Is That Photo Containing a Cyberthreat? What to Know About Steganographic Malware
Secret messages are hidden everywhere – within a hit song, a brand logo, a big blockbuster movie. Usually, these messages are fun Easter eggs or nods to fans. In the digital world, this kind of practice is called steganography, and messages are usually concealed in images, audio tracks, video clips, or text files. But, instead […] more…Employee at Trios Health snoops on data of 600 patients
An employee at Trios Health, which is anchored by Trios Southridge Hospital in Washington State, was using its electronic health record system not just to perform job duties but to also look up information on patients outside of the employee’s job function. The incident is the latest in a spate of breaches at healthcare organizations […] more…Helping Kids Understand the Foolishness and Consequences of Sexting
Sexting and teens. Nearly every week, the headlines reflect the attempt of citizens, educators, and lawmakers to tackle the question: What should the punishment be for teens caught sexting? In most states, officials may prosecute anyone, regardless of age, who creates, distributes or possesses an image of a minor engaged in sexual acts under that state’s […] more…Acoustic attack lets hackers control smartphone sensor
A newfound vulnerability in smartphones could let hackers remotely control the devices. With the acoustic injection attack, “attackers that deliver high intensity acoustic interference in close proximity” can interfere with a device accelerometer and get the sensor to send “attacker – chosen” data to the smartphone’s processor, say researchers from the University of Michigan and University […] more…Malware: 5 Tips for Fighting the Malicious Software
Malware—the term seems to be at the center of the news every day, with each headline telling of a new way the cyber threat has inserted itself into our lives. From an entire attack campaign on banks worldwide, to a strain residing within medical devices, to a variant that has learned to self-heal, the list […] more…EyePyramid and a Lesson on the Perils of Attribution
In the past weeks, information-stealing malware EyePyramid made headlines after it was used to steal 87GB of sensitive data from government offices, private companies and public organizations. More than 100 email domains and 18,000 email accounts were targeted, including those of high-profile victims in Italy, the U.S., Japan and Europe. The natural assumption for many […] more…Businesses as Ransomware’s Goldmine: How Cerber Encrypts Database Files
Possibly to maximize the earning potential of Cerber’s developers and their affiliates, the ransomware incorporated a routine with heavier impact to businesses: encrypting database files. These repositories of organized data enable businesses to store, retrieve, sort, analyze, and manage pertinent information. When utilized effectively they help maintain the organization’s efficiency, so holding these mission-critical files […] more…App Store Flooded with Phony Retail Apps to Kick Off Holiday Season
The holiday season has officially kicked off, which means a number of things for many of us: seasonal cheer, quality time with loved ones, and admittedly for many, lots and lots of shopping. And these days, many of holiday retail sales are happening online. Unfortunately, that also means now more than ever, there’s more holiday-related […] more…Teaching Kids to Rise Above the Twitter Trolls
The social media platform Twitter has been making the headlines every day lately and not for good reasons. The popular 140-character driven network is under fire for its increasingly troll-heavy content and its failure to regulate abusive tweeters. From celebrities shutting down accounts to politicians and special interest groups daily (and very publically) engaged in […] more…How to Secure the Future of the Internet of Things
The world of security for the Internet of Things just became more complex. IoT devices are no longer a potential threat to their owners; now they pose a significant threat to everything connected to the Internet. The old IoT security problem For the past year, the cybersecurity and IoT communities have been at odds regarding […] more…Can Internet of Things be the New Frontier for Cyber Extortion?
The Internet of Things (IoT)—the network of devices embedded with capabilities to collect and exchange information—has long been attracting the attention of cybercriminals as it continues to gain momentum in terms of its adoption. Gartner has estimated that more than 20.8 billion IoT devices will be in use by 2020; IoT will be leveraged by […] more…Node.js 5.7 released ahead of impending OpenSSL updates
The Node.js Foundation is gearing up this week for fixes to OpenSSL that could mean updates to Node.js itself. Releases to OpenSSL due on Tuesday will fix defects deemed to be of “high” severity, Rod Vagg, foundation technical steering committee director, said in a blog post on Monday. Within a day of the OpenSSL releases, […] more…ATMZombie: banking trojan in Israeli waters
On November 2015, Kaspersky Lab researchers identified ATMZombie, a banking Trojan that is considered to be the first malware to ever steal money from Israeli banks. It uses insidious injection and other sophisticated and stealthy methods. The first method, dubbed “proxy-changing”, is commonly used for HTTP packets inspections. It involves modifying browser proxy configurations and […] more…Should hackers be tolerated to test public systems?
The purported veering of a jetliner caused by an onboard hacker points to a larger problem, experts say – airlines and other providers of services may be blind to the value such security researchers can offer in the name of public safety. While it’s far from clear that security researcher Chris Brown actually did commandeer […] more…Security pros name their must-have tools
Secure file sharing is imperative for Lawyers Without Borders, a group that works with volunteer lawyers to advance human rights law in conflict-ridden regions. The nonprofit organization, headquartered in Hartford, Conn., uses Intralinks VIA to protect confidential legal documents and court papers from unsanctioned access. The SaaS solution for content sharing and collaboration is a […] more…Crypto-Ransomware Sightings and Trends for 1Q 2015
It seems that cybercriminals have yet to tire of creating crypto-ransomware malware. Since the start of 2015, we have spotted several variants of crypto-ransomware plague the threat landscape. In January, the Australia-New Zealand region was beset by variants of TorrentLocker. But we soon discovered that TorrentLocker infections were not limited to that region; Turkey, Italy, […] more…More information
- Ho Ho OUCH! There are 4x more fake retailer sites than real ones
- Microsoft Internet Explorer CVE-2013-3150 Memory Corruption Vulnerability
- How to Improve Back Door Security
- BitPay spearphished and loses $1.8 million, insurer refuses to pay
- Naked Security needs an intern! Here’s how to apply
- ‘Anonymous’ hack attacks make world sit up, take notice
- Twitter Suspends Accounts Engaged in Manipulation
- Microsoft Windows CVE-2016-3312 Information Disclosure Vulnerability
- Apple Blocked 1.7 Million Applications From App Store in 2022
- Windows 8 security overview – Safest Windows ever?