Republican data analytics firm exposes voting records on 198 million Americans

Republican data analytics firm exposes voting records on 198 million Americans

Researcher Chris Vickery has discovered nearly 200 million voter records in an unsecured Amazon S3 bucket maintained by Deep Root Analytics (DRA), a big data analytics firm that helps advertisers identify audiences for political ads....

06/19/17

It's time to update XP, Windows Server 2003 despite Microsoft's emergency patch

It's time to update XP, Windows Server 2003 despite Microsoft's emergency patch

Windows XP and Windows Server 2003 are supposed to be dead, but Microsoft's emergency update to address serious vulnerabilities gives organizations another excuse to hang on to these legacy operating systems a little longer.

06/15/17

Recap: News agency hack blamed for diplomatic meltdown in Qatar

Recap: News agency hack blamed for diplomatic meltdown in Qatar

Early Monday morning in Bahrain, the country's Foreign Affairs Ministry said the nation has severed diplomatic ties with Qatar. Within minutes of Bahrain's announcement, the United Arab Emirates, Saudi Arabia, and Egypt followed suit....

06/05/17

Proposed 'hack back' law would not have stopped WannaCry

Proposed 'hack back' law would not have stopped WannaCry

On Monday, the Financial Times published a story concerning a proposed bill form Representative Tom Graves, a Republican from Georgia's 14th district. Graves has proposed changing the Computer Fraud and Abuse Act (CFAA) to allow...

05/25/17

27 arrested for black box ATM attacks across Europe

27 arrested for black box ATM attacks across Europe

Europol said in a statement last week that 27 people have been arrested for their connection to a string of successful black box attacks against ATMs across Europe. Since 2016, these attacks have resulted in more than €45 million in...

05/22/17

DHS wargames included a scenario similar to WannaCry

DHS wargames included a scenario similar to WannaCry

In March of 2016, the Department of Homeland Security conducted a national exercise to see how the government and the private sector would react to a multi-sector cyberattack on critical infrastructure. The scenario included malware...

05/17/17

Dealing with WannaCry on Monday morning, and the days ahead

Dealing with WannaCry on Monday morning, and the days ahead

It's Monday. Across the globe organizations are likely having the same conversation: What happened? What is WannaCrypt (WannaCry)? Are we exposed? What can we do? If you're in the trenches, here's a brief outline that might help you...

05/15/17

Microsoft patches Windows XP and Server 2003 due to WannaCrypt attacks

Microsoft patches Windows XP and Server 2003 due to WannaCrypt attacks

On Friday evening, Microsoft released patches for Windows XP, Server 2003, and Windows 8, after those systems were infected with Ransomware on Friday. WannaCrypt, a variant of WannaCry Ransomware, used previously leaked NSA tools to...

05/13/17

Opinion: Some thoughts about Gizmodo's Phishing story

Opinion: Some thoughts about Gizmodo's Phishing story

On Tuesday, Gizmodo published a story about how easy it was to get Trump Administration officials and associates to click a Phishing link. In order to do this, the Gizmodo Special Projects Desk developed a fake Google Docs email,...

05/09/17

BEC attacks have hit thousands, top $5 billion in losses globally

BEC attacks have hit thousands, top $5 billion in losses globally

An updated advisory form the FBI says that Business Email Compromise (BEC) attacks have become a multi-billion-dollar scam worldwide, as criminals take advantage of lax policies and human nature. Victims include businesses both large...

05/08/17

Recent Google Docs Phishing attack is a win for Blue Teams

Recent Google Docs Phishing attack is a win for Blue Teams

On Wednesday afternoon, social media exploded with reports of a new Phishing attack targeting users of Google Docs. The attack was clever, centered on getting the victim to grant permissions to an application called Google Docs before...

05/03/17

No, Netflix is not a victim of Ransomware

No, Netflix is not a victim of Ransomware

A security firm has claimed the recent issues facing Netflix and their series "Orange is the New Black" are Ransomware, and a recent report from NBC News states the same. While no company wants to be held under the threat of ransom...

05/01/17

Contrast Security responds to OWASP Top 10 controversy

Contrast Security responds to OWASP Top 10 controversy

Contrast Security has addressed the recent backlash over section A7 of the OWASP Top 10 list for 2017. The company issued a statement on the matter after industry professionals suggested the A7 addition was an example of a vendor...

04/26/17

R2Games compromised again, over one million accounts exposed

R2Games compromised again, over one million accounts exposed

Online gaming company Reality Squared Games (R2Games) has been compromised for the second time in two years, according to records obtained by the for-profit notification service LeakBase. The hacker who shared the data with LeakBase...

04/25/17

Secure card maker Plastc Inc. considering Chapter 7 bankruptcy, halts operations

Secure card maker Plastc Inc. considering Chapter 7 bankruptcy, halts operations

Early supporters of Plastc, the E-Ink and touchscreen smart card that offered a number of security features, got some bad news on Thursday. Plastc Inc. is exploring options for Chapter 7 Bankruptcy protection, and none of the...

04/20/17

Job seekers on ZipRecruiter being targeted by scams via email and text

Job seekers on ZipRecruiter being targeted by scams via email and text

Right now, thousands of people are looking for a new job online. Some of them just want a change, but others are looking for a stable income to support themselves and their families. Scammers are targeting job seekers with precision,...

04/19/17

McAfee LinkedIn page hijacked

McAfee LinkedIn page hijacked

On Sunday evening, the LinkedIn page for McAfee was hijacked by a single person or an unknown number of individuals who apparently watched Twitter for reactions. The business page was defaced with random remarks, and at one point made...

04/16/17

New report examines the weaknesses of industrial environments

New report examines the weaknesses of industrial environments

A new report from FireEye examines the attack surfaces shared by a number of industrial enterprise operations, including electric utilities, petroleum companies, and manufacturing organizations. The six weaknesses outlined by FireEye...

04/12/17

Scammers Phishing for financial credentials on Twitter

Scammers Phishing for financial credentials on Twitter

Scammers are using Twitter as a vehicle to target people looking for customer support or asking general questions. They interject themselves into legitimate discussions, offering friendly chatter and a link that directs the target to...

04/06/17

Scottrade Bank data breach exposes 20,000 customer records

Scottrade Bank data breach exposes 20,000 customer records

Scottrade Bank, a subsidiary of Scottrade Financial Services, Inc., recently secured a MSSQL database containing sensitive information on at least 20,000 customers that was inadvertently left exposed to the public. The database itself...

04/05/17

Load More