Meet the hacker taking over ISIS twitter accounts
A few months ago, we interviewed the hacker calling himself, Wauchula Ghost, who led the GhostSec hacker collective targeting ISIS. In the last week, Wauchula Ghost has been attracting even more attention as he has been successfully compromising the Twitter accounts of ISIS sympathizers, and posting gay porn on those accounts in retaliation for the […] more…Chinese hacking slows down after public scrutiny and US pressure
U.S. warnings and public scrutiny of hacks by groups believed to be China-based may have led to an overall decrease in intrusions by these groups against targets in the U.S. and 25 other countries, a security firm said. From mid-2014, after the U.S. Government took punitive measures against China, including indicting members of the Chinese […] more…Visa moves to streamline chip-card processing certifications
After months of frustrating delays for U.S. merchants that have been required to roll out payment systems that can accept new, more secure computer chip credit and debit cards, Visa on Thursday announced a series of remedies. The steps include streamlining Visa’s testing requirements and simplifying the terminal certification process. Visa said it would also […] more…Adobe warns: Cyberespionage group targeting critical Flash bug
Enterprises should disable Flash or deploy Microsoft’s EMET until Adobe’s promised patch arrives more…CVE-2016-4171 – Adobe Flash Zero-day used in targeted attacks
Earlier today, Adobe published the security advisory APSA16-03, which describes a critical vulnerability in Adobe Flash Player version 21.0.0.242 and earlier versions for Windows, Macintosh, Linux, and Chrome OS: A few of months ago, we deployed a new set of technologies into our products designed to identify and block zero day attacks. These technologies already […] more…Singapore PM Defends Government Internet Blockage
Singapore’s prime Minister Lee Hsien Loong has defended the country’s controversial decision to cut off civil servants’ work computers from the Internet, calling the move “absolutely necessary” to keep information systems secure. read more more…Company CFOs Targeted The Most By BEC Schemes
It should not come as a surprise that company executives (particularly the CEO and President) and other revered high-level employees get to be impersonated often for criminal reasons. How can you say no when it’s the CEO asking? How can you not comply when it’s already the President specifically requesting? Gone are the days of […] more…Shaming is a step forward, but more work is needed for faster smartphone patching
Shaming carriers and smartphone manufacturers into applying patches faster is a step forward, but a lot more needs to be done to improve security of the Android platform, security experts say. Last month, Bloomberg, citing unnamed sources, is considering releasing a list of vendors ranked by how up-to-date their headsets are. This has long been […] more…Mysterious malware targets industrial control systems, borrows Stuxnet techniques
Researchers have found a malware program that was designed to manipulate supervisory control and data acquisition (SCADA) systems in order to hide the real readings from industrial processes. The same technique was used by the Stuxnet sabotage malware allegedly created by the U.S. and Israel to disrupt Iran’s nuclear program and credited with destroying a […] more…Security concerns rising for Internet of Things devices
The burgeoning market for gadgets that trigger a sprinkler system, help you count the number of times you swing a bat, or dim the lights automatically are rising. That’s a concern for any business due to how these devices are also starting to show up at the corporate office for use in conference rooms, executive […] more…Crypto-ransomware Attacks Windows 7 and Later, Scraps Backward Compatibility
How do you know that something has become very popular? Simple – when poorly-made knockoff versions start to hit the marketplace. Ransomware, it seems, has hit that point. The writers behind the new ZCRYPT ransomware family have either scrapped support for Windows XP, or did a sloppy job in creating it. This new family only targets […] more…ZCRYPT Crypto-ransomware Attacks Windows 7 and Later, Scraps Backward Compatibility
How do you know that something has become very popular? Simple – when poorly-made knockoff versions start to hit the marketplace. Ransomware, it seems, has hit that point. The writers behind the new ZCRYPT ransomware family have either scrapped support for Windows XP, or did a sloppy job in creating it. This new family only targets […] more…IXESHE Derivative IHEATE Targets Users in America
Since 2012, we’ve been keeping an eye on the IXESHE targeted attack campaign. Since its inception in 2009, the campaign has primarily targeted governments and companies in East Asia and Germany. However, the campaign appears to have shifted tactics and is once again targeting users in the United States. We also noticed that there were some changes […] more…High-Profile Cyber Theft Against Banks Targeted SWIFT Systems
Much has been reported and discussed about the bank heists that affected Bangladesh, Vietnam, and Ecuador. All three cases involved the Society for Worldwide Interbank Financial Transfers (SWIFT), a system used by financial/banking institutions worldwide for communicating financial messages or instructions, and has more than 10,000 customers from the financial sector: banks, brokerage institutions, foreign exchanges, and […] more…5 active mobile threats spoofing enterprise apps
Impersonating apps Enterprise employees use mobile apps every day to get their jobs done, but when malicious actors start impersonating those apps, it spells trouble for IT departments. David Richardson, director of product at Lookout, and his team recently researched five families of malware doing just that: spoofing real enterprise apps to lure people […] more…Disaster recovery in a DevOps world
According to a 2015 survey by IT Revolution Press in conjunction with Puppet Labs, organizations using DevOps deploy code 30 times faster than others, doing deployments multiple times per day. Moreover, change failure gets cut in half with DevOps and services are restored up to 168 times faster than they are at non-DevOps organizations. DevOps: […] more…More information
- Microsoft Bulks Up Azure Web Sites Encryption
- Sidestepping your lockscreen with an innocent-looking USB stick
- How to stay smart about Android app permissions
- Virtualized security offers challenges (but not as many as you think)
- Microsoft Windows PDF Library CVE-2016-0117 Remote Code Execution Vulnerability
- US DOJ drops child porn case to avoid disclosing Tor exploit
- Backdoor:OSX/Imuler.B No Likes Wireshark
- SonicWall Warns of Imminent Ransomware Attacks Targeting Firmware Flaw
- How distributed ledgers enhance the IoT through better visibility and create trust
- August Patch Tuesday: Update Fixes ‘Wormable’ Flaws in Remote Desktop Services, VBScript Gets Disabled by Default