There’s a new botnet malware on the loose, called Corebot, that researchers believe has the potential to develop into a significant threat.The malware was first spotted by IBM Security X-Force, and Damballa followed up with a deep dive into how the …
Corebot cleverly written botnet malware with growth potential Read More »
The top 10 travel apps in the iOS and Android app stores are all riddled with security flaws, according to a new report from Bluebox Security.The biggest problems include a lack of encryption for app data, insufficient protection against main-in-the…
Travel apps riddled with security flaws Read More »
Consumer devices are the most vulnerable point for bank cyberattacks By Maria Korolov Cybercriminals who attack banks are more likely to focus on their online customers, according to the latest Verizon Data Breach Investigations Report. End-user devices were involved in 82 percent of all financial incidents, compared with about half for all industries on average.
Roundabout Targeting Read More »
To avoid detection, some hackers are ditching malware and living “off the land” — using whatever tools are already available in the compromised systems, according to a new report from Dell SecureWorks.
In fact, this has been the case for nearly all the intrusions analyzed by the Dell SecureWorks’ Incident Response Team last year.
The cyber criminals typically start out with compromised credentials, said Phil Burdette, senior security researcher at Atlanta-based Dell SecureWorks, Inc.
“For example, they might use phishing attacks,” he said. “They’ll send an email purporting to be from the IT staff, asking users to log in and test their credentials because the IT staff has just created a new email server. Once a user logs in, those same credentials would then be used to access the company’s virtual private network solutions.”
To read this article in full or to leave a comment, please click here
Attackers go on malware-free diet Read More »
In a cybersecurity survey of 485 large colleges and universities, the Massachusetts Institute of Technology came in at the bottom of the list.In a report released today, SecurityScorecard analyzed the educational institutions based on web applicatio…
MIT scores worst in cybersecurity Read More »
This fall, the Senate is expected to take another look at the Cybersecurity Information Sharing Act, or CISA, but many security experts and privacy advocates are opposed.Cybersecurity has been in the news a lot this summer, and not just with several…
Security experts mostly critical of proposed threat intelligence sharing bill Read More »
The number of individual records compromised by data breaches has declined by 41 percent during the first half of this year, compared to the same period last year, even as the number of breaches went up, according to a new report by Gemalto.”Identit…
Report: breached records count down this year Read More »
This October, US merchants and payment providers are scheduled to switch to new, more secure, chip-based payments. But financial transactions aren’t going to become safer overnight, since the majority of merchants are still not ready for the switch,…
EMV transition will still leave security gaps Read More »
The Ashley Madison breach has been a Christmas-in-August present for spammers and scammers of all kinds, and your company could be the next target.Here are some scams to watch out for.PhishingThere is a significant amount of spam related to the Ashl…
Ashley Madison still a top lure for scammers and crooks Read More »
The US Court of Appeals has ruled that the FTC mandate to protect consumers against fraudulent, deceptive and unfair business practices extends to oversight of corporate cybersecurity efforts — and lapses. But security experts are split about wheth…
Court: FTC can take action on corporate data breaches Read More »
In the past two years, 81 percent of hospitals and health insurance companies have had a data breach, according to a report released by KPMG.”These are all incidents where they have determined they lost data,” said Greg Bell, Cyber US Leader at KPMG…
Study: 81% of large health care organizations breached Read More »
Enterprises tend to be highly focused on keeping attackers out of their systems, but most of the actual damage happens not when the bad guys first break in, but when they’re able to successfully steal data — and the techniques they’re using to do t…
Intel: Criminals getting better at data exfiltration Read More »
Wouldn’t it be convenient if all the spam and malware sites were all grouped together under one top-level domain — .evil, say — so that they would be easy to avoid? According to a new study from Blue Coat, there are in fact ten such top-level doma…
The Web’s ten most dangerous neighborhoods Read More »
The real cause of the talent shortage in the information security field isn’t a lack of new people entering the profession, but retention and churn at the highest levels, according to a new report by IDC.”It’s a fairly common theme to suggest that w…
CSO burnout biggest factor in infosec talent shortage Read More »
Amazon will stop accepting Flash ads on its advertising network on Tuesday, and it will help make the entire Web more secure, security experts say.According to Amazon, the move was prompted by a recent update from Google Chrome that limited how Flas…
Amazon dumps Flash, and the Web is better off Read More »
