Cyber Attacks/Espionage

Cyber Attacks/Espionage news, information, and how-to advice

amy schumer
malware

ana montes

Management lessons from the espionage of Ana Montes

The best IT security is not enough to protect against the determined insider

credit cards

Diversified supply chain helps 'Vendetta Brothers' succeed in criminal business

Even smaller criminal groups are using smarter business tactics to help insulate themselves from prosecution and to diversify their product supply.

fbi director james comey

FBI reports more attempts to hack voter registration system

The U.S. Federal Bureau of Investigation has found more attempts to hack the voter registration systems of states, ahead of national elections.

Yahoo Corporate

The Yahoo hackers weren't state-sponsored, a security firm says

Common criminals, not state-sponsored hackers, carried out the massive 2014 data breach that exposed information about millions of Yahoo user accounts, a security firm said Wednesday.

automated indicator sharing

Advancing cybersecurity through automated indicator sharing

As the number of cybersecurity incidents increase, both the government and the private sector have worked together to introduce an info-sharing program to help address the threats.

donald trump debate

Donald Trump actually made a valid point, securing the internet is hard

During the debates on Monday evening Donald Trump said something that wasn't completely insane or laughable – securing the internet is hard work. He's not wrong, and his comment is a point that both the government and private sector...

Yahoo

Yahoo's claim of 'state-sponsored' hackers meets with skepticism

Yahoo has blamed its massive data breach on a "state-sponsored actor". But the company isn't saying why it arrived at that conclusion. Nor has it provided any evidence.

jigsaw ransomware logo

Ransomware from Stoned to pwned

When I was in the trenches as a defender I saw all manner of malicious software. The first one I ever encountered back in the late 80s was the Stoned virus. This was a simple program that was lobbying the infected computer...

Yahoo’s compromised records likely hidden within encrypted traffic, vendor says

As Derby Con was winding down, an interesting email hit Salted Hash’s inbox form Venafi. The security firm outlined a number of cryptographic issues at Yahoo. The email then claimed they’re not saying these flaws led to the massive...

servers

Some thoughts on the Krebs situation: Akamai made a painful business call

This weekend Salted Hash is at DerbyCon, and we’ll be posting a few updates from the show, but some recent events have generated buzz, and they’re worth discussing. Namely, Brian Krebs is being censored, and that sets a bad precedent...

data breach lessons

Who you gonna call when the crisis comes

There will be times in your career when you know that you will face a crisis. These will be times when things will go horribly and irretrievably wrong. The breach news from Yahoo yesterday is a perfect example. One question that...

Robert Silvers, DHS

Homeland Security issues call to action on IoT security

U.S. Department of Homeland Security’s Robert Silvers says his purpose in speaking at the Security of Things Forum in Cambridge on Thursday wasn’t to scare anyone, but then he went ahead and called on everyone in the room to...

emv chipandpin

As migration anniversary approaches, only a third of retailers accept chip cards

Retailers were supposed to start accepting chip cards last October, but a year past the start of the EMV liability shift, two-thirds still haven't done so.

traffic jam

Over 6,000 vulnerabilities went unassigned by MITRE's CVE project in 2015

In 1999, MITRE created the Common Vulnerabilities and Exposures (CVE) database as a way to standardize the naming of disclosed vulnerabilities. As it stands now, the CVE system is faced with bottlenecks and coverage gaps, as thousands...

magnifying glass stock prices

Investigating Cybersecurity Incidents — a free course

Training provider Logical Operations offers a free online course on how to collect, preserve and analyze evidence from cybersecurity incidents — and prepare for the court case.

torrent river

Hackers sell tool to spread malware through torrent files

Be careful with what you torrent. A new tool on the black market is helping hackers distribute malware through torrent files in exchange for a fee.

classroom

Education needs to study up on fighting ransomware

Of five major industries examined by BitSight - finance, retail, healthcare, energy/utilities, government and education – education is hit by ransomware at a much higher rate than the others.

james clapper

Russia has previously tried to influence US elections, says spy chief

Russia has tried to influence U.S. elections since the 1960s during the Cold War, U.S. Director of National Intelligence James R. Clapper said Tuesday.

Load More