security.didici.cc

Coviello: Modern Security Threats are 'Less About the Techniques'

3 hours ago

Today's attack surface is broader, more open, and demands a proactive approach to security, according to former RSA chairman Art Coviello.

Exploit Targets Nvidia Tegra-Based Nintendo Systems

5 hours ago

Researchers have found an exploit in Nvidia Tegra X1-based systems that they say cannot be patched.

Yahoo! fined! $35m! for! Hiding! Massive! Security! Breach!

5 hours ago

Now, who wants to take a look at the revamped Yahoo Mail? The Disaster Formerly Known as Yahoo! has been fined $35m by the US Securities and Exchange Commission for failing to tell anyone about one of the world's largest ever data breaches.…

Baseball Code

5 hours ago

Info on the coded signals used by the Colorado Rockies.

Orangeworm Mounts Espionage Campaign Against Healthcare

5 hours ago

A freshly minted attack group dubbed Orangeworm has been uncovered, deploying a custom backdoor in mostly healthcare-related environments. It’s bent on laser-focused, comprehensive corporate espionage, with a noisy attack vector that shows that it’s u ...

MyEtherWallet.com turns into Someone Else's EtherWallet amid AWS DNS network hijack

5 hours ago

BGP takeover redirects traffic from Amazon to crooks Crooks today hijacked internet connections to Amazon Web Services systems to ultimately steal $28m in alt-coins from online cryptocurrency website MyEtherWallet.com.…

Ransomware Attack Hits Ukrainian Energy Ministry, Exploiting Drupalgeddon2

6 hours ago

The Ukrainian Energy Ministry has been hit by a ransomware attack – and for once it looks like this is the work of amateurs, not nation-state attackers bent on making a geopolitical point. However, the bad actors appear to have made use of the recently ...

Deconstructing the Possibilities and Realities of Enterprise IoT Security

6 hours ago

Organizations are rushing to leverage Internet of Things solutions but struggle to design the information technology architectures that will lock down the data these devices create.

Critical infrastructure needs more 21qs6Q#S$, less [email protected], UK.gov security committee told

7 hours ago

Plus: No one will say whether Huawei, ZTE are the baddies Banks could plug their security vulnerabilities by simply improving password protections, the deputy CEO of the Prudential Regulation Authority has told the House of Lords.…

MEDantex Healthcare Transcription Firm Accidentally Exposes Medical Records

8 hours ago

Exposed data likely the result of a flawed system rebuild after a recent ransomware attack on the company.

Cybersecurity Buzz Phrase Bingo

9 hours ago

The RSA Conference expo was chock full of vendors showing off their wares with language as colorful as the blinky lights on a SOC dashboard.

'Stresspaint' Targets Facebook Credentials

10 hours ago

New malware variant goes after login credentials for popular Facebook pages.

It's Time to Take GitHub Threats Seriously

10 hours ago

There's a good chance your company has projects on the source code management system, but the casual way many developers use GitHub creates security issues.

Medic! Orangeworm malware targets hospitals worldwide

10 hours ago

Hacking campaign goes after care providers and equipment If there's one thing security vendors love it's a catchilly-named piece of malware to whip up fervor over, and boy is it a good day to be Symantec.…

Credit Karma expands its identity theft monitoring tool to include dark web data

11 hours ago

Credit Karma is best known for being the only reason anyone is ever willing to peek at their credit score, but the company has other things it wants you to be less stressed out about too. After introducing a free identity monitoring tool for its users lat ...

Golden Galleon Raids Maritime Shipping Firms

12 hours ago

A new Nigerian criminal gang is launching attacks on the maritime industry.

Computer Alarm that Triggers When Lid Is Opened

13 hours ago

"Do Not Disturb" is a Macintosh app that send an alert when the lid is opened. The idea is to detect computer tampering. Wire article: Do Not Disturb goes a step further than just the push notification. Using the Do Not Disturb iOS app, a notified user ...

This cryptocurrency mining malware also disables your security services

14 hours ago

A year on from the vulnerabilities being leaked, attackers are still using leaked NSA tools to power new attacks - this time with the newly uncovered PyRoMine.

Facebook reveals 25 pages of takedown rules for hate speech and more

15 hours ago

Facebook has never before made public the guidelines its moderators use to decide whether to remove violence, spam, harassment, self-harm, terrorism, intellectual property theft, and hate speech from social network until now. The company hoped to avoid m ...

Massive cyber attack targets mid-Atlantic nation 'Berylia'

18 hours ago

NATO exercise offers the chance to test full chain of cyber-defence command NATO and assorted partners have unleashed a massive cyber-attack on the fictional country of Berylia to test their ability to defend critical infrastructure against outside attack ...

​GoGet 'hacker' case stalled awaiting information from Amazon

23 hours ago

Sydney Local Court has heard that Nik Cubrilovic intends to plead not guilty to all charges relating to the alleged access of GoGet's systems.

Orangeworm menaces healthcare computers

1 day ago

Plants Kwampirs backdoors.

Unstoppable exploit in Nintendo Switch opens door to homebrew and piracy

1 day ago

The Nintendo Switch may soon be a haven for hackers, but not the kind that want your data — the kind that want to run SNES emulators and Linux on their handheld gaming consoles. A flaw in an Nvidia chip used by the Switch, detailed today, lets power u ...

Muhstik Botnet Exploits Highly Critical Drupal Bug

1 day ago

A botnet has exploited a highly critical Drupal CMS vulnerability, which was previously disclosed by Drupal in March.

Nintendo Switch users about to get pwned after unpatchable flaw found in NVIDIA Tegra chips

1 day ago

Researcher reveals demo attack code, full release in June Security researcher Kate Temkin has released proof-of-concept code to launch an exploit chain called Fusée Gelée, which relies on an as-yet-undisclosed vulnerability in past versions of Nvidia's ...

Unpatchable flaw found in Nvidia Tegra chipsets. Perfect for hacking Nintendo Switches, BTW

1 day ago

Researcher reveals demo USB attack code, full release in June Security researcher Kate Temkin has released proof-of-concept code to launch an exploit chain called Fusée Gelée, which relies on an as-yet-undisclosed firmware vulnerability baked into past ...

Threat Intel: Finding Balance in an Overcrowded Market

1 day ago

Industry insiders discuss how threat intelligence has changed and what may happen as the market becomes increasingly saturated.

Australia joins NATO Cyber Defence Centre

1 day ago

Will observe cyber defence exercise.

Threat Actors Turn to Blockchain Infrastructure to Host & Hide Malicious Activity

1 day ago

.bit domains are increasingly being used to hide payloads, stolen data, and command and control servers, FireEye says.

Russia is Banning Telegram

1 day ago

Russia has banned the secure messaging app Telegram. It's making an absolute mess of the ban -- blocking 16 million IP addresses, many belonging to the Amazon and Google clouds -- and it's not even clear that it's working. But, more importantly, I'm not ...

Atlanta spent at least $2.6 million on ransomware recovery

1 day ago

The ransom was never paid, because the payment portal was pulled offline by the attacker.

Mysterious cyber worm targets medical systems, is found on X-ray machines and MRI scanners

1 day ago

Orangeworm hacking group carefully selects victims in highly targeted attacks.

Digital Identity Makes Headway Around the World

1 day ago

The US is lagging behind the digital ID leaders.

IDS & IPS: Two Essential Security Measures

1 day ago

To protect business networks, one line of security isn't enough.

Internet Explorer zero-day alert: Attackers hitting unpatched bug in Microsoft browser

1 day ago

Microsoft is being urged to rush out a patch for a bug in Internet Explorer that's being used in attacks.

Yet Another Biometric: Ear Shape

1 day ago

This acoustic technology identifies individuals by their ear shapes. No information about either false positives or false negatives.

17 internet-connected things that really shouldn't be online

1 day ago

A roundup of some of the more bizarre things that are online -- but really shouldn't be.

Gmail spam mystery: Why have secure accounts started spamming themselves?

1 day ago

Spam appears in users' sent folders even from accounts that haven't been compromised.

Windows warning: Tech-support scammers are ramping up attacks, says Microsoft

1 day ago

Windows 10 security won't protect you from tech-support scammers' lies and trickery.

Single single-sign-on SNAFU threatens three Cisco products

1 day ago

Firepower, AnyConnect and ASA appliances and clients need patches Cisco has announced a suite of patches against a bug in its Security Assertion Markup Language (SAML) implementation.…

SunTrust Banks ex-employee may have stolen 1.5 million customer records

1 day ago

The former staff member is suspected of stealing customer data belonging to the financial company.

​Reported breaches not painting complete picture of Australian security landscape

1 day ago

Although 63 data breaches were reported to the Office of the Australian Information Commissioner in less than six weeks, FireEye's Mandiant has warned the figure is higher, but organisations are unsure if their breach fits the brief.

Brains behind iOS' secure microkernel start moving it to RISC-V

1 day ago

Unveil first code, joins giants in industry standard-club Last week, the Data61 division of Australia's Commonwealth Scientific and Industrial Research Organisation (CSIRO) released the first RISC-V version of its seL4 microkernel.…

Brains behind seL4 secure microkernel begin RISC-V chip port

1 day ago

Unveil first code, joins giants in industry standard-club Last week, the first RISC-V port of its seL4 microkernel was released by the Data61 division of the Australian government's Commonwealth Scientific and Industrial Research Organisation (CSIRO).…

New Survey Shows Hybrid Cloud Confidence

1 day ago

Executives are mostly confident in their hybrid cloud security, according to the results of a new survey.

Chinese web giant finds Windows zero-day, stays shtum on specifics

1 day ago

Quihoo 360 plays the responsible disclosure game Chinese company Quihoo 360 says it's found a Windows zero-day in the wild, but because it's notified Microsoft, it's not telling anyone else how it works.…

A regulation straitjacket is no less than Facebook and everyone else deserves

2 days ago

Facebook should be made an example of for failing to protect its users' information, but it won't happen.

In the NYC enterprise startup scene, security is job one

3 days ago

While most people probably would not think of New York as a hotbed for enterprise startups of any kind, it is actually quite active. When you stop to consider that the world’s biggest banks and financial services companies are located there, it would ce ...

Cloud-surfing orgs under attack, Microsoft antivirus for Chrome, Windows 10 S bypass, non-RSA gigs, and more

3 days ago

Your guide to this week in infosec Roundup  Here's a roundup of this week's security news, beyond what we've already covered.…

Cybercrime Economy Generates $1.5 Trillion a Year

4 days ago

Threat actors generate, launder, spend, and reinvest more than $1.5 trillion in illicit funds, according to a new study on cybercrime's 'web of profit.'

Oh, baby! Newborn-care site leaves user database wide open

4 days ago

Health Stream, are you out there? The guy that found your data leak wants a word A US health company apparently exposed contact information for hundreds of medical professionals.…

Trust: The Secret Ingredient to DevSecOps Success

4 days ago

Security practitioners must build trusted relationships with developers and within cross-functional DevOps teams to get themselves embedded into continuous software delivery processes.

SunTrust Ex-Employee May Have Stolen Data on 1.5 Million Bank Clients

4 days ago

Names, addresses, phone numbers, account balances, may have been exposed.

Friday Squid Blogging: Squid Prices Rise as Catch Decreases

4 days ago

In Japan: Last year's haul sank 15% to 53,000 tons, according to the JF Zengyoren national federation of fishing cooperatives. The squid catch has fallen by half in just two years. The previous low was plumbed in 2016. Lighter catches have been blamed o ...

No way, RSA! Security conference's mobile app embarrassingly insecure

4 days ago

Sorry about the hard-coded passwords, can we sell you some crypto now? RSA has copped to a security vulnerability in the mobile app it served to attendees of its annual security conference, held this week in San Francsico.…

No way, RSA! Security conference's mobile app embarrassingly insecure

4 days ago

Sorry about the hard-coded passwords, can we sell you some crypto now? RSA has copped to a security vulnerability in the mobile app it served to attendees of its annual security conference, held this week in San Francsico.…

DNC Sues Guccifer 2.0, Russian Federation, Trump Campaign, for Election Conspiracy

4 days ago

DNC first hacked by Russians in 2015, according to the filing.

DNC Sues Guccifer 2.0, Russian Federation, Trump Campaign, for Election Conspiracy

4 days ago

DNC first hacked by Russians in 2015, according to the filing.

How your company can measure its 'cyber resilience' and evaluate its posture

4 days ago

Non-profits ISACA and CMMI help companies score their cybersecurity readiness and create a gap analysis to get up to speed.

Why the US federal government has been leaning into the cloud since 2011

4 days ago

The cloud benefits of elasticity, scalability, and nimbleness were tailor-made for some of the massive and intermittent IT projects of the US government.

IBM: Fewer records are being breached, but cyber attacks are getting more costly

4 days ago

Incident response research from Big Blue offers surprising results, as hacks get more serious but defenders improve their tools and training. IBM's Wendi Whitmore explains.

British head of Crackas With Attitude gets two years for CIA hack

4 days ago

Kane Gamble gambles and loses on hacking skills The British teenager who was sufficiently talented and stupid to target the head of the CIA has been given a two-year jail sentence.…

Twitter bans Russian security firm Kaspersky Lab from buying ads

4 days ago

The U.S. government isn’t the only one feeling skittish about Kaspersky Lab. On Friday, the Russian security firm’s founder Eugene Kaspersky confronted Twitter’s apparent ban on advertising from the company, a decision it quietly issued in January. ...

Smart home suites match up devices for security and convenience

4 days ago

Are you looking for ways to make your home smarter and safer? Then check out these hand-picked smart home product suites. They're expansive, easy to use, and overall good options if you don't know where to start.

Akamai CSO Talks Cryptominers, IoT and the Reemergence of Old Threats

4 days ago

Andy Ellis, CSO Akamai, discusses how the company works with others within the cybersecurity landscape to help keep the internet safe.

Roman Unuchek on Apps Leaking Private Data

4 days ago

Threatpost's Tom Spring talked to Roman Unuchek, senior malware analyst at Kaspersky Lab, about his discoveries this week at the RSA Conference.

Planned European death ray may not need Brit boffinry brain-picking

4 days ago

Plenty of laser research already going on – but there's more than one way to melt a drone The EU is planning to build a laser cannon with double the power of Britain's under-construction Dragonfire zapper, according to reports – but the general state ...

Biometrics Are Coming & So Are Security Concerns

4 days ago

Could these advanced technologies be putting user data at risk?

Windows 10: Microsoft to boost Linux app security with Windows Defender firewall

4 days ago

Microsoft preps new Windows 10 security features to ensure system integrity during start-up and after it's running.

At RSA, SOC 'Sees' User Behaviors

4 days ago

Instruments at the RSA SOC give analysts insight into attendee behavior on an open network.

At RSAC, SOC 'Sees' User Behaviors

4 days ago

Instruments at the RSA Security Operations Center give analysts insight into attendee behavior on an open network.

HackerOne CEO Talks Bug Bounty Programs at RSA Conference

4 days ago

Can bug bounty programs be designed to protect consumer privacy and how do programs balance white hat disclosure versus companies sitting on vulnerabilities until they are fixed?

Ransomware, stolen data or malware: How do online crooks really make their money?

4 days ago

The cybercrime economy has "now become a kind of mirror image of contemporary capitalism", says paper.

Securing Elections

4 days ago

Elections serve two purposes. The first, and obvious, purpose is to accurately choose the winner. But the second is equally important: to convince the loser. To the extent that an election system is not transparently and auditably accurate, it fails in th ...

Google's Project Zero exposes unpatched Windows 10 lockdown bypass

4 days ago

Google denies multiple requests by Microsoft for an extension to Project Zero's 90-day disclose-or-fix deadline.

​Oracle critical update fixes 254 flaws - so get patching now

4 days ago

Fixes for vulnerabilities spread across 20 products and a Solaris patch that addresses the Spectre processor flaw.

ZTE lashes out at US ban, vows to protect company

4 days ago

Chinese vendor describes US export ban as unacceptable, adding that it has invested significant efforts since April 2016 in ensuring compliance with export laws and, if necessary, will seek judicial recourse to protect its interests.

Vic govt concerned with "breadth" of facial recognition laws

4 days ago

Cracks emerge in intergovernmental agreement.

​Victoria wants data misuse provisions included in face-matching system

4 days ago

The Victorian government has asked for privacy safeguards and further clarification on who can access Australia's Face Identification Service before the Bill is set in stone.

Turnbull confirms Solomon Islands subsea cable

4 days ago

Malcolm Turnbull has cited Pacific Islands cybersecurity in affirming funding for a subsea cable to be built between Australia, Solomon Islands, and Papua New Guinea.

Microsoft CISO Talks Threat Intel, 'Data Inclusion'

4 days ago

Dark Reading caught up with Microsoft's Bret Arsenault to discuss intelligence, identity, and the need to leverage more diverse datasets.

Firms Likelier to Tempt Security Pros with Big Salaries than Invest in Training

5 days ago

Booz Allen survey shows most organizations' answer to the security skills shortage may be unsustainable.

Firms More Likely to Tempt Security Pros With Big Salaries than Invest in Training

5 days ago

Booz Allen survey shows most organizations' answer to the security skills shortage may be unsustainable.

Oracle whips out the swatter, squishes 254 security bugs

5 days ago

Java fixes, Spectre Solaris patches issued Oracle has released its April security update, addressing a total of 254 security vulnerabilities across dozens of products.…

LinkedIn bug allowed data to be stolen from user profiles

5 days ago

Private profile data — like phone numbers and email addresses — could have been easily collected.

LinkedIn’s AutoFill plugin could leak user data, secret fix failed

5 days ago

Facebook isn’t the only one in the hot seat over data privacy. A flaw in LinkedIn’s AutoFill plugin that websites use to let you quickly complete forms could have allowed hackers to steal your full name, phone number, email address, location (ZIP cod ...

Centrify gives states a deal on identity management software to secure midterm elections

5 days ago

To secure U.S. election systems from the very real threat of targeted cyberattacks, states might need to reframe their security practices to look more like they would in a tightly-controlled corporate environment. To that end, Centrify, an enterprise clo ...

Free endpoint scanning service powered by Open Threat Exchange

5 days ago

Russ Spitler, AlienVault's SVP of product strategy, explains how security pros can leverage the community-powered threat intelligence of OTX - which sees more than 19 million IoCs contributed daily by a global community of 80,000 peers - to quickly protec ...

Can AI improve your endpoint detection and response?

5 days ago

To intervene with optimum efficiency, response team needs to zero in on the most potentially dangerous endpoint anomalies first. And according to Harish Agastya, VP of Enterprise Solutions at Bitdefender, machine learning-assisted EDR can help you do exa ...

Can machine learning improve your endpoint detection and response?

5 days ago

To intervene with optimum efficiency, response team needs to zero in on the most potentially dangerous endpoint anomalies first. And according to Harish Agastya, VP of Enterprise Solutions at Bitdefender, machine learning-assisted EDR can help you do exa ...

Successfully Using Deception Against APTs

5 days ago

According to Illusive CEO Ofer Israeli, deception technology can provide a vital layer of protection from advanced persistent threats (APTs) by presenting attackers with seemingly genuine servers that both divert them from high-value digital assets and ma ...

Yahoo! Hacker! Faces! Nearly! Eight! Years! In! Prison!

5 days ago

Prosecutors ask judge to give Baratov 94 months for stealing accounts on behalf of FSB The Canadian hacker who helped Russian agents by breaking into more than 11,000 Yahoo email accounts could spend the next eight years behind bars, if prosecutors in the ...

Yahoo! webmail! hacker! faces! nearly! eight! years! in! the! cooler!

5 days ago

Prosecutors ask judge to give Baratov 94 months for stealing accounts on behalf of FSB The Canadian hacker who helped Russian agents by breaking into more than 11,000 Yahoo email accounts could spend the next eight years behind bars, if American prosecuto ...

Securing Social Media: National Safety, Privacy Concerns

5 days ago

It's a critical time for social media platforms and the government agencies and private businesses and individuals using them.

Protecting Data Anywhere and Everywhere

5 days ago

SecurityFirst CEO Jim Varner explains how resellers and MSPs can work with their clients to ensure that all of their business-critical data everywhere can be kept safe from attackers and readily available for disaster recovery - even as threats intensify ...

Addressing the Skills Shortfall on Your Infosec Team

5 days ago

Given intensifying threats and limited infosec budgets, Endgame CTO Jamie Butler suggests that security leaders deploy tools that leverage machine learning, chatbots, and other technologies to make Tier 1/Tier 2 staff much more effective at stopping even ...

IoT Security Concerns Peaking – With No End In Sight

5 days ago

Despite numerous talks about IoT vulnerabilities at RSAC this week, a clear resolution on a fixes is nowhere in sight.

Using Carrier Intelligence to Validate Mobile User Identity

5 days ago

To confidently validate the identity of mobile users without adding business-killing friction to login and on-boarding processes, Lea Tarnowski and Wendell Brown of Averon suggest leveraging the intelligence mobile carriers already have about their custom ...

Eight months after Equifax megahack, some Brits are only just being notified

5 days ago

I'm fsck-ed off it took this long, rages affected Reg reader Some of the 15 million Britons affected by the Equifax mega-hack are only now receiving letters notifying them that they were affected by the breach, eight months after the event.…

Cloud Credentials: New Attack Surface for Old Problem

5 days ago

Researchers show why keeping a handle on user credentials is just as hard in the cloud as it is on local networks.

This malware targets Facebook log-in details, infects over 45,000 in just days

5 days ago

StressPaint malware is "developed professionally" and could be be harvesting accounts for anything from credential selling and identity theft, to malvertising and propaganda campaigns, warn researchers.

First Public Demo of Data Breach via IoT Hack Comes to RSAC

5 days ago

At RSA Conference, Senrio researchers will show how relatively unskilled attackers can steal personally identifiable information without coming into contact with endpoint security tools.

48 million personal profiles left exposed by data firm LocalBlox

5 days ago

Poorly configured S3 buckets strike again US social network data aggregator LocalBlox has been caught leaving its AWS bucket of 48 million records – harvested in part from Facebook, LinkedIn and Twitter – available to be viewed by anyone who stopped b ...

This ransomware was rewritten to mine cryptocurrency - and destroy your files

5 days ago

Some criminals are shifting from ransomware to cryptocurrency miners - those behind XiaoBa have rejigged the code to shift the same malware towards a different focus.

Chris Vickery Discusses Data Leak of 48 Million Users by Private Intelligence Firm

5 days ago

Private intelligence gathering firm LocalBlox leaked data on 48 million users that was scraped from Facebook, LinkedIn, Zillow and other sites.

Use of ‘StegWare’ Increases in Stealth Malware Attacks

5 days ago

Researchers are warning malware payloads can bypass traditional AV protection when delivered buried inside images, documents or even just a pixel.

Google cuts fake ad blockers from Chrome Store: Were you among 20 million fooled?

5 days ago

Bogus ad-blocker extensions in the Chrome Web Store trick millions of people into installing them.

Researchers Discover Second rTorrent Vulnerability Campaign

5 days ago

This time attackers appears to have spoofed the Recording Industry Association of America (RIAA) and New York University (NYU) user-agents.

Gold Galleon hackers target maritime shipping industry

5 days ago

Researchers say a Nigerian hacking group is gleefully plundering maritime shipping businesses and their customers.

Uber denies its CTO met with Cambridge Analytica

5 days ago

Uber has denied that its sitting CTO, Thuan Pham, met with Cambridge Analytica — the controversial political consultancy at the center of a Facebook user data misuse scandal. But it has not been able to confirm that no meetings between anyone else on i ...

Lifting a Fingerprint from a Photo

5 days ago

Police in the UK were able to read a fingerprint from a photo of a hand: Staff from the unit's specialist imaging team were able to enhance a picture of a hand holding a number of tablets, which was taken from a mobile phone, before fingerprint experts w ...

This malware will take screenshots, steal your passwords and files - and drain your cryptocurrency wallet

5 days ago

'SquirtDanger' is distributed to users to deploy as they see fit - and attacks have been carried out around the world.

Cutting custody snaps too costly for cash-strapped cops – UK.gov

5 days ago

Home Office admits national and local databases don't talk to each other, so everything is manual The UK government has admitted it can only delete custody images from its massive database through a complex manual process, and that it would cost too much ...

Facebook moving 1.5 billion users away from GDPR protection

5 days ago

Facebook is making changes that will prevent non-European users previously under European laws from being protected by the General Data Protection Regulation.

Should CISOs Be Hackers?

5 days ago

Justin Calmus, Chief Security Officer at OneLogin, believes that cybersecurity professionals - including CISOs and other security team leaders - can be much more effective at their jobs if they stay actively engaged with hacking communities that keep them ...

PCI Council releases vastly expanded cards-in-clouds guidance

5 days ago

First word on how card security for containers, VDI, SDN and web apps The Payment Card Industry Security Standards Council (PCI SSC) has issued a big update to its guidance on using payment cards with cloud computing services.…

Cyber fraudsters now stealing millions in single transactions

5 days ago

More businesses are being tricked into sending millions of dollars to cybercriminals, but the criminals often betray themselves through lax operational security.

DHS Helps Shop Android IPS Prototype

5 days ago

A MITRE-developed intrusion prevention system technology got showcased here this week at the RSA Conference.

Facebook's login-to-other-sites service lets scum slurp your stuff

5 days ago

Your security's only as good as your partners'. And some Facebook partners are rotten A security researcher has claimed it's possible to extract user information from Facebook's Login service, the tool that lets you sign into third-party sites with a Face ...

70% of Energy Firms Worry About Physical Damage from Cyberattacks

5 days ago

High-profile ICS attacks Triton/Trisis, Industroyer/CrashOverride
, and Stuxnet have driven energy firms to invest more in cybersecurity, survey shows.

Flash! Ah-ahhh! WebEx pwned for all of us!

6 days ago

Cisco issues critical patch to stop in-meeting attacks Cisco has patched a serious vulnerability in its WebEx software that lets an attacker remotely execute code on target machines via poisoned Flash files.…