27 arrested for black box ATM attacks across Europe

27 arrested for black box ATM attacks across Europe

Europol said in a statement last week that 27 people have been arrested for their connection to a string of successful black box attacks against ATMs across Europe. Since 2016, these attacks have resulted in more than €45 million in...

05/22/17

DHS wargames included a scenario similar to WannaCry

DHS wargames included a scenario similar to WannaCry

In March of 2016, the Department of Homeland Security conducted a national exercise to see how the government and the private sector would react to a multi-sector cyberattack on critical infrastructure. The scenario included malware...

05/17/17

Dealing with WannaCry on Monday morning, and the days ahead

Dealing with WannaCry on Monday morning, and the days ahead

It's Monday. Across the globe organizations are likely having the same conversation: What happened? What is WannaCrypt (WannaCry)? Are we exposed? What can we do? If you're in the trenches, here's a brief outline that might help you...

05/15/17

Microsoft patches Windows XP and Server 2003 due to WannaCrypt attacks

Microsoft patches Windows XP and Server 2003 due to WannaCrypt attacks

On Friday evening, Microsoft released patches for Windows XP, Server 2003, and Windows 8, after those systems were infected with Ransomware on Friday. WannaCrypt, a variant of WannaCry Ransomware, used previously leaked NSA tools to...

05/13/17

Opinion: Some thoughts about Gizmodo's Phishing story

Opinion: Some thoughts about Gizmodo's Phishing story

On Tuesday, Gizmodo published a story about how easy it was to get Trump Administration officials and associates to click a Phishing link. In order to do this, the Gizmodo Special Projects Desk developed a fake Google Docs email,...

05/09/17

BEC attacks have hit thousands, top $5 billion in losses globally

BEC attacks have hit thousands, top $5 billion in losses globally

An updated advisory form the FBI says that Business Email Compromise (BEC) attacks have become a multi-billion-dollar scam worldwide, as criminals take advantage of lax policies and human nature. Victims include businesses both large...

05/08/17

Recent Google Docs Phishing attack is a win for Blue Teams

Recent Google Docs Phishing attack is a win for Blue Teams

On Wednesday afternoon, social media exploded with reports of a new Phishing attack targeting users of Google Docs. The attack was clever, centered on getting the victim to grant permissions to an application called Google Docs before...

05/03/17

No, Netflix is not a victim of Ransomware

No, Netflix is not a victim of Ransomware

A security firm has claimed the recent issues facing Netflix and their series "Orange is the New Black" are Ransomware, and a recent report from NBC News states the same. While no company wants to be held under the threat of ransom...

05/01/17

Contrast Security responds to OWASP Top 10 controversy

Contrast Security responds to OWASP Top 10 controversy

Contrast Security has addressed the recent backlash over section A7 of the OWASP Top 10 list for 2017. The company issued a statement on the matter after industry professionals suggested the A7 addition was an example of a vendor...

04/26/17

R2Games compromised again, over one million accounts exposed

R2Games compromised again, over one million accounts exposed

Online gaming company Reality Squared Games (R2Games) has been compromised for the second time in two years, according to records obtained by the for-profit notification service LeakBase. The hacker who shared the data with LeakBase...

04/25/17

Secure card maker Plastc Inc. considering Chapter 7 bankruptcy, halts operations

Secure card maker Plastc Inc. considering Chapter 7 bankruptcy, halts operations

Early supporters of Plastc, the E-Ink and touchscreen smart card that offered a number of security features, got some bad news on Thursday. Plastc Inc. is exploring options for Chapter 7 Bankruptcy protection, and none of the...

04/20/17

Job seekers on ZipRecruiter being targeted by scams via email and text

Job seekers on ZipRecruiter being targeted by scams via email and text

Right now, thousands of people are looking for a new job online. Some of them just want a change, but others are looking for a stable income to support themselves and their families. Scammers are targeting job seekers with precision,...

04/19/17

McAfee LinkedIn page hijacked

McAfee LinkedIn page hijacked

On Sunday evening, the LinkedIn page for McAfee was hijacked by a single person or an unknown number of individuals who apparently watched Twitter for reactions. The business page was defaced with random remarks, and at one point made...

04/16/17

New report examines the weaknesses of industrial environments

New report examines the weaknesses of industrial environments

A new report from FireEye examines the attack surfaces shared by a number of industrial enterprise operations, including electric utilities, petroleum companies, and manufacturing organizations. The six weaknesses outlined by FireEye...

04/12/17

Scammers Phishing for financial credentials on Twitter

Scammers Phishing for financial credentials on Twitter

Scammers are using Twitter as a vehicle to target people looking for customer support or asking general questions. They interject themselves into legitimate discussions, offering friendly chatter and a link that directs the target to...

04/06/17

Scottrade Bank data breach exposes 20,000 customer records

Scottrade Bank data breach exposes 20,000 customer records

Scottrade Bank, a subsidiary of Scottrade Financial Services, Inc., recently secured a MSSQL database containing sensitive information on at least 20,000 customers that was inadvertently left exposed to the public. The database itself...

04/05/17

Android version of iOS malware used in targeted attacks discovered

Android version of iOS malware used in targeted attacks discovered

Researchers at Lookout and Google have identified an Android variant of custom malware originally detected in targeted attacks against iOS last year. Called Pegasus, the malware is used against dissidents in multiple countries, and...

04/03/17

API flaws said to have left Symantec SSL certificates vulnerable to compromise

API flaws said to have left Symantec SSL certificates vulnerable to compromise

Over the weekend, Chris Byrne, an information security consultant and instructor for Cloud Harmonics, published a post to Facebook outlining a serious problem with the processes and third-party API used to deliver and manage Symantec...

03/27/17

IRS issues new tax scam warnings, FSA tool suspended due to security concerns

IRS issues new tax scam warnings, FSA tool suspended due to security concerns

The Internal Revenue Service (IRS) has issued a new warning to businesses, taxpayers, and tax prep professionals about Phishing scams targeting the sensitive information they work with on a daily basis. Soon after, the IRS and the US...

03/22/17

Cisco to patch 300 devices against flaw found in CIA archives

Cisco to patch 300 devices against flaw found in CIA archives

After digging through the CIA archives released by WikiLeaks, Cisco says they've discovered a previously unknown flaw impacting 318 switch models. The bug, which the CIA has known about for an undetermined amount of time, can allow a...

03/20/17

Load More