Financial Industry Insiders Put the Keys to the Kingdom at Risk
Monitoring for Illicit Insider Activity Shouldn’t Focus Exclusively on Dark Web and Criminal Forums
read more
ABB to Patch Code Execution Flaw in HMI Tool
Swiss industrial tech company ABB is working on a patch for a serious arbitrary code execution vulnerability affecting one of its engineering tools.
read more
Cisco Finds Serious Flaws in Policy Suite, SD-WAN Products
Cisco informed customers on Wednesday that it has found and patched over a dozen critical and high severity vulnerabilities in its Policy Suite, SD-WAN, WebEx and Nexus products.
read more
NIST to Withdraw 11 Outdated Cybersecurity Publications
The U.S. National Institute of Standards and Technology (NIST) announced on Tuesday that its Computer Security Division has decided to withdraw eleven outdated SP 800 publications.
read more
Data Privacy Automation Provider Integris Software Raises $10 Million
Integris Software, a Seattle-based provider of data privacy automation tools, today announced that it has raised $10 million through a Series A financing round led by Aspect Ventures.
read more
Flashpoint Launches Ransomware Response & Readiness Service
Threat intelligence and research company Flashpoint on Wednesday announced the launch of a new service designed to help organizations prepare and respond to ransomware and other types of cyber extortion incidents.
read more
Oracle Patches Record 334 Vulnerabilities in July 2018
Oracle Patches Over 200 Remotely Exploitable Vulnerabilities in July 2018 Critical Patch Update
read more
GrandCrab: The New King of Ransomware?
Cryptominers have plateaued, GrandCrab is the new king of ransomware, adware -- surprise! -- is as prolific as ever, and VPNFilter might herald a new genre of sophisticated multi-purpose malware. These are some of the conclusions drawn from the...
Keeping it on the Down Low on the Dark Web
Sites on the Dark Web Have Several Motivations to Unmask Their Visitors
read more
Microsoft Offers $100,000 in New Identity Bug Bounty Program
Microsoft on Tuesday announced the launch of a new bug bounty program that offers researchers the opportunity to earn up to $100,000 for discovering serious vulnerabilities in the company’s various identity services.
read more
Siemens Informs Customers of New Meltdown, Spectre Variants
Siemens recently updated its security bulletin for the Meltdown and Spectre vulnerabilities to inform customers of the latest variants, specifically the ones known as LazyFP and Spectre 1.1.
read more
RATs Bite Ukraine in Ongoing Espionage Campaign
An ongoing espionage campaign aimed at Ukraine is leveraging three different remote access Trojans (RATs), ESET security researchers warn.
read more
Back in Washington, Trump Under Pressure to Reverse Course on Russia
President Donald Trump found himself isolated and under pressure to reverse course Tuesday after publicly challenging the US intelligence conclusion that Russia meddled in the 2016 election during his face-to-face with Vladimir Putin.
read more
Malware Creator Admits to Building and Selling LuminosityLink RAT
A Kentucky man admitted in a U.S. court to developing and distributing the remote access Trojan known as LuminosityLink.
read more
‘Blackgear’ Cyberspies Resurface With New Tools, Techniques
The hackers behind a cyberespionage campaign known as Blackgear are back with improved malware that abuses social media websites, including Facebook, for command and control (C&C) communications.
read more
Downward Trend in Healthcare Ransomware Attacks May be Temporary
Confirming a trend noted by other researchers, a new report from network security firm Cryptonite notes that ransomware incidents have declined over the last six months.
read more
Charitable Hackers Collaborate in Deep Web Forums
Through Multiple Methods and Collaborations, Many Hackers Donate Money to Good Causes
read more
Irish Silk Road Suspect Extradited to US: Prosecutors
A 30-year-old Irish man accused of working for now defunct "dark web" marketplace Silk Road has been extradited to the United States to face charges in New York, four years after his arrest, prosecutors announced Friday.
read more
Security Instrumentation Firm Verodin Raises $21 Million
Verodin, a Virginia-based company that helps organizations assess the effectiveness of their cybersecurity controls, on Tuesday announced that it has raised $21 million in a Series B funding round.
read more
Privacy Advocates Say Kelsey Smith Act Gives Police Too Much Power
This bill making its way through Congress would allow law enforcement to more easily uncover location data for cell phones from mobile carriers in an emergency.
Financial Industry Insiders Put the Keys to the Kingdom at Risk
Monitoring for Illicit Insider Activity Shouldn’t Focus Exclusively on Dark Web and Criminal Forums
read more
Trends in malware – ransomware, cryptojacking, what next? [PODCAST]
Catch up with Day 3 of our Security SOS Week - here's the third episode of our week-long online security summit.
Microsoft offers up to $100,000 to identity bug finders
Want to earn $100,000? You could win as much as that if you manage to uncover a serious vulnerability in Microsoft’s various identity services.
Read more in my article on the Hot for Security blog.
Automated money-laundering scheme found in free-to-play games
The scammers automatically created iOS accounts with valid email accounts, then automatically used stolen cards to buy and resell stuff.
