe, mainly in Russia and Ukraine. Identified as “Bad Rabbit”, initial reports about the ransomware drew comparisons with the WannaCry and NotPetya (EternalPetya) attacks from earlier this year. Though F-Secure hasn’t yet received any reports of infections from our […]

Posted on 26 October 2017 | 7:43 am

Oracle Critical Patch Update Advisory - October 2017

Posted on 17 October 2017 | 12:30 pm

Twitter Forensics From The 2017 German Election

Over the past month, I’ve pointed Twitter analytics scripts at a set of search terms relevant to the German elections in order to study trends and look for interference. Germans aren’t all that into Twitter. During European waking hours Tweets in German make up less than 0.5% of all Tweets published. Over the last month, […]

Posted on 25 September 2017 | 7:59 am

Oracle Security Alert for CVE-2017-9805 - 22 September 2017

Posted on 22 September 2017 | 12:30 pm

WordPress 4.8.2 Security and Maintenance Release

WordPress 4.8.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.8.1 and earlier are affected by these security issues: $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this […]

Posted on 19 September 2017 | 3:17 pm

Oracle Critical Patch Update Advisory - July 2017

Posted on 18 July 2017 | 12:30 pm

Oracle Security Alert for CVE-2017-3629

Posted on 19 June 2017 | 12:30 pm

WordPress 4.7.5 Security and Maintenance Release

WordPress 4.7.5 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.4 and earlier are affected by six security issues: Insufficient redirect validation in the HTTP class. Reported by Ronni Skansing. Improper handling of post meta data values in the XML-RPC […]

Posted on 16 May 2017 | 3:39 pm

WordPress Now on HackerOne

WordPress has grown a lot over the last thirteen years – it now powers more than 28% of the top ten million sites on the web. During this growth, each team has worked hard to continually improve their tools and processes. Today, the WordPress Security Team is happy to announce that WordPress is now officially […]

Posted on 15 May 2017 | 9:02 am

Oracle Critical Patch Update Advisory - April 2017

Posted on 18 April 2017 | 12:30 pm

WordPress 4.7.3 Security and Maintenance Release

WordPress 4.7.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.2 and earlier are affected by six security issues: Cross-site scripting (XSS) via media file metadata.  Reported by Chris Andrè Dale, Yorick Koster, and Simon P. Briggs. Control characters can trick redirect […]

Posted on 6 March 2017 | 9:53 am

WordPress 4.7.2 Security Release

WordPress 4.7.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.1 and earlier are affected by three security issues: The user interface for assigning taxonomy terms in Press This is shown to users who do not have permissions to use it. […]

Posted on 26 January 2017 | 11:34 am

Oracle Critical Patch Update Advisory - January 2017

Posted on 17 January 2017 | 11:30 am

Oracle Critical Patch Update Advisory - October 2016

Posted on 18 October 2016 | 12:30 pm

Oracle Critical Patch Update Advisory - July 2016

Posted on 19 July 2016 | 12:30 pm

Oracle Critical Patch Update Advisory - April 2016

Posted on 19 April 2016 | 12:30 pm

Oracle Security Alert for CVE-2016-0636 - 23 Mar 2016

Posted on 23 March 2016 | 12:30 pm

Oracle Critical Patch Update Advisory - January 2016

Posted on 19 January 2016 | 11:30 am

Oracle Security Alert for CVE-2015-4852 - 10 November 2015

Posted on 10 November 2015 | 11:30 am

Oracle Critical Patch Update Advisory - October 2015

Posted on 20 October 2015 | 12:30 pm

Oracle Critical Patch Update Advisory - July 2015

Posted on 14 July 2015 | 12:30 pm

Oracle Security Alert for CVE-2015-3456 - 15 May 2015

Posted on 15 May 2015 | 12:30 pm

Oracle Critical Patch Update Advisory - April 2015

Posted on 14 April 2015 | 12:30 pm

Oracle Security Alert for CVE-2016-0603 - 5 February 2016

Posted on 5 February 2015 | 11:30 am

Oracle Critical Patch Update Advisory - January 2015

Posted on 20 January 2015 | 11:30 am

Oracle Critical Patch Update Advisory - October 2014

Posted on 14 October 2014 | 12:30 pm

Oracle Security Alert for CVE-2014-7169 - 26 September 2014

Posted on 26 September 2014 | 12:30 pm

Oracle Critical Patch Update Advisory - July 2014

Posted on 15 July 2014 | 12:30 pm

Oracle Security Alert for CVE-2014-0160 - 18 April 2014

Posted on 18 April 2014 | 12:30 pm

Oracle Critical Patch Update Advisory - April 2014

Posted on 15 April 2014 | 12:30 pm

Oracle Critical Patch Update Advisory - January 2014

Posted on 14 January 2014 | 11:30 am

Oracle Critical Patch Update Advisory - October 2013

Posted on 15 October 2013 | 12:30 pm

Oracle Critical Patch Update Advisory - July 2013

Posted on 16 July 2013 | 12:30 pm

Oracle Java SE Critical Patch Update Advisory - June 2013

Posted on 18 June 2013 | 12:30 pm

Oracle Critical Patch Update Advisory - April 2013

Posted on 16 April 2013 | 12:30 pm

Oracle Java SE Critical Patch Update Advisory - April 2013

Posted on 16 April 2013 | 12:30 pm

Oracle Security Alert for CVE-2013-1493 - 04 Mar 2013

Posted on 4 March 2013 | 11:30 am

Updated Release of the Oracle Java SE Critical Patch Update - February 2013

Posted on 19 February 2013 | 11:30 am

Oracle Java SE Critical Patch Update Advisory - February 2013

Posted on 1 February 2013 | 11:30 am

Oracle Critical Patch Update Advisory - January 2013

Posted on 15 January 2013 | 11:30 am

Oracle Security Alert for CVE-2013-0422 - 13 Jan 2013

Posted on 13 January 2013 | 11:30 am

Oracle Critical Patch Update Advisory - October 2012

Posted on 16 October 2012 | 12:26 pm

Oracle Java SE Critical Patch Update Advisory - October 2012

Posted on 16 October 2012 | 12:26 pm

Oracle Security Alert for CVE-2012-4681 - 30 Aug 2012

Posted on 30 August 2012 | 12:26 pm

Oracle Security Alert for CVE-2012-3132 - 10 Aug 2012

Posted on 10 August 2012 | 12:14 pm

Oracle Critical Patch Update (CPU) Advisory - July 2012

Posted on 19 July 2012 | 3:15 pm

Oracle Java SE Critical Patch Update Advisory - June 2012

Posted on 12 June 2012 | 1:00 pm

Oracle Security Alert for CVE-2012-1675

Posted on 30 April 2012 | 1:01 pm

Oracle Critical Patch Update (CPU) Advisory - April 2012

Posted on 18 April 2012 | 8:40 am

Oracle Java SE Critical Patch Update Advisory - February 2012

Posted on 14 February 2012 | 12:00 pm

Oracle Security Alert for CVE-2011-5035

Posted on 31 January 2012 | 1:20 pm

Oracle Critical Patch Update (CPU) Advisory - January 2012

Posted on 17 January 2012 | 12:44 pm

Oracle Critical Patch Update (CPU) Advisory - October 2011

Posted on 24 October 2011 | 11:33 am

Oracle Security Alert for CVE-2011-3192

Posted on 15 September 2011 | 2:22 pm

Oracle Critical Patch Update (CPU) Advisory - July 2011

Posted on 19 July 2011 | 3:45 pm

Oracle Java SE Critical Patch Update Advisory - June 2011

Posted on 7 June 2011 | 3:18 pm

Oracle Critical Patch Update (CPU) - April 2011

Posted on 19 April 2011 | 1:00 pm

Oracle Java SE and Java for Business Critical Patch Update Advisory - February 2011

Posted on 15 February 2011 | 2:00 pm

Oracle Critical Patch Update (CPU) - January 2011

Posted on 18 January 2011 | 11:40 am

Oracle Critical Patch Update (CPU) - October 2010

Posted on 12 October 2010 | 9:07 am

Oracle Critical Patch Update (CPU) - July 2010

Posted on 14 July 2010 | 12:35 pm

Oracle Critical Patch Update (CPU) - April 2010

Posted on 13 April 2010 | 2:01 pm

Oracle Security Alert for CVE-2010-0073 - February 2010

Oracle Security Alert for CVE-2010-0073

Posted on 4 February 2010 | 12:00 pm

Critical Patch Update - January 2010

Posted on 13 January 2010 | 10:05 am

Critical Patch Update - October 2009

Posted on 20 October 2009 | 8:39 am

Critical Patch Update - July 2009

Posted on 15 July 2009 | 6:00 pm

Critical Patch Update - April 2009

Posted on 14 April 2009 | 3:40 pm

Critical Patch Update - January 2009

Posted on 14 April 2009 | 3:40 pm

Critical Patch Update - October 2008

Posted on 15 October 2008 | 11:53 am

Critical Patch Update - July 2008

Posted on 15 July 2008 | 1:01 pm

Critical Patch Update - April 2008

Posted on 15 April 2008 | 3:13 pm

Critical Patch Update - January 2008

Posted on 15 January 2008 | 2:55 pm

Critical Patch Update - October 2007

Posted on 16 October 2007 | 1:47 pm

Critical Patch Update - July 2007

Posted on 17 July 2007 | 1:21 pm

Critical Patch Update - April 2007

Posted on 18 April 2007 | 8:57 am

Critical Patch Update - January 2007

Posted on 16 January 2007 | 3:35 pm

Critical Patch Update - October 2006

Posted on 17 October 2006 | 11:37 am

Critical Patch Update - April 2006

Posted on 18 April 2006 | 1:42 pm

Critical Patch Update - January 2006

Posted on 17 January 2006 | 4:20 pm

Critical Patch Update - January 2005

Posted on 18 October 2005 | 3:28 pm

Critical Patch Update - April 2005

Posted on 18 October 2005 | 3:28 pm

Critical Patch Update - October 2005

Posted on 18 October 2005 | 3:25 pm

Critical Patch Update - July 2005

Posted on 12 July 2005 | 12:46 pm