US elections remain vulnerable to attacks, despite security improvements
Days away from the Iowa caucuses, and less than 11 months from the general election, voting and election security continues to be a challenge for the U.S political system. Threats to a secure election appear to loom as large today as they did in 2016, when Russian state-backed hackers and social media trolls threw U.S. […] more…Story of the year 2019: Cities under ransomware siege
Ransomware has been targeting the private sector for years now. Overall awareness of the need for security measures is growing, and cybercriminals are increasing the precision of their targeting to locate victims with security breaches in their defense systems. Looking back at the past three years, the share of users targeted with ransomware in the […] more…How blockchain will kill fake news (and four other predictions for 2020)
As blockchain’s hype cycle continues to befuddle many about its potential beyond cryptocurrencies, businesses and governments are moving ahead with projects involving everything from digital identities to voting and supply chain tracking. Blockchain has slipped into the “Trough of Disillusionment” (see Gartner Hype Cycle), because it got ahead of its technical and operational maturity. As a result, interest […] more…Revamping in-house dynamic analysis with VirusTotal Jujubox Sandbox
VirusTotal Jujubox Sandbox in action: This is a small datastudio set up to illustrate the kind of analytics that can be built with a massive dynamic analysis setup, generating IoCs. Note that there are several pages. One of the main themes of VirusTotal’s 2019 roadmap is “Holistic Threat Profiling”. Some users never move beyond the […] more…CDM and the 2019 Billington Cybersecurity Summit
Recently, Billington hosted their 10th annual Cybersecurity Summit, one of the premier cybersecurity conferences where industry leaders and government officials join together to discuss the current state of cybersecurity. Several key themes presented themselves throughout the two-day summit, including cloud, cybersecurity legislation, and DHS’s Continuous Diagnostics and Mitigation program (CDM). Kevin Cox, the program manager […] more…McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – The All-Stars
Episode 2: The All-Stars Analyzing Affiliate Structures in Ransomware-as-a-Service Campaigns This is the second installment of the McAfee Advanced Threat Research (ATR) analysis of Sodinokibi and its connections to GandGrab, the most prolific Ransomware-as-a-Service (RaaS) Campaign of 2018 and mid-2019. GandCrab announced its retirement at the end of May. Since then, a new RaaS family […] more…CISA’s Krebs seeks more measured approach to election security heading into 2020
Given the too-late realization that Russia interfered in the 2016 presidential election through massive disinformation campaigns and — as the Mueller report most recently documented with a few new twists — actual efforts to hack into state elections systems, it’s no surprise that election security under the rubric of “Protect 2020” was a key theme […] more…U.S. Rep Lieu hopeful for election security bill prospects
U.S. Representative Ted Lieu (D-CA) thinks that Senate Majority Leader Mitch McConnell’s weakening opposition to gun legislation bodes well for the prospects of passing an election security bill. Several election security measures have stalled in Congress since the 2016 presidential election because McConnell has refused to take them up on the Senate side. [ Learn […] more…APT trends report Q2 2019
For two years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They aim to […] more…School of Cyberthreats: 3 Attacks Impacting Today’s Schools
Educational institutions are data-rich gold mines. From student and employee records to sensitive financial information, schools contain a plethora of data that can be obtained by cybercriminals rather easily due to lack of security protocols. This fact has cybercriminals pivoting their strategies, leading to a recent uptick in attacks on the education sector in the […] more…Demystifying Blockchain: Sifting Through Benefits, Examples and Choices
You have likely heard that blockchain will disrupt everything from banking to retail to identity management and more. You may have seen commercials for IBM touting the supply chain tracking benefits of blockchain.[i] It appears nearly every industry is investing in, adopting, or implementing blockchain. Someone has probably told you that blockchain can completely transform […] more…Black Hat 2019: Q&A with McAfee
Now in its 22nd year, Black Hat is an information security event showcasing the latest research, newest technology, scariest threats, and biggest trends. Around 19,000 security professionals will be taking over Las Vegas’s Mandalay Bay during the six-day event. Before the security world convenes the first week in August, I spoke with McAfee leadership and […] more…McAfee ATR Aids Police in Arrest of the Rubella and Dryad Office Macro Builder Suspect
Everyday thousands of people receive emails with malicious attachments in their email inbox. Disguised as a missed payment or an invoice, a cybercriminal sender tries to entice a victim to open the document and enable the embedded macro. This macro then proceeds to pull in a whole array of nastiness and infect a victim’s machine. […] more…Secure elections scorecard: Grading the candidate and Congressional proposals
America’s electronic voting infrastructure is laughably insecure, but security experts know how to solve the problem. Only the political will is lacking to make it right. [ Learn what you need to know about defending critical infrastructure . | Get the latest from CSO by signing up for our newsletters. ] Numerous bills have been […] more…House Actions on Election Security Bode Well for 2020
As a U.S. cybersecurity company, McAfee supports legislation that aims to safeguard U.S. election security. After the 2016 election, McAfee sees the importance of improving and preserving election security; we even offered free security tools to local election boards prior to the 2018 elections and released educational research on how localities can best protect themselves […] more…What kids get up to online
Today’s children navigate the Internet better than adults. They are not afraid to try out new technology, and are quick to grasp new trends and sometimes invent their own. New social networks, mobile games, music, and gadgets are all part and parcel of their daily lives. But just because they feel at home online does […] more…More information
- 10 questions for Imperva CTO Amichai Shulman
- Macro-Based Multi-Stage Attack Delivers Password Stealer
- Smart octogenarian foils scammer who said he would buy item via PayPal
- With Yahoo Bid, Verizon Gobbles Up the Past To Avoid an Obsolete Future
- ICS Patch Tuesday: Siemens and Schneider Electric Address Over 50 Security Flaws
- Resolved: iTwo not available
- AuthMind Scores $8.5M Seed Funding for ITDR Tech
- Japan Blames North Korea for PyPI Supply Chain Cyberattack
- Android M will give app users a lot better control over their data privacy
- Meet Rhysida, a New Ransomware Strain That Deletes Itself