Hackers Tee Up a Ransomware Attack for the PGA Ahead of the 2018 Championship
Fore! That’s not a ball hitting the 9th hole, that’s a ransomware attack. You heard correctly – the PGA (Professional Golfers’ Association) was hit with a ransomware attack this week, just days ahead of its annual championship tournament. Specifically, the attack was on the PGA’s computer servers, and is keeping officials from accessing files, such […] more…Advanced Targeted Attack Tools Found Being Used to Distribute Cryptocurrency Miners
by Cedric Pernet, Vladimir Kropotov, and Fyodor Yarochkin Regular cybercriminals appear to be taking a page from targeted attack actors’ playbooks — or rather, toolkits — to maximize their profits from illicit activities like cryptojacking. One of the differences between regular cybercrime and targeted attacks is intent: The former will almost always have immediate financial […] more…Tildeb: Analyzing the 18-year-old Implant from the Shadow Brokers’ Leak
by Mohamad Mokbel (Threat Researcher) On April 14, 2017, The Shadow Brokers (TSB) leaked a bevy of hacking tools named “Lost in Translation.” This leak is notorious for having multiple zero-day remote code execution (RCE) vulnerabilities targeting critical protocols such as Server Message Block (SMB) and Remote Desktop Protocol (RDP) and applications like collaboration and […] more…DDoS Attacks in Q3 2018
News Overview The third quarter 2018 turned out relatively quiet in terms of DDoS attacks. “Relatively” because there were not very many high-level multi-day DDoS onslaughts on major resources. However, the capacities employed by cybercriminals keep growing year after year, while the total number of attacks shows no signs of decline. The early July attack […] more…International Women’s Day in the Channel
I have had the privilege of working with many exceptional people over the course of my career. For International Women’s Day this year, I wanted to feature some of the dedicated and talented women I have the opportunity to work with in the Channel. The following individuals have great advice and stories that we all […] more…ROCA: Which Key-Pair Attacks Are Credible?
In the past two weeks, we have seen two big encryption issues arise: key reinstallation attacks, called KRACKs; and “Return of Coppersmith’s Attack,” called ROCA. Many CEOs, CIOs, and CISO/CSOs are asking, as they must, “Are we protected?” and “What’s our exposure?” Security architects are scurrying about to identify reasonable responses that can be presented […] more…Why Human-Machine Teaming Will Lead to Better Security Outcomes
Artificial intelligence and machine learning have never been more prominent in the public forum. CBS’s 60 Minutes recently featured a segment promising myriad benefits to humanity in fields ranging from medicine to manufacturing. World chess champion Garry Kasparov recently debuted a book on his historic chess game with IBM’s Deep Blue. Industry luminaries continue to opine about the […] more…Spam and phishing in 2016
The year in figures According to Kaspersky Lab, in 2016: The proportion of spam in email flows was 58.31%, which is 3.03 percentage points more than in 2015. 62.16% of spam emails were no more than 2 KB in size. 12.08% of spam was sent from the US. Trojan.Win32.Bayrob was the most popular malware family […] more…Fooling the ‘Smart City’
The concept of a smart city involves bringing together various modern technologies and solutions that can ensure comfortable and convenient provision of services to people, public safety, efficient consumption of resources, etc. However, something that often goes under the radar of enthusiasts championing the smart city concept is the security of smart city components themselves. […] more…Spam and phishing in Q2 2016
Download the full report (PDF) Spam: quarterly highlights The year of ransomware in spam Although the second quarter of 2016 has only just finished, it’s safe to say that this is already the year of ransomware Trojans. By the end of Q2 there was still a large number of emails with malicious attachments, most of […] more…VDI: Non-virtual problems of virtual desktop security, and how to solve them for real
Introduction Virtualization marches victoriously across the globe, adding to its list of champions not only individual IT-specialists and businesses, but even whole sections of the IT industry. In fact, it’s barely possible to find a data center with only physical servers on board: both electricity and physical space are far too expensive nowadays to be […] more…The Rio Olympics: Scammers Already Competing
A few years ago, spammers and scammers were not as interested in the Olympics as they were in football (the World Cup and European Championships). The first major increase in the number of spam messages devoted to the Olympic Games occurred in the run-up to the Winter Olympics in Sochi in 2014. Since then, their […] more…More information
- HTTPS Security Weakened by AV Products, Middleboxes: Study
- IBM attempts to redefine the IPS
- Brave CEO apologises for adding affiliate links to URLs
- UK bank testing vocal biometric security
- U.S. Companies Urged to Protect Against Foreign Government Hackers
- Industrial Systems at Risk of WannaCry Ransomware Attacks
- Don’t look now, but Pixel 4’s Face Unlock works with eyes closed
- New Report Quantifies Time’s Impact on Costs of Data Breaches and Disruption Attacks
- Microsoft Internet Explorer CVE-2015-2492 Remote Memory Corruption Vulnerability
- Virgin Mobile USA online subscriber accounts can be easily hacked, developer says