A hacker hijacked the Twitter account of Arron Banks, chairman of the pro-Brexit UK political campaign organization Leave.EU, and leaked his private message history online earlier this week. The BBC yesterday reported that the culprit had access to thousands of private messages that had been sent and received by Banks…
October 2019 AppSec Intelligence Report
This report summarizes Contrast Labs’ analysis of real world application attack and vulnerability data from October 2019. It utilizes data from attacks that Contrast Security observed over the previous months and highlights the key trends found. *** This is a Security Bloggers Network syndicated blog from Security Influencers Blog authored…
Over 100,000 people were targeted by a large-scale summer threat campaign using fake IRS websites. The extensive phishing campaign was discovered by researchers at cloud security solutions provider Akamai. Akamai’s research team recorded threat actors using hundreds of different domains and URLs to impersonate the Internal Revenue Service of the United…
A New Massive 2.2 Million Password Data Dump is Shared on Dark Web
The personal details and hashed passwords of 2.2 million users are currently being shared online. One of the platforms who have exposed the data admitted the incident but offered a very different perspective. The passwords that were spilled are hashed with bcrypt, so they are not exploitable right now. According…
The CEO of an unidentified Swiss company was scammed out of nearly $1 million by a multinational fraud ring, according to a criminal complaint unsealed last week in federal court. The executive, who is identified in the filing only as “S.K.,” was in the process of buying a piece of…
Why businesses need guidelines for managing their employees’ personal information — without compromising on security. Consumer privacy has long been the focal point of controversies regarding how companies handle personal data. While this is clearly an important matter, it has kept the spotlight off of another important issue: the way…
Theresa Payton explains the strategies organizations should consider as they integrate layers of new technology. Infosecurity ISACA North America Conference and Expo – New York, NY – In her two-and-a-half years as White House CIO, Theresa Payton learned valuable long-term lessons about securely adopting new technology, which she shared today…
Cybersecurity experts predict that voicemail phishing attacks, otherwise known as vishing, could become a daily occurrence in 2020. Threat research conducted by Mimecast found that malicious voicemail messages were not just on the rise, but were “evolving and more nuanced than ever before.” In the “Quarterly Threat Intelligence Report: Risk…
The Shade ransomware, also known as Troldesh, is the number one email-based malware for the first half of 2019. The invention of the internet has been a boon for mankind, offering instantaneous communication across the world. Older generations that saw the rise of the internet equate the technological marvel with…
One Alabama university’s students can enroll in the first “Hacking for Defense (H4D)” cybersecurity class, which begins in the state during the upcoming spring semester, aiming to help bolster cybersecurity expertise. …
Derbycon2019, Émilio Gonzalez & Francis Labelle’s ‘Welcome To The Jumble: Improving RDP Tooling For Malware Analysis And Pentesting’
Many Thanks to Adrian Crenshaw (Irongeek), and his Videographer Colleagues for Sharing His and Their Outstanding Videos Of This Last And Important DerbyCon 2019. Visit Irongeek for additional production credits and additional information. Subscribe to Irongeek’s content, and provide Patreon support as well. Permalink The post Derbycon2019, Émilio Gonzalez &…
Speaking at Infosecurity ISACA North America Expo and Conference in New York, Marc Keating, senior sales engineer at Arctic Wolf Networks, outlined steps organizations can take to gauge whether or not they have suffered a data compromise. Keating said that cyber-threats are evolving quickly: “What we are up against today…
With the end of the year approaching, businesses are busy crunching the numbers for 2020. There are a lot of factors that go into building an annual budget, and small businesses are often left to juggle competing priorities for where to invest. Cybersecurity is one priority, in particular, that is…
Webscale Achieves Advanced Consulting Partner Status in the Amazon Web Services Partner Network
SUNNYVALE, Calif., Nov. 20, 2019 (GLOBE NEWSWIRE) — Webscale, the Digital Cloud Company, announced today that it is now an Advanced Consulting Partner in the Amazon Web Services (AWS) Partner Network (APN). The new designation underscores the company’s ability to rapidly migrate digital applications from static hosting environments to a…
A 21-year-old Illinois man was sentenced last week to 13 months in prison for running multiple DDoS-for-hire services that launched millions of attacks over several years. This individual’s sentencing comes more than five years after KrebsOnSecurity interviewed both the defendant and his father and urged the latter to take a…
IBM Looks to Unify Cybersecurity
IBM today announced it is leveraging containers and microservices to make a suite of security software available on any platform running on-premises or in the cloud. Justin Youngblood, vice president of product management and development for IBM Security, said Cloud Pak for Security also includes the first federated search tool…
-Recovered.jpg?resize=790%2C400&ssl=1)
Back in 2012, the US Supreme Court ruled that it’s illegal for the police to attach a GPS tracking device to someone’s car without a warrant. But what if you find a GPS tracking device on your car? Can you remove it? ARS TECHNICA This story originally appeared on Ars…
Share to facebook Share to twitter Share to linkedin This summer a series of targeted ransomware attacks ravaged schools and district offices throughout Louisiana. Now a new wave of attacks has targeted government systems in the state. Welcome to Louisiana state road sign. (Photo by: Visions of America/Education Images/Universal ……
SIM swaps, insecure web design, phishing, and channel-jacking are four ways attackers are circumventing MFA technology, according to the FBI. The growing adoption of multifactor authentication (MFA) has resulted in a proportionate rise in cyberattacks that target MFA technologies. In a recent Private Industry Notification (PIN), the Federal Bureau of…
Assessing the performance of your security team is critical to both knowing your current posture, as well as planning ahead. ‘The Ultimate 2019 Security Team Assessment Template’ is the first attempt to capture all the main KPIs of the security team main pillars, saving CIOs and CISOs the time and…
