Cyber Attacks/Espionage

Cyber Attacks/Espionage news, information, and how-to advice

Yahoo Corporate
automated indicator sharing

donald trump debate

Donald Trump actually made a valid point, securing the internet is hard

During the debates on Monday evening Donald Trump said something that wasn't completely insane or laughable – securing the internet is hard work. He's not wrong, and his comment is a point that both the government and private sector...

Yahoo

Yahoo's claim of 'state-sponsored' hackers meets with skepticism

Yahoo has blamed its massive data breach on a "state-sponsored actor". But the company isn't saying why it arrived at that conclusion. Nor has it provided any evidence.

jigsaw ransomware logo

Ransomware from Stoned to pwned

When I was in the trenches as a defender I saw all manner of malicious software. The first one I ever encountered back in the late 80s was the Stoned virus. This was a simple program that was lobbying the infected computer...

Yahoo’s compromised records likely hidden within encrypted traffic, vendor says

As Derby Con was winding down, an interesting email hit Salted Hash’s inbox form Venafi. The security firm outlined a number of cryptographic issues at Yahoo. The email then claimed they’re not saying these flaws led to the massive...

servers

Some thoughts on the Krebs situation: Akamai made a painful business call

This weekend Salted Hash is at DerbyCon, and we’ll be posting a few updates from the show, but some recent events have generated buzz, and they’re worth discussing. Namely, Brian Krebs is being censored, and that sets a bad precedent...

data breach lessons

Who you gonna call when the crisis comes

There will be times in your career when you know that you will face a crisis. These will be times when things will go horribly and irretrievably wrong. The breach news from Yahoo yesterday is a perfect example. One question that...

Robert Silvers, DHS

Homeland Security issues call to action on IoT security

U.S. Department of Homeland Security’s Robert Silvers says his purpose in speaking at the Security of Things Forum in Cambridge on Thursday wasn’t to scare anyone, but then he went ahead and called on everyone in the room to...

emv chipandpin

As migration anniversary approaches, only a third of retailers accept chip cards

Retailers were supposed to start accepting chip cards last October, but a year past the start of the EMV liability shift, two-thirds still haven't done so.

traffic jam

Over 6,000 vulnerabilities went unassigned by MITRE's CVE project in 2015

In 1999, MITRE created the Common Vulnerabilities and Exposures (CVE) database as a way to standardize the naming of disclosed vulnerabilities. As it stands now, the CVE system is faced with bottlenecks and coverage gaps, as thousands...

magnifying glass stock prices

Investigating Cybersecurity Incidents — a free course

Training provider Logical Operations offers a free online course on how to collect, preserve and analyze evidence from cybersecurity incidents — and prepare for the court case.

torrent river

Hackers sell tool to spread malware through torrent files

Be careful with what you torrent. A new tool on the black market is helping hackers distribute malware through torrent files in exchange for a fee.

classroom

Education needs to study up on fighting ransomware

Of five major industries examined by BitSight - finance, retail, healthcare, energy/utilities, government and education – education is hit by ransomware at a much higher rate than the others.

james clapper

Russia has previously tried to influence US elections, says spy chief

Russia has tried to influence U.S. elections since the 1960s during the Cold War, U.S. Director of National Intelligence James R. Clapper said Tuesday.

rio 2016 olympics logo rowing

Sour attackers publish health data on Olympic athletes

There is really no denying it. The Russians are still upset about the decision to ban their athletes from performing in the Olympics this year in Rio. The part that still causes me to scratch my head is that they cheated and they...

The Gold Rush

IoT and your digital supply chain

“Money, it's a gas. Grab that cash with both hands and make a stash”, Pink Floyd is always near and dear to my heart. No doubt the theme song to a lot of producers of devices that fall into the category of Internet of Things or...

servers

Data breaches move into syndication

Data breaches, much like death and taxes, are a fact of life these days. They are getting bigger and uglier with each passing breach. There are massive that occurring on what seems like a daily basis. I read breach reports as a...

john mmcain

McCain opposes splitting NSA and Cyber Command

Chair of Senate Armed Services Committee objects to administration's proposal to decouple spy agency from military cyber warfare unit, threatens to block NSA nominee.

kitchen sink

Attackers Launch DDoS Attacks And the Kitchen Sink 

First off, full disclosure, I work for Akamai as my day job. I don’t want any illusion on the point as I discuss the latest State of the Internet report that I was fortunate enough to be a part of creating. That being said, it...

Load More