Latest Cybersecurity Articles

Terracotta VPN hijacks servers for commercial gain

Terracotta VPN hijacks servers for commercial gain

Aug 4, 2015

The Terracotta commercial VPN, marketed in China under a number of different brand names, uses hacked servers to power its network and the network has…

T-Mobile caught in crossfire of war over injected ads

T-Mobile caught in crossfire of war over injected ads

Aug 3, 2015

UPDATE: Flash Networks comments have been added to the original story.LAS VEGAS – An ongoing conflict between website owners and ad injectors who place unwanted ads…

T-Mobile caught in crossfire of injected ad war with Flash Networks

T-Mobile caught in crossfire of injected ad war with Flash Networks

Aug 3, 2015

LAS VEGAS – An ongoing conflict between website owners and ad injectors who place unwanted ads on those websites has just flared up into full-blown war,…

Neiman Marcus case a reminder to check your cyber coverage

Neiman Marcus case a reminder to check your cyber coverage

Jul 31, 2015

In a decision that should send major corporations to double-check their cyberinsurance, a federal appeals court ruled Monday that retail customers could go ahead and…

Banks balance security and workflow when encrypting in the cloud

Banks balance security and workflow when encrypting in the cloud

Jul 31, 2015

When financial institutions store data in the cloud, they use different kinds of encryption depending on security and workflow requirements, according to a new report…

Accuvant researchers to release open source RFID access tool

Accuvant researchers to release open source RFID access tool

Jul 28, 2015

Security researchers have long known about the vulnerabilities of the RFID readers that many buildings use instead of door locks, but facilities managers have been…

Google Drive phishing is back — with obfuscation

Google Drive phishing is back — with obfuscation

Jul 28, 2015

If you have a Google account and a stranger sends you a link to a document on Google Drive, think twice before clicking — it…

Stagefright vulnerability allows criminals to send malware by text

Stagefright vulnerability allows criminals to send malware by text

Jul 27, 2015

Vulnerabilities in Android’s “Stagefright” code allows criminals to send malware to any user via text message — and the user gets infected without even having…

HP: 100% of smartwatches have security flaws

HP: 100% of smartwatches have security flaws

Jul 27, 2015

In a recent security assessment of ten smartwatches and their iOS and Android companion applications, every single watch had at least one significant security flaw,…

InfoSec pros spend most time, money on self-inflicted problems

InfoSec pros spend most time, money on self-inflicted problems

Jul 21, 2015

According to a new survey of Black Hat attendees released last week, InfoSec professionals are spending the biggest amount of their time and budgets on…

How to surf the Dark Web for fun and profit

How to surf the Dark Web for fun and profit

Jul 20, 2015

Life is tough if you’re a criminal.Sure, one big score can set you up for life. If you’re smart and disciplined, you can retire early.…

Data explosion offers challenges, opportunities to security pros

Data explosion offers challenges, opportunities to security pros

Jul 17, 2015

230 million patients. 3,300 hospitals. 900,000 healthcare professionals. 98 percent of U.S. pharmacies. More than 700 different electronic health record platforms. 764 million medication histories.…

Regulators seek to limit security software exports

Regulators seek to limit security software exports

Jul 16, 2015

The comment period on a proposed set of software export restrictions ends next Monday, and the rules, as written, would severely restrict international sales, deployment,…

Electronic Frontier Foundation celebrates 25 years of defending online privacy

Electronic Frontier Foundation celebrates 25 years of defending online privacy

Jul 16, 2015

The Electronic Frontier Foundation is the digital world’s top watchdog when it comes to privacy and free expression. But while cops and firefighters are often…

Report: Malvertisers now using SSL redirects

Report: Malvertisers now using SSL redirects

Jul 15, 2015

Advertising networks have gotten better at spotting malicious downloads embedded into advertisements, so criminals began using redirects, even chains of a dozen redirects or more,…

‘Butterfly’ group goes after corporate IP

‘Butterfly’ group goes after corporate IP

Jul 14, 2015

Symantec has identified a group of cybercriminals, whom they’ve named “Butterfly,” as targeting corporate intellectual property for financial gains, with Twitter, Facebook, Apple and Microsoft…

Malvertising reaches record levels in June

Malvertising reaches record levels in June

Jul 14, 2015

Malvertising campaigns have reached more users than ever before, reported security firm Invincea yesterday, with many brand-name websites affected — including CBS Sports, Yahoo and…

Top global security experts defend encryption

Top global security experts defend encryption

Jul 10, 2015

As government officials continue to plea the case against strong encryption, a group of high-profile international security experts have published a paper arguing that allowing…

Despite warnings, majority of firms still run some Windows Server 2003

Despite warnings, majority of firms still run some Windows Server 2003

Jul 9, 2015

Enterprises are still heavily dependent on Windows Server 2003 even though there were plenty of warnings that support is coming to an end on July…

IEEE group recommends random MAC addresses for Wi-Fi security

IEEE group recommends random MAC addresses for Wi-Fi security

Jul 8, 2015

According to new recommendations by an IEEE study group, the Wi-Fi protocol needs to be updated to use randomly generated addresses for better security and…

Scammers bypass Google filters with PDF cloaking

Scammers bypass Google filters with PDF cloaking

Jul 7, 2015

Scammers have long used cloaking as a technique to drive up search engine rankings, stuffing webpages full of keywords and links that make them attractive…

Report: Every company is compromised, but most infections not yet at critical stage

Report: Every company is compromised, but most infections not yet at critical stage

Jul 1, 2015

In a recent analysis of a quarter million endpoint devices in 40 enterprises, every single corporate network showed evidence of a targeted intrusion but most…

Agencies need to pay more attention to supply chain security

Agencies need to pay more attention to supply chain security

Jun 30, 2015

Government agencies seeking the lowest bidders typically overlook cybersecurity when awarding contracts, and data breaches are the result, says a security rating expert.According to a…

Who’s winning the mobile payments war?

Who’s winning the mobile payments war?

Jun 29, 2015

Mobile payments – using your phone instead of a credit card to make purchases at retail locations – has not taken off. Yet.To read this…

Escalating Defenses

Escalating Defenses

May 15, 2015

New Jersey’s Provident Bank expands staff training and email encryption to enhance information security After the epidemic of high-profile nonbank data breaches last year, New…

Card Crush: Credit card criminals try to exploit a rushed Apple Pay rollout

Card Crush: Credit card criminals try to exploit a rushed Apple Pay rollout

Apr 28, 2015

Apple Inc.’s rollout of its Apple Pay mobile payments app has been fraught with expensive card payment fraud, according to news reports. The much-vaunted iPhone…

Malware For Lease

Malware For Lease

Apr 15, 2015

A new botnet is helping cybercriminals phish for community bank customers Computer hackers typically cast their phishing nets expecting to hook megabank customers. After all,…

Lessons from the Sony Breach

Lessons from the Sony Breach

Mar 16, 2015

By now you know that hackers calling themselves “Guardians of Peace” went through Sony Pictures Entertainment like a hot knife through butter. They collected everything–high-quality…

Bolted Down Tight

Bolted Down Tight

Jan 15, 2015

Five steps for sustaining rigorous network security against constant cyberattacks Hackers are using sophisticated, automated tools to cast a wider net than ever before. Even…

New Cyberattacks Aim for ATM Management Systems

New Cyberattacks Aim for ATM Management Systems

Nov 14, 2014

It’s called ATM cash-out fraud, and it’s a new data security threat where physical attacks and cyberattacks converge. Earlier this year, federal regulators warned financial…