News

0 Comments
Madelyn Bacon and Casey Clark Cloud provider Data Resolution claimed North Korea was behind the ransomware attack on its systems on Christmas Eve. According to cybersecurity journalist Brian Krebs, Data Resolution was infected with the Ryuk ransomware, which is the same ransomware thought to be behind the attacks on Tribune Publishing Company’s network, which disrupted
0 Comments
A number of branch network security suppliers are touting their abilities to add software-defined WAN capabilities to their firewall platforms. In the meantime, SD-WAN suppliers continue to improve their native network security capabilities. Organizations must carefully evaluate their security and WAN requirements, as they select the appropriate architecture for their unique branch network needs. Many
0 Comments
Germany has been hit with the biggest hack in its history. A group of unknown hackers has leaked highly-sensitive personal data from more than 100 German politicians, including German Chancellor Angela Merkel, Brandenburg’s prime minister Dietmar Woidke, along with some German artists, journalists, and YouTube celebrities. The leaked data that was published on a Twitter
0 Comments
A cyberattack on Tribune Publishing Company LLC this weekend disrupted the printing operations of several major newspapers, including the Los Angeles Times and Chicago Tribune, but questions remain about the nature and attribution of the incident. The Tribune Publishing cyberattack, which was initially discovered Friday, involved malware that affected several of the company’s systems for
0 Comments
With data breaches becoming a daily reality, it’s nearly impossible to know which breaches will remain influential or impactful throughout the course of a year. For this cybersecurity roundup, we chose to focus on analyzing Under Armour, Cambridge Analytica-Facebook, Uber and Marriott Hotels as the most powerful 2018 cybersecurity incidents. Not all information security risks
0 Comments
Apple’s latest Transparency Report shows that access to user devices and data are more often being requested by government and non-government entities around the world — and so is the rate at which Apple complies with those requests. Government data requests have been on the rise for years, according to previous transparency reports by Apple
0 Comments
The U.S. Department of Justice on Thursday indicted two Chinese nationals accused of cyberattacks around the world in association with the Chinese state-sponsored hacking group known as APT10. The two individuals, Zhu Hua and Zhang Shilong, were indicted on several charges in connection with cyberattacks and intellectual property (IP) theft, including conspiracy to commit computer
0 Comments
Security researchers have discovered yet another example of how cybercriminals disguise their malware activities as regular traffic by using legitimate cloud-based services. Trend Micro researchers have uncovered a new piece of malware that retrieves commands from memes posted on a Twitter account controlled by the attackers. Most malware relies on communication with their command-and-control server
0 Comments
Microsoft today issued an out-of-band security update to patch a critical zero-day vulnerability in Internet Explorer (IE) Web browser that attackers are already exploiting in the wild to hack into Windows computers. Discovered by security researcher Clement Lecigne of Google’s Threat Analysis Group, the vulnerability, tracked as CVE-2018-8653, is a remote code execution (RCE) flaw
0 Comments
Certified Information Systems Security Professional (CISSP) is an information security certification developed by the International Information Systems Security Certification Consortium, also known as (ISC)². The CISSP designation is a globally recognized, vendor-neutral standard attesting to an IT security professional’s technical skills and hands-on experience implementing and managing a security program. CISSP is a certification sought
0 Comments
The FBI just saved the Christmas. The U.S. Justice Department announced earlier today that the FBI has seized domains of 15 “DDoS-for-hire” websites and charged three individuals running some of these services. DDoS-for-hire, or “Booter” or “Stresser,” services rent out access to a network of infected devices, which then can be used by anyone, even
0 Comments
A security researcher with Twitter alias SandboxEscaper today released proof-of-concept (PoC) exploit for a new zero-day vulnerability affecting Microsoft’s Windows operating system. SandboxEscaper is the same researcher who previously publicly dropped exploits for two Windows zero-day vulnerabilities, leaving all Windows users vulnerable to the hackers until Microsoft patched them. The newly disclosed unpatched Windows zero-day
0 Comments
Another day, another data breach. This time it’s the United States National Aeronautics and Space Administration (NASA) NASA today confirmed a data breach that may have compromised personal information of some of its current and former employees after at least one of the agency’s servers was hacked. In an internal memo sent to all employees
0 Comments
Cybersecurity researchers have discovered a critical vulnerability in widely used SQLite database software that exposes billions of deployments to hackers. Dubbed as ‘Magellan‘ by Tencent’s Blade security team, the newly discovered SQLite flaw could allow remote attackers to execute arbitrary or malicious code on affected devices, leak program memory or crash applications. SQLite is a
0 Comments
One of the many challenges network administrators face is controlling, securing and enforcing security policies on users’ smartphones, tablets and other mobile devices. To optimize both the functionality and the security of mobile devices while simultaneously protecting the corporate network, many organizations deploy a mobile device management (MDM) server to configure policies and applications and
0 Comments
“Profit is sweet, even if it comes from deception,” the playwright Sophocles wrote. Over two millennia later, the ancient Greek’s words still ring true. Or perhaps they need just a tweak — because now those “sweet” profits come because of deception. Deception technologies, that is. The market for deception security tech is expected to boom
0 Comments
Cybersecurity researchers have discovered a new zero-day vulnerability in Adobe Flash Player that hackers are actively exploiting in the wild as part of a targeted campaign appears to be attacking a Russian state health care institution. The vulnerability, tracked as CVE-2018-15982, is a use-after-free flaw resides in Flash Player that, if exploited successfully, allows an