Month: August 2018

0 Comments
A hospital in Missouri faces a lawsuit after a medical records breach occurred as a result of an email phishing scam, something that’s difficult to protect against within healthcare organizations, according to a security expert.   In January, Children’s Mercy Hospital in Kansas City, Mo., notified 63,049 individuals who were potentially affected by the medical records
0 Comments
A newly discovered adversarial group has been targeting operations in electrical utilities in the US, according to Dragos. The activity group, dubbed RASPITE, has reportedly been active in some capacity since early to mid-2017. Dragos has confirmed that RASPITE is now targeting ICS, specifically electric utilities in the US, Europe, Middle East and East Asia. While
0 Comments
by Lisa Vaas The DOJ announced on Wednesday that three alleged, “high-ranking” members of the notorious Fin7 cybercrime organization have been arrested. According to three federal indictments, Ukrainian nationals Dmytro Fedorov, 44, Fedir Hladyr, 33, and Andrii Kolpakov, 30, are allegedly members of a prolific, professional, highly adaptable hacking group widely known as Fin7, though
0 Comments
Security researchers have discovered at least three massive malware campaigns exploiting hundreds of thousands of unpatched MikroTik routers to secretly install cryptocurrency miners on computers connected to them. In all, the malware campaigns have compromised more than 210,000 routers from Latvian network hardware provider Mikrotik across the world, with the number still increasing as of
0 Comments
Author: Joe Stewart and James Bettke, SecureWorks® Counter Threat Unit™ Threat Intelligence Summary “Nigerian prince” and “419” scams have plagued victims for decades and transitioned to the Internet in the 1990s. There are many variations and names for these scams, which originated in Nigeria. The scammers refer to their trade using the terms “yahoo yahoo”
0 Comments
Editor’s note: One of the steps that generally precedes a network-based attack is port scanning, in which a hacker… tries to discover which services are being offered in order to launch a more specific attack. This article reveals a port-scanning technique that, contrary to most other techniques, does not reveal the location of the system
0 Comments
A national nonprofit organization, SecureSet Foundation, created by SecureSet Academy, aims to increase diversity in the cybersecurity workforce by offering financial assistance, according to a press release from SecureSet Academy. The creation of the SecureSet Foundation will enable individuals to enhance and build their professional skills in the field of cybersecurity, which will also help
0 Comments
The nature of the vulnerability hasn’t been disclosed, but is said to have already been identified and fixed Several hundred inmates at five prisons in the northwestern US state of Idaho have exploited a software vulnerability in their “prison-specific” tablets to transfer $225,000 worth of digital credits to their virtual accounts, according to a BBC
0 Comments
I’m proud to say that McAfee has received recognition from our customers with the 2018 Gartner Peer Insights Customers’ Choice for the Security Information and Event Management (SIEM). This is a recognition of high satisfaction from a number of reviews by verified end-user professionals. To ensure fair evaluation, Gartner maintains rigorous criteria for recognizing vendors
0 Comments
Summary The IRON TWILIGHT threat group has targeted non-governmental organizations (NGOs), journalists, politicians, political organizations, governments, and militaries since at least 2009. SecureWorks® Counter Threat Unit™ (CTU) researchers assess it is highly likely that IRON TWILIGHT is sponsored by the Russian government. In Spring 2015, the Russian government began tasking IRON TWILIGHT with activity beyond
0 Comments
It sounds great to be able to assess information from threats targeting organizations all around the globe and not just the ones coming directly at you. But threat intelligence tools, and the loads of data they deliver, can turn out to be about as useful as junk mail. Expensive junk mail. This handbook on global
0 Comments
The vast majority of small to medium-sized businesses (SMBs) rank security as their top priority, though less than a third of those organizations have a dedicated IT security professional on staff, according to 2018 SMB IT Security Report, released today by Untangle. More than 350 SMBs worldwide participated in the survey, which attempted to gauge their
0 Comments
With the tagline, “giving you the best of the internet in one place,” Reddit is a popular website designed for discussion, news aggregation, and the creation of social content. Boasting over 330 million users, the platform is characterized by an engaged community. Which also means it contains treasure troves of consumer data. Unfortunately, there’s now
0 Comments
Meet Radar Relay, a cryptocurrency startup that just raised $10 million from Blockchain Capital and other investors. The company is taking advantage of the 0x protocol to change your tokens into other tokens without going through a traditional exchange. Centralized exchanges have been one of the main weaknesses of the cryptocurrency industry for years. A
0 Comments
Summary SecureWorks® Counter Threat Unit™ (CTU) researchers analyzed the evolution of GOLD EVERGREEN (also known as Business Club), an Eastern European threat group known for large-scale, financially motivated electronic crime. Over time, the threat actors have demonstrated a high level of organization, a wide range of criminal activity, and the ability to steal significant amounts
0 Comments
Protecting the information and information assets at Fannie Mae, a primary source of financing for American mortgage lenders, is a daunting proposition. Christopher Porter, who has served as the Fannie Mae CISO since 2016, is up to the challenge. Formerly known as the Federal National Mortgage Association, Fannie Mae was founded after the Great Depression
0 Comments
The Department of Homeland Security (DHS) has announced the creation of a new cyber-risk management center intended to protect the nation’s banks, energy companies and other industries from potentially crippling cyber-attacks on critical infrastructure, according to agency officials who spoke at the 31 July cybersecurity summit hosted by DHS. DHS Secretary Kirstjen Neilsen led a
0 Comments
But don’t get too excited just yet: the first-of-its-kind bug bounty program for printers is invite-only for now Researchers can earn up to $10,000 for identifying security flaws in printers made by HP in what is the first bug bounty program aimed specifically at printers, according to an announcement by the tech giant on Tuesday.