What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-09-13 09:15:00 | IDG Contributor Network: Can you hack me now? (lien direct) | “Can you hear me now?”With well over 200,000 cell towers up and running in the United States (and counting), the question posed by Verizon in a wildly successful 2011 ad campaign, has been answered in the affirmative for the overwhelming majority of the country. But in the wake of a new, super connected wireless world, some other questions have emerged:How secure is all that wireless coverage?What types of attack loopholes, if any, exist?Are the wireless carriers favoring supreme accessibility too greatly over commonsense security, which is essentially the same oversight made by the Internet's founding fathers many years ago? That oversight unknowingly paved the way for the current state of today's networking world, which is wrought with data breaches, device corruption, and system downtime… Let's not make that same mistake again. | Hack | ||
|
2018-09-13 03:00:00 | Wanted: Data breach risk ratings, because not all breaches are equal (lien direct) | I recently downloaded every known, recorded data breach by the Privacy Rights Clearinghouse, which has been the most thorough and stalwart public recorder of data breaches in the United States for over two decades. The data file contained just over 8,600 data breaches. I found a few dupes and some missing or erroneous information, but overall, it's the best public, non-profit, and free source you're going to find. | Data Breach | ||
|
2018-09-12 07:31:00 | Hackers clone Tesla Model S key fob in 2 seconds to steal car (lien direct) | Feeling reckless and looking for something new to do with your Raspberry Pi? Using a Raspberry Pi 3 Model B+, Proxmark3, Yard Stick One, and a USB battery pack, Belgium researchers needed less than two seconds to clone the key fob of a Tesla Model S. The reckless part comes into play if you were to actually steal the Tesla, but if you turn to a life of crime then the researchers believe McLaren, Karma and Triumph are vulnerable to the attack as well since, like Tesla, the keyless entry solutions for those vehicles are designed by Pektron. In case it's not clear that stealing a Model S was a joke, then don't try it cause Tesla would be able to track down the vehicle even if you disabled GPS. | Tesla | ||
|
2018-09-11 07:32:00 | (Déjà vu) British Airways hack was by same group that compromised Ticketmaster (lien direct) | The British Airways hack boiled down to attackers using 22 lines of code for digital payment card skimming on the baggage claim page and resulted in 380,000 customers having their personal and payment information stolen between Aug. 21 and Sept. 5, 2018.RiskIQ head researcher Yonathan Klijnsma attributed the hack to the cybercriminal group dubbed Magecart – the same group of attackers responsible for the Ticketmaster UK breach.While apologizing for the customer data theft, British Airways' boss Alex Cruz told the BBC that hackers pulled off a “sophisticated, malicious criminal attack.” Despite technical details being all but nonexistent in British Airways' breach notification, experts say attackers used a “simple but highly targeted approach.” | Hack | ||
|
2018-09-11 07:32:00 | (Déjà vu) British Airways hack used digital skimmers by group that compromised Ticketmaster (lien direct) | The British Airways hack boiled down to attackers using 22 lines of code for digital payment card skimming on the baggage claim page and resulted in 380,000 customers having their personal and payment information stolen between August 21 and September 5.RiskIQ head researcher Yonathan Klijnsma attributed the hack to the cybercriminal group dubbed Magecart – the same group of attackers responsible for the Ticketmaster UK breach.While apologizing for the customer data theft, British Airways' boss Alex Cruz told the BBC that hackers pulled off a “sophisticated, malicious criminal attack.” Despite technical details being all but nonexistent in British Airways' breach notification, experts say attackers used a “simple but highly targeted approach.” | Hack | ||
|
2018-09-11 07:00:00 | BrandPost: Cybersecurity Skills Report: Today\'s CISO is Shifting Toward Strategic Business Enablement (lien direct) | Businesses and government agencies of all sizes are experiencing cyber attacks that are growing in both frequency and complexity. Cybercriminals, nation-states, and a host of other bad actors are developing new tactics, tools, and procedures to circumvent modern cybersecurity solutions. We are increasingly seeing targeted attacks employing customized malware and the ready availability of dark web market tools and services covering every aspect of the cyber kill chain. In fact, a recent Fortinet Global Threat Landscape Report shows that virtually no firm is immune, with 96% of firms experiencing at least one severe exploit. | Malware Threat | ||
|
2018-09-10 09:00:00 | IDG Contributor Network: Threat detection: it\'s about \'time\' (lien direct) | Incident responders have no shortage of products that help to identify threats. From the earliest virus scanners and IDS products to modern solutions that utilize machine learning to analyze behavior, the goal has always been simple yet unattainable: to keep adversaries from accessing private resources and doing damage to the organization. While there is no specific right or wrong way of trying to achieve this, there is an unspoken principal that is critical to this process is “time.” Time factors into each step of the incident response process, from time to detection through time to containment. | Threat | ||
|
2018-09-10 03:00:00 | What is the cost of a data breach? (lien direct) | Data breaches are getting more expensive Image by Getty ImagesThe average cost of a data breach has risen to $3.86 million, according to a new report from IBM. The latest version of its annual report shows a 6.6 percent increase in costs; including direct losses, indirect costs related to time and effort in dealing with a breach, and lost opportunities such as customer churn as result of bad publicity. |
Data Breach | ||
|
2018-09-06 11:50:00 | IDG Contributor Network: Why data loss prevention is a throwback technology (lien direct) | Black Hat 2018 may be behind us, but the trends, conversations and news coming out of the show are still top of mind. The conference was buzzing with cutting-edge topics, from election hacking to “whack-a-mole” security (as dubbed by Parisa Tabriz, director of engineering at Google).For me, Black Hat is a time to connect with customers, prospects, partners, colleagues and friends to discuss the latest in insider threat management. Typically, during conference season, I come away with a few key takeaways (and free swag) that inform decisions I make for the strategy and management of the organization I run. This year proved to be no different.Self-driving cars, election hacking and more Black Hat is one of the top conferences for security professionals to learn about the latest technologies and vulnerabilities to be aware of in the coming year. From the surprising safety of self-driving cars, to new ways to hack into what many thought were secure systems, Black Hat is the spot for the latest innovations, hacking methods and more. | Hack Threat | ||
|
2018-09-06 03:00:00 | Why security pros are addicted to FUD and what you can do about it (lien direct) | After more than 30 years in the security industry, I must confess, I am (sadly) still addicted to FUD. For example, one recent morning I clicked (and tweeted) these cyber headline stories: Augusta University Health Reports Major Data Breach Superdrug denies data breach Health Data Breach Victim Tally for 2018 Soars Judge approves Anthem's $115M data breach settlement Indeed, big data breach stories and other major security incidents that keep offering large doses of fear, uncertainty and doubt (FUD) to the world, just keep drawing me back. | Data Breach | ||
|
2018-09-06 02:30:00 | EDR is dead! Long live XDR! (lien direct) | Endpoint detection and response (EDR) has been an important technology for security professionals as they attempt to find suspicious activity, or at least traces of it, on endpoints and hosts. Cybersecurity itself is as old as computers, but the EDR segment is still in its infancy with the first solutions dating back only about five years or so.The technology works by monitoring the endpoint and then storing the data in a centralized repository where analysis can be done to detect a threat. Typically, EDR solutions require a software agent to be installed on the host system to provide the data used in monitoring and reporting.EDR has been critical for advanced protection, as more threats are being directed at the user. In fact, one of the industry's leading penetration testers recently told me that he can normally breach an organization within an hour by attacking the user and compromising the endpoint. Also, Windows is still the most widely used operating system in the business world, and many of its internal features are used by threat actors to breach that computer and others. | Threat Guideline | ||
|
2018-09-04 08:04:00 | (Déjà vu) 7,500 MikroTik routers compromised, traffic forwarded to attackers (lien direct) | If you have a MikroTik router, make sure it is running the latest firmware, as security researchers discovered thousands of compromised MikroTik routers are sending traffic to nine attacker-controlled IPs.Via a honeypot since July, researchers from the China-based Netlab 360 noticed malware exploiting MikroTik routers. Attackers are exploiting the MikroTik CVE-2018-14847 flaw that was patched in April.The critical vulnerability, involving Winbox for MikroTik, “allows remote attackers to bypass authentication and read arbitrary files.” Proof-of-concept exploits have been around for several months. That same vulnerability, the researchers pointed out, was exploited by the CIA's hacking tool Chimay Red, according to WikiLeaks Vault7. | Malware Tool | ||
|
2018-09-04 08:04:00 | (Déjà vu) 7,500 MikroTik routers being eavesdropped, traffic forwarded to attackers (lien direct) | If you have a MikroTik router, then take the time to make sure it is running the latest firmware since security researchers discovered thousands of compromised MikroTik routers are sending traffic to nine attacker-controlled IPs.Via a honeypot since July, researchers from the China-based Netlab 360 noticed malware exploiting MikroTik routers. Attackers are exploiting the MikroTik CVE-2018-14847 flaw which was patched in April. | Malware | ||
|
2018-09-04 07:00:00 | BrandPost: Unidentified Devices Leave Networks Vulnerable (lien direct) | As organizations embrace digital transformation to improve operational efficiency, IoT devices-including industrial and medical IoT-are being deployed at an unprecedented rate. This rapid adoption of IoT is one of the primary reasons why networks are in constant flux. New devices, whether physical or virtual, are continually connecting and disconnecting from the network, and often then reconnecting somewhere else. And to do their job, they need immediate access to applications and networked resources.Internet of Things endpoints are growing at an unprecedented rate, reaching an installed base of several dozen billion units in just a few years. While most people imagine digital cameras, printers, and smart appliances when they think of IoT, it also includes medical IoT (MIoT) devices, such as infusion pumps and heart monitors, and industrial IoT (IIoT), including valve controllers, temperature and pressure monitors, and manufacturing devices. This trend hasn't gone unnoticed by the cybercriminal community. While there continue to be high-profile attacks targeting traditional IoT devices, MIoT and IIoT devices are also increasingly being targeted, such as the recent Triton and VPNFilter malware attacks. | Malware | VPNFilter | |
|
2018-09-03 02:59:00 | 10 topics every security training program should cover (lien direct) | The weakest link Image by Getty ImagesEvery IT security professional is well aware that a thorough end-user education program is a necessary weapon in the battle to protect your perimeter. A good education program trains your vulnerable humans to understand how to help defend your system from attack. Education helps people develop healthy habits, hones their defense against social engineering, and makes them an ally in the fight – rather than a chink in your defenses. |
|||
|
2018-09-02 09:00:00 | (Déjà vu) Bitfi removes unhackable claim from crypto wallet (lien direct) | I'm so surprised the unhackable Bitfi wallet was hacked - said no one ever. While this was not even the first time the $120 hardware wallet was hacked, it was enough for Bitfi to strike the “unhackable” claim from its website.Bitfi wallet backer and big mouthpiece John McAfee, however, still claims the cryptocurrency wallet is unhackable and went so far as to offer $20 million to one particular hacker if he can hack McAfee's wallet. BitFi offered $100,000 to anyone who could take the coins from its factory wallet. Hackers complained it was too little, and why should they have to buy the wallet. It increased to $250,000. No takers. I'm now offering $20 mil to one fraudulent hacker - @cybergibbons He refused. | Hack | ||
|
2018-09-02 09:00:00 | (Déjà vu) Bitfi removed unhackable claim yet McAfee offers hacker $20 million for wallet hack (lien direct) | I'm so surprised the unhackable Bitfi wallet was hacked…said no one ever; while it was not even the first time the $120 hardware wallet was hacked, it was enough for Bitfi to strike the “unhackable” claim from its website. Bitfi wallet backer and big mouthpiece John McAfee, however, still claims the cryptocurrency wallet is unhackable and went so far as to offer $20 million to one hacker if he could hack McAfee's wallet. BitFi offered $100,000 to anyone who could take the coins from its factory wallet. Hackers complained it was too little, and why should they have to buy the wallet. It increased to $250,000. No takers. I'm now offering $20 mil to one fraudulent hacker - @cybergibbons He refused. | Hack | ||
|
2018-08-30 11:50:00 | The 6 best password managers (lien direct) | One of the smartest moves you can make to protect yourself online is to use a password manager. It's one of the easiest, too. We'll help you find the best password manager for you. [ Learn how to identify, block and remove malware from Windows PCs. | Get the latest from CSO by signing up for our newsletters. ] A properly designed password manager is an excellent first step in securing your online identity. It generates a unique strong password for every account and application, without requiring you to memorize or write down these random strings of characters. These strong passwords help shield against traditional password attacks such as dictionary, rainbow tables or brute-force attacks. | Malware | ||
|
2018-08-29 09:00:00 | BrandPost: The Evolving Threat Landscape - Swarmbots, Hivenets, Automation in Malware (lien direct) | Over the past several months, the FortiGuard Labs team has been tracking a number of evolving trends related to the FortiGuard 2018 Threat Landscape Predictions article published just before the beginning of the year. This mid-year update provides new details concerning recent advances in some of the techniques and malware tied to those predictions. In particular, the accelerated development of several precursors of Swarmbots and Hivenets are especially worth revisiting. Others include the increased targeting of critical infrastructure, the development of automation in malware exploits, and the use of blockchain technology to anonymize the command and control of botnets. | Malware Threat | ||
|
2018-08-29 07:45:00 | (Déjà vu) Cryptojacking attacks spiked in first half of 2018 (lien direct) | Cryptojacking attacks have skyrocketed, locking in cryptojacking attempts as having the biggest security impact in the first half of 2018. So far this year, there has been a 141 percent increase in cryptocurrency mining detections compared to the previous half year and 47 new cryptocurrency miner malware families detected.The good news, according to Trend Micro's 2018 midyear security roundup report (pdf), is that cyberthugs are relying less on ransomware since ransomware attacks are up only 3 percent from the second half of 2017. | Ransomware Malware | ||
|
2018-08-29 07:45:00 | (Déjà vu) Cryptojacking attacks spiked in first half of 2018, report (lien direct) | Cryptojacking attacks have skyrocketed, locking in cryptojacking attempts as having the biggest security impact in the first half of 2018. So far this year, there has been a 141 percent increase in cryptocurrency mining detections compared to the previous half year and 47 new cryptocurrency miner malware families detected.The good news, according to Trend Micro's 2018 midyear security roundup report (pdf), is that cyberthugs are relying less on ransomware since ransomware attacks are up only 3 percent from the second half of 2017. | Ransomware Malware | ★★★★★ | |
|
2018-08-29 05:17:00 | What is cryptojacking? How to prevent, detect, and recover from it (lien direct) | Cryptojacking is the unauthorized use of someone else's computer to mine cryptocurrency. Hackers do this by either getting the victim to click on a malicious link in an email that loads crypto mining code on the computer, or by infecting a website or online ad with JavaScript code that auto-executes once loaded in the victim's browser. [ How much does a cyber attack really cost? Take a look at the numbers. | Get the latest from CSO by signing up for our newsletters. ] | |||
|
2018-08-27 03:00:00 | What are next generation firewalls? How the cloud and complexity affect them (lien direct) | Traditional firewalls track the domains that traffic is coming from and the ports it's going to. Nextgen firewalls go beyond that -- they also monitor the content of the messages for malware and data exfiltration and can react in real time to stop threats. The newest iterations do even more, adding behavioral analytics, application security, zero-day malware detection, support for cloud and hybrid environments, and even endpoint protection. [ Find out how 4 deception tools deliver truer network security. | Get the latest from CSO by signing up for our newsletters. ] | Malware | ★★★ | |
|
2018-08-24 04:45:00 | IDG Contributor Network: What your enterprise needs to know about cyber threat intelligence (lien direct) | Imagine the following scenario: a large financial institution has heard about recent breaches and thefts that have occurred around the world against similar institutions and wishes to protect itself.These questions may arise: Who is behind these attacks? What is the motive? What is the attack vector? What vulnerabilities were exploited? Is our environment secure enough? What do we need to do?This financial institution should probably talk to their cyber threat intelligence team.Cyber threat intelligence, or sometimes just called threat intelligence (CTI and TI), are increasingly popular terms in the security industry and enterprises in general. You likely have heard them mentioned in conversations with security information and event management (SIEMs), cloud providers, or when buying expensive reports. | Threat | ★★★★ | |
|
2018-08-19 09:59:00 | Botnet of smart air conditioners and water heaters could bring down the power grid (lien direct) | If smart appliances that can be remotely controlled over the internet were to be compromised and used in a botnet, then attackers could cause local power outages or even large-scale blackouts, according to a presentation given by Princeton University researchers at the USENIX Security Symposium.This new class of attacks was dubbed MadIoT (Manipulation of demand via IoT) by researchers from Princeton's Department of Electrical Engineering. Instead of directly attacking the supply side of the power grid, attackers could enslave high-wattage IoT devices in a botnet to manipulate the demand side of the grid. | |||
|
2018-08-17 08:40:00 | IDG Contributor Network: Balancing cybersecurity and regulatory compliance (lien direct) | Rigorous regulations like GDPR and California's Consumer Privacy Act will only become more prevalent, as long as our current cybersecurity landscape continues to suffer the near-crippling data breach affliction. Attackers seem to be one step ahead of defenders, constantly changing their attack vectors as new technologies become available, such as artificial intelligence and automated bots. But is coming up with new laws protecting or hindering our progress?Regulatory compliance over cybersecurity As witnessed overseas, many companies are struggling to stay compliant with standards like GDPR, and are more focused on meeting the minimum requirement rather than proper security policies, which hackers can easily find weaknesses in. The result of regulatory requirements is that they become outdated fairly quickly in the cyber world. What's worse, regulation outlines that are made publicly available essentially provide hackers a roadmap to breaking through defenses. By the time governing bodies overseeing these standards implement measures to fix these vulnerabilities, it' already too late. Businesses are exhausting time, manpower and capital on regulatory compliance that is inherently vulnerable, rather than fool-proof defenses that will protect all stakeholders. | Data Breach | ★★★★ | |
|
2018-08-16 02:56:00 | Hack mobile point-of-sale systems? Researchers count the ways (lien direct) | Ever since the infamous and massive security breach at retailer Target nearly five years ago, more and more attention has focused on the potential flaws that can make payment systems vulnerable to digital attack.And now, with payments increasingly shifting to mobile platforms, it appears that the potential for hacking the mobile point-of-sale (mPOS) systems that make it possible for merchants to accept card and even cryptocurrency payments on-the-go is also shifting.[ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ] Presenting at the Black Hat USA information security conference last week in Las Vegas, prominent U.K. security researchers showcased recent research detailing the inherent vulnerabilities they discovered among four of the most popular mPOS systems operating in both the United States and Europe. In what is believed to be the most comprehensive review of mPOS security to-date, security researchers from London-based Positive Technologies plumbed the inner workings of the mobile payment infrastructure of seven mPOS readers offered by Square, SumUp, PayPal and iZettle and found a host of potential ways to hack these systems. | Hack | ★★ | |
|
2018-08-15 03:00:00 | Why you should consider crowdsourcing IT security services (lien direct) | A crucial part of securing IT infrastructure, applications and services is asking independent white hat hackers to hack it. Hackers will try to break in regardless, so you might as well be part of the process to maximize the benefits. Unfortunately, not every company has the resources to hire a penetration testing team. [ Find out how to do penetration testing on the cheap ... and not so cheap. | Get the latest from CSO by signing up for our newsletters. ] | Hack | ★★ | |
|
2018-08-14 09:08:00 | Security flaws in police body cameras open the devices to attack (lien direct) | Police body cameras are riddled with security vulnerabilities that could allow a hacker to remotely tweak or delete footage, track the cops wearing them, or weaponize the bodycam by installing malware such as ransomware that could be spread to other devices in a police station.Josh Mitchell, aka @bx_lr, a consultant at the security firm Nuix, pointed out a plethora of critical security issues with police body cameras during his presentation at Def Con. After analyzing bodycams by Vievu, Patrol Eyes, Fire Cam, Digital Ally, and CeeSc, Mitchell said some of the vulnerabilities that could be remotely exploited were appalling. | Ransomware Malware | ★★★★ | |
|
2018-08-14 06:08:00 | IDG Contributor Network: The unintended consequences of GDPR (lien direct) | GDPR has done a world of good. It has enabled us to understand digital privacy, empowered the consumer about her rights and put a steep monetary value on non-compliance. In a nutshell, the entirety of it can be summarized into responsibilities – what data are you collecting (of me), where is this data being stored, who (in your organization) can access my data, how are you providing safeguards to protect my data, when will you notify me (and the authorities) if my data has been compromised – and customer's rights (access, modification, erasure, transfer of my data at any time).What is the common denominator in all of the above? Data underscores every aspect of the GDPR regulation. Nothing surprising yet the impact of this digital currency in our lives has been amplified thanks to GDPR and that has not been lost on the hackers. The case of a mental health facility that decided to pay the ransomware attackers instead of fighting them or relying on their own backup is not a unique case. | Ransomware | ★★★★ | |
|
2018-08-13 04:00:00 | IDG Contributor Network: Ways to improve your security team\'s response time (lien direct) | When it comes to incident response, every second counts. The severity of breaches varies, but since damage done directly correlates to the time a malicious actor has access to your systems, it's paramount that all threats are discovered and remediated as quickly as possible. The difference between a breach being detected and remediated in two hours versus two days could be the difference between a quick laptop reimaging or six-digit revenue loss.Imagine if a virus makes it past your firewall and, instead of noticing and sandboxing the point of entry, you miss the threat. Pretty soon, maybe the entire sales team is affected. The damage compounds; not only are you losing money by taking the sales team out of commission, you're also losing money with wasted man hours trying to mitigate damage that could have been avoided altogether if properly prepared for. | |||
|
2018-08-13 03:00:00 | 3 reasons companies fail to assess the scope of a data breach (lien direct) | First comes the embarrassing breach announcement. Then, a few days or weeks later, another one -- a few million stolen records were missed the first time around. Then another announcement, with another upward correction. With each new revelation, the hacked organization loses credibility and faces greater liability. | Data Breach | ||
|
2018-08-10 06:40:00 | How did the TimeHop data breach happen? (lien direct) | In July 2018, TimeHop, in a very transparent manner, discussed the breach of their service which affected approximately 21 million records, some of which included personal identifying information (PII) such as name, email, phone number, and date of birth, while others contained variants.Reviewing the sequence of events, we see that a trusted insider placed the company's data at risk when their employee credentials were used by a third-party to log into TimeHop's Cloud Computing Environment. How the intruder obtained the employee's log-in credentials is unknown. | Data Breach | ||
|
2018-08-09 13:16:00 | IDG Contributor Network: Here I am, hack me (lien direct) | Those of us in healthcare are reeling from the recent ransomware attack at LabCorp. The company, one of the largest medical testing companies in the world, confirmed that a known group of bad actors penetrated their network late on a Friday night via an exposed RDP port, and infected more than 30,000 systems with SamSam ransomware. LabCorp deserves some kudos, given reports that they had the attack contained in less than 50 minutes, which is quite amazing, if true. Kudos notwithstanding, however, why did they allow their network to be penetrated in the first place? | Ransomware Hack | ||
|
2018-08-09 07:31:00 | What is phishing? How this cyber attack works and how to prevent it (lien direct) | Phishing is a cyber attack that uses disguised email as a weapon. The goal is to trick the email recipient into believing that the message is something they want or need - a request from their bank, for instance, or a note from someone in their company - and to click a link or download an attachment.What really distinguishes phishing is the form the message takes: the attackers masquerade as a trusted entity of some kind, often a real or plausibly real person, or a company the victim might do business with. It's one of the oldest types of cyberattacks, dating back to the 1990s, and it's still one of the most widespread and pernicious, with phishing messages and techniques becoming increasingly sophisticated. | |||
|
2018-08-09 02:56:00 | What is malware? Viruses, worms, trojans, and beyond (lien direct) | Malware-a blanket term for viruses, worms, trojans, and other harmful computer programs-has been with us since the early days of computing. But malware is constantly evolving and hackers use it to wreak destruction and gain access to sensitive information; fighting malware takes up much of the day-to-day work of infosec professionals.Malware definition Malware is short for malicious software, and, as Microsoft puts it, "is a catch-all term to refer to any software designed to cause damage to a single computer, server, or computer network." In other words, software is identified as malware based on its intended use, rather than a particular technique or technology used to build it. | Malware | ||
|
2018-08-08 13:35:00 | BrandPost: The Case for Multi-Factor Authentication Wherever Users Connect (lien direct) | For years, passwords have guarded access to the resources organizations rely on day in and day out. But how well? And for how much longer? In an era when attack surfaces are growing, points of access are increasing and cyberattackers are getting smarter, now's the time to go beyond the password to protect your resources and data. Integrating more ways of authenticating at various points of access is a good way add another layer of protection for critical resources and data. Make it easy on users by choosing a solution that offers a variety of authentication options (hard and soft tokens, smartphone-based push to approve, biometrics, SMS and more) and requires additional authentication only when it detects a high-risk access attempt. | |||
|
2018-08-08 07:45:00 | (Déjà vu) Weaponized AI and facial recognition enter the hacking world (lien direct) | Meet Social Mapper, a facial recognition tool that searches for targets across numerous social networks, and the highly evasive and highly targeted AI-powered malware DeepLocker.Open-source Social Mapper face recognition tool The open-source intelligence-gathering tool Social Mapper uses facial recognition to automatically search for targets across eight social media sites: Facebook, Twitter, LinkedIn, Instagram, Google+, the Russian social networking service VKontakte, and the Chinese social networking sites Weibo and Douban. | Malware Tool | ||
|
2018-08-08 07:45:00 | (Déjà vu) AI-powered DeepLocker malware attacks and face recognition Social Mapper tracking tool (lien direct) | Meet Social Mapper, a facial recognition tool that searches for targets across numerous social networks, and the highly evasive and highly targeted AI-powered malware DeepLocker.Open-source Social Mapper face recognition toolThe open-source intelligence-gathering tool Social Mapper uses facial recognition to automatically search for targets across eight social media sites: Facebook, Twitter, LinkedIn, Instagram, Google+, the Russian social networking service VKontakte and the Chinese social networking sites Weibo and Douban. | Malware Tool | ||
|
2018-08-08 02:55:00 | Inside Dropbox and Microsoft Office phishing attacks | Salted Hash, Ep. SC03 (lien direct) | Today on Salted Hash, we're going to look at a phishing attack that targeted me directly. It's got a few interesting elements, including a weak attempt to spoof an HTTPS connection, and a sort of hybrid lure, which starts as Dropbox but ends at Microsoft Office.Top targets Microsoft is a popular target with criminals, especially when it comes to phishing. If a criminal can compromise your Microsoft Office account, they have a good deal of leverage over your professional life, and it gets worse if your Microsoft Office password is used on other services (it happens, and criminals do check for this).Email security vendor Vade Secure recently published a list of the top brands spoofed by phishing attacks, and Microsoft topped the list. This is notable because PayPal is usually in the top spot. According to Vade Secure's list, Microsoft held the number one position by more than 40 percent. PayPal drops to second, followed by Facebook, Netflix, Wells Fargo, Bank of America, DocuSign, Dropbox, DHL, and Apple to round out the top ten. | |||
|
2018-08-07 08:00:00 | FCC lied about DDoS attack during net neutrality comment process, blames former CIO (lien direct) | That DDoS attack on the FCC's public comment system that happened at the exact same time as John Oliver urged Last Week Tonight viewers to leave comments supporting net neutrality? Yep, it never really happened – not that you believed it was true. But now the FCC admitted lying about the DDoS attack on its public comment system.FCC Chairman Ajit Pai didn't come clean about it until the Office of Inspector General's report proving the DDoS claim was false was imminent. Unsurprisingly, Pai claims the DDoS lie from May 2017 wasn't his fault; instead, he pointed the finger of blame at the FCC's former CIO David Bray. | |||
|
2018-08-07 02:55:00 | What are phishing kits? Web components of phishing attacks explained (lien direct) | Phishing is a social attack, directly related to social engineering. Commonly centered around email, criminals use phishing to obtain access or information. Phishing attacks can be basic or customized toward the victim and their organization.A phishing attack with a directed focus is called spear phishing. If, for example, the criminal were targeting a group or person within a company, they'd use spear phishing to make the email look and feel legitimate. Usually this is done by using the victim's correct name and title, referencing legitimate projects, known co-workers, or spoofing an email from a senior executive. | |||
|
2018-08-02 07:26:00 | IDG Contributor Network: “Political hack” takes on new meaning in the age of cyberwarfare (lien direct) | The media blitz about Russia's involvement in our electoral process redefines the term “political hack.” Our fundamental right to legitimately and confidentially vote in elections, with confidence our vote counts, is not challenged by a despot, but rather by a bot. e-Voting machines are routinely analyzed and discoveries of one or another vulnerability are reported. Several studies over the past few years reveal the brittleness and insecurities of the various electronic voting machines used across America. The most recent demonstration at this year's DefCon provides a step by step process on how to exploit and attack a particular eVoting machine. Undoubtedly other machines are also vulnerable to malicious alteration. | Vulnerability Studies | ||
|
2018-08-01 04:15:00 | IDG Contributor Network: Is California\'s Consumer Privacy Act of 2018 going to be GDPR version 2? (lien direct) | While there is time before the California Consumer Privacy Act of 2018 comes into effect, which is January 1, 2020, businesses need to start planning now for compliance. The CCPA provides California consumers with significantly expanded rights as to the collection and use of their personal information by businesses. It covers any business meeting revenue or data collection volume triggers and that collects or sells information about California residents.Applicability to businesses The CCPA uses a much broader definition of personal information than is generally used in privacy statutes in the United States, including the definition in California's own data breach notification statute. Personal information under the CCPA includes “information that identifies, relates to, describes, is capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular consumer or household.” With this broad definition, the types of information protected under the CCPA are much closer to those found in the European Union's General Data Protection Regulation (“GDPR”). | Data Breach | ||
|
2018-07-31 02:55:00 | What are deepfakes? How and why they work (lien direct) | Deepfakes are fake videos or audio recordings that look and sound just like the real thing. Once the bailiwick of Hollywood special effects studios and intelligence agencies producing propaganda, like the CIA or GCHQ's JTRIG directorate, today anyone can download deepfake software and create convincing fake videos in their spare time.[ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ] So far, deepfakes have been limited to amateur hobbyists putting celebrities' faces on porn stars' bodies and making politicians say funny things. However, it would be just as easy to create a deepfake of an emergency alert warning an attack was imminent, or destroy someone's marriage with a fake sex video, or disrupt a close election by dropping a fake video or audio recording of one of the candidates days before voting starts. | |||
|
2018-07-25 03:00:00 | How to conduct a proper GDPR audit: 4 key steps (lien direct) | For many organizations, preparing for the European Union's (EU) General Data Protection Regulation (GDPR) has been a time-consuming endeavor. Unfortunately, the work is not over. Now that GDPR is in effect, companies will need to do regular internal audits to assess their compliance levels. The ability to document these audits will be vital in the event of a breach or complaint, because showing that a good-faith effort was made could help avoid a big penalty. | |||
|
2018-07-24 03:48:00 | 8 types of malware and how to recognize them (lien direct) | People tend to play fast and loose with security terminology. However, it's important to get your malware classifications straight because knowing how various types of malware spread is vital to containing and removing them.This concise malware bestiary will help you get your malware terms right when you hang out with geeks. [ Next-generation endpoint security tools are ready to replace antivirus. | Get the latest from CSO by signing up for our newsletters. ] | Malware | ||
|
2018-07-23 02:58:00 | Review: Zero tolerance malware and code blocking with Solebit (lien direct) | The one thing that all malware has in common is that it's comprised of computer code. But in cybersecurity, so is everything else. Lots of companies have tried to make the distinction between good and bad code, whether by comparing samples to the signatures of bad files, setting programs into a sandbox and seeing what they do, or applying artificial intelligence and machine learning to behavioral analytics while examining how a file acts. None of those methods has been entirely successful, and some, like signature-based protection, are almost completely outflanked by today's most advanced malware. | Malware | ||
|
2018-07-22 09:47:00 | Half a billion smart devices vulnerable to decade-old DNS rebinding attacks (lien direct) | If you use “smart” connected devices at your home or office, then those internet of things devices are at risk of an attack which is nearly ancient in tech-years as it has been around since 2007.Previously this year, it came to light that Google Home, Roku, Sonos, Chromecast, smart home Radio Thermostat CT50 & CT80 and all Blizzard games were vulnerable to DNS rebinding attacks. Now IoT security vendor Armis has warned that nearly half a billion “smart” devices are vulnerable to the decade-old DNS rebinding attack vector. | |||
|
2018-07-19 12:24:00 | Samsam infected thousands of LabCorp systems via brute force RDP (lien direct) | LabCorp, one of the largest clinical labs in the U.S., said the Samsam ransomware attack that forced their systems offline was contained quickly and didn't result in a data breach.However, in the brief time between detection and mitigation, the ransomware was able to encrypt thousands of systems and several hundred production servers.The wider public first learned about the LabCorp incident on Monday, when the company disclosed it via an 8-K filing with the SEC. Since then, as recovery efforts continue, the company said they're at about 90-percent operational capacity. | Ransomware |
To see everything:
Our RSS (filtrered)
