Report: Small, Stealthy Groups Behind Worst Cybercrimes
A small group of cybercriminals are responsible for the most damaging cyberattacks--often with the help of state sponsorship. Still, low-level criminal activity on the dark web still poses the most widespread and immediate security threat, with cryptocurrency mining, ransomware...
Survey Finds Attacks Find Insecure IoT Devices
A survey finds vast differences in security practices linked to IoT devices in the enterprise, with attacks concentrating on insecure IoT endpoints.
The post Survey Finds Attacks Find Insecure IoT Devices appeared first on The Security Ledger.Related StoriesNigerian ISP Hijacks...
Survey: Attacks Find Insecure IoT Devices
A survey finds vast differences in security practices linked to IoT devices in the enterprise, with attacks concentrating on insecure IoT endpoints.
The post Survey: Attacks Find Insecure IoT Devices appeared first on The Security Ledger.Related StoriesNigerian ISP Hijacks Google...
Nigerian ISP Hijacks Google Traffic, Sends It Through Russia and China
A small Nigerian Internet service provider (ISP) hijacked traffic meant for Google data centers on Monday, re-routing local traffic through China and Russia and making some hosted services temporarily unavailable for users.
The post Nigerian ISP Hijacks Google Traffic, Sends...
Podcast Episode 120: They Email Ballots, Don’t They?
In this week’s episode (#120): more than 100,000 U.S. voters submitted their ballots in the last presidential election via email in 2016. Despite that: hardly any attention has been paid to the security of email and online voting systems...
Bank Attacks Put Password Insecurity Back in the Spotlight
Two separate attacks on banks in the United States and Pakistan revealed this week highlight once again the inherent weakness of a security practice that relies on passwords or knowledge-based credentials to protect critical information. International bank HSBC said...
Feds, Facebook Join Forces to Prevent Mid-Term Election Fraud
Federal authorities, social media companies, and the U.S. military are on cybersecurity high alert for fraud, suspicious online activity or other security glitches that could cast a shadow on Tuesday’s critical mid-term elections.Fearing the use of social media and...
Podcast Episode 119: EFF on Expanding Researchers Rights and AT&T talks IoT Security Fails
In this episode of the podcast, #119: Electronic Frontier Foundation General Counsel Kurt Opsahl joins us to talk about the Coders’ Rights Project. Also: we speak with Senthil Ramakrishnan, a lead member of AT&T’s IoT Security group about that...
Managed Threat Hunting Bridges the Talent Gap
Skilled operators make all the difference in incident response and threat hunting. With talent scarce (and expensive), however, managed threat hunting teams may be worth a look, writes Scott Taschler of the firm Crowdstrike. As we discussed in “Uncovering...
Report: China Eyes IoT as Next Front of Cyber War on U.S.
China is eyeing dominance of the Internet of Things (IoT) market and may use vulnerabilities in these technologies as the next front on its ongoing cyberwar with the United States, according to a new report.
The post Report: China Eyes...
Sextortionist Campaigns Get Personal, Creative to Force Payouts
Two security firms warn of a flurry of "sextortion" campaigns recently that use new, creative and sometimes extreme methods that leverage personal information, sex-related activity and even death threats to spur victims to pay thousands in ransom fees to...
Podcast Episode 118: White Hat Eye on the Gaming Guy
In this week’s episode, #118: modern computer games are like mini economies and that makes them a big target for hackers. We talk with four leading researchers from Bug Crowd about how even popular games fall down on security....
Research: Russian Disinformation Campaigns Target African Americans
Russian misinformation campaigns have been targeting African Americans in a number of ways to create division between left and right political agendas, create racial division and discord, and even suppress Black voter turnout, new research has found. Two recent...
Report: Obvious Security Flaws Make ICS Networks Easy Targets
Industrial control systems (ICSs) remain easy targets for nation-states actors because of security gaps such as plain-text passwords, direct Internet connections and weak anti-virus protections, a new report has found. The warnings about industrial control systems running on Windows...
Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats
In this episode of the podcast (#117), we go deep on one of the hottest sectors around: cyber insurance. In the first segment, we talk with Thomas Harvey of the firm RMS about the problem of “silent cyber” risk...
Instagram flaw exposes user passwords
A security flaw in Instagram’s recently released “Download Your Data” tool could have exposed some user passwords, the company reportedly told users.
The tool, revealed by Instagram right before the GDPR regulation went into effect, is designed to let users...
Julian Assange Charges, Japan’s Top Cybersecurity Official, and More Security News This Week
Safer browsing, more bitcoin scams, and the rest of the week's top security news.
SMS 2FA database leak drama, MageCart mishaps, Black Friday badware, and more
Plus, why is Kaspersky Lab getting into chess? Roundup What a week it has been: we had the creation of a new government agency, a meltdown flashback, and of course, Patch Tuesday.…
Is retaining a cybersecurity attorney a good idea for your business?
Cybersecurity is so complicated that businesses, large and small, are retaining legal counsel specializing in security. Learn two more steps businesses should take before a cyberattack hits.
Machine Learning Can Create Fake ‘Master Key’ Fingerprints
Researchers have refined a technique to create so-called DeepMasterPrints, fake fingerprints designed to get past security.
