Wednesday, February 20, 2019

Lazarus Suspected of Targeting Russian Orgs

Lazarus Suspected of Targeting Russian OrgsForeign adversaries pose threats to US national security, but researchers at Check Point believe that the advanced persistent threat (APT) group known as Lazarus is now targeting Russian organizations. In a February 19 blog post,...

Ransomware Revenue Earning Does Not Match Infection Decline

Ransomware Revenue Earning Does Not Match Infection DeclineThere has been a decline in ransomware infections, but that does not mean that earned revenue has reduced for cyber-criminals. According to the third instalment of the Check Point 2019 Security Report, threat...

Half of UK Firms Admit to Unknown Network Devices

Half of UK Firms Admit to Unknown Network Devices Almost three million UK businesses could be exposing themselves to cyber-threats by having unknown devices on their network, according to new Forescout research. The security vendor polled over 500 IT decision...

Microsoft: Russians Hacking Again Ahead of Euro Elections

Microsoft: Russians Hacking Again Ahead of Euro ElectionsRussian state hackers are targeting NGOs, think tanks and other government-linked organizations ahead of the European Parliament elections in spring, according to Microsoft. The tech giant said it had observed 104 accounts in...

Swedish Privacy Snafu Affected More Companies

Swedish Privacy Snafu Affected More CompaniesA major Swedish privacy leak revealed this week is even worse than at first thought, with several other companies and over 100 additional servers exposed, according to new findings. Security vendor Outpost24 investigated service provider...

Criminals Weaponize Open Source Tools, Target IoT

Criminals Weaponize Open Source Tools, Target IoTCyber-criminals have grown more sophisticated in their unyielding attempts to compromise internet of things (IoT) devices, according to Fortinet’s Global Threat Landscape Report. The latest quarterly report indicates the changing vicissitudes of the threat...

Domain Squatting a Problem for Many Media Outlets

Domain Squatting a Problem for Many Media OutletsMalicious actors might be using spoofed media domains to disseminate disinformation campaigns, according to results from the latest State of the Domain research published by DomainTools. In looking at some of the most...

Palo Alto SOARs into Agreement with Demisto

Palo Alto SOARs into Agreement with DemistoA definitive acquisition agreement between Palo Alto Networks and Demisto, announced today, is expected to close during the fiscal third quarter for Palo Alto Networks. The acquisition of Demisto will be finalized for a...

Web Application Security Poses Greatest Risk

Web Application Security Poses Greatest RiskThe majority of vulnerabilities in 2018 were associated with network vulnerabilities, while less than 20% were associated with web applications and APIs, according to the fourth annual Vulnerability Stats Report from Edgescan. When it comes...

Student Data Exposed at Stanford University

Student Data Exposed at Stanford UniversityThe private data of students at Stanford University was exposed after someone changed a numeric ID in a URL that had been distributed to students who requested access to review their own files, according...

#CPX360: Attackers Are Delighted by the Expanding Attack Surface

#CPX360: Attackers Are Delighted by the Expanding Attack SurfaceEthical hackers have to “pretend and think like a criminal” as attackers think in the opposite way that a defender thinks.  Speaking at Check Point Experience in Vienna, ethical hacker and Cygenta...

Europe Intros Global IoT Security Standard

Europe Intros Global IoT Security StandardExperts have welcomed the introduction of a new globally applicable European standard designed to drive improvements in baseline security for consumer-grade IoT products. Introduced today by the European Telecommunications Standards Institute (ETSI), the standard will...

#CPX360: Prepare for Next Generation of Attacks with Prevention Focus

#CPX360: Prepare for Next Generation of Attacks with Prevention FocusSpeaking at the Check Point Experience conference in Vienna, Check Point founder and CEO Gil Shwed reflected on the first 25 years of the company, saying it had “come a...

Russian State Hackers Take Minutes to Move Laterally

Russian State Hackers Take Minutes to Move LaterallyThere was a major rise in Chinese state-sponsored cyber-activity in 2018 while Russian actors were by far the most operationally effective, according to the latest report from CrowdStrike. The security vendor’s 2019 Global...

Sweden’s Patient Hotline in Major Privacy Snafu

Sweden’s Patient Hotline in Major Privacy SnafuMillions of highly sensitive audio files linked to a Swedish healthcare hotline have been left exposed online for several years, in what could be a major breach of the GDPR. The 2.7 million files in...

As Businesses Move Critical Data to Cloud, Security Risks Abound

Companies think their data is safer in the public cloud than in on-prem data centers, but the transition is driving security issues.
TechRepublic

Best practices for handling gaps in cloud security

Establishing sufficient cloud security is a complex challenge. Learn where your attention is best directed to achieve the best results.
The Register

Behold… a WinRAR security bug that’s older than your child’s favorite YouTuber. And yes, you should patch this hole

Bet all two of you who paid to activate your copy are feeling a little cheesed off at this 14-year-old undetected flaw CheckPoint infosec eggheads are today laying claim to discovering a Windows archiving security flaw that appears to...

Can you really sniff out gas station card skimmers with your phone?

A viral post suggests (wrongly) that card skimmers always use Bluetooth. Anyway, just looking at nearby Bluetooth names doesn't help much...
SecurityWeek

Canada Helping Australia Determine ‘Full Extent’ of Hack

Canada's electronic eavesdropping agency said Wednesday it is working with Canberra to try to determine the scale of computer hacking on Australia's parliament and political parties just months from an election. read more